From bdf85093f8b64d4137eb075e5b6e28d16f9dd32f Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Wed, 9 Oct 2024 16:23:16 -0500 Subject: Update Configs: Change `OAUTH2_SCOPE` => `OAUTH2_SCOPES_SUPPORTED` Use the OAUTH2_SCOPES_SUPPORTED application configuration variable, that is used by the flask integration for the Authlib library to set up the supported scopes. --- gn_auth/__init__.py | 2 +- gn_auth/auth/authorisation/users/admin/views.py | 4 ++-- gn_auth/settings.py | 8 +++++--- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/gn_auth/__init__.py b/gn_auth/__init__.py index 6e2a884..b695ebf 100644 --- a/gn_auth/__init__.py +++ b/gn_auth/__init__.py @@ -25,7 +25,7 @@ def check_mandatory_settings(app: Flask) -> None: undefined = tuple( setting for setting in ( "SECRET_KEY", "SQL_URI", "AUTH_DB", "AUTH_MIGRATIONS", - "OAUTH2_SCOPE") + "OAUTH2_SCOPES_SUPPORTED") if not ((setting in app.config) and bool(app.config[setting]))) if len(undefined) > 0: raise ConfigurationError( diff --git a/gn_auth/auth/authorisation/users/admin/views.py b/gn_auth/auth/authorisation/users/admin/views.py index fb22e5d..5ad9038 100644 --- a/gn_auth/auth/authorisation/users/admin/views.py +++ b/gn_auth/auth/authorisation/users/admin/views.py @@ -197,7 +197,7 @@ def register_client(): if request.method == "GET": return render_template( "admin/register-client.html", - scope=app.config["OAUTH2_SCOPE"], + scope=app.config["OAUTH2_SCOPES_SUPPORTED"], users=with_db_connection(__list_users__), granttypes=_FORM_GRANT_TYPES_, current_user=session.session_user()) @@ -262,7 +262,7 @@ def view_client(client_id: uuid.UUID): return render_template( "admin/view-oauth2-client.html", client=with_db_connection(partial(oauth2_client, client_id=client_id)), - scope=app.config["OAUTH2_SCOPE"], + scope=app.config["OAUTH2_SCOPES_SUPPORTED"], granttypes=_FORM_GRANT_TYPES_) diff --git a/gn_auth/settings.py b/gn_auth/settings.py index 2a78be3..d561fa9 100644 --- a/gn_auth/settings.py +++ b/gn_auth/settings.py @@ -21,9 +21,11 @@ REDIS_URI = "redis://localhost:6379/0" REDIS_JOB_QUEUE = "GN_AUTH::job-queue" # OAuth2 settings -OAUTH2_SCOPE = ( - "profile", "group", "role", "resource", "user", "masquerade", - "introspect") +OAUTH2_SCOPES_SUPPORTED = ( + # Used by Authlib's `authlib.integrations.flask_oauth2.AuthorizationServer` + # class to setup the supported scopes. + "profile", "group", "role", "resource", "register-client", "user", + "masquerade", "introspect", "migrate-data") CORS_ORIGINS = "*" CORS_HEADERS = [ -- cgit v1.2.3