diff options
Diffstat (limited to 'uploader/oauth2')
| -rw-r--r-- | uploader/oauth2/client.py | 20 | ||||
| -rw-r--r-- | uploader/oauth2/views.py | 16 |
2 files changed, 21 insertions, 15 deletions
diff --git a/uploader/oauth2/client.py b/uploader/oauth2/client.py index b94a044..e37816d 100644 --- a/uploader/oauth2/client.py +++ b/uploader/oauth2/client.py @@ -4,7 +4,7 @@ import time import uuid import random from datetime import datetime, timedelta -from urllib.parse import urljoin, urlparse +from urllib.parse import urljoin, urlparse, urlencode import requests from flask import request, current_app as app @@ -18,6 +18,7 @@ from authlib.integrations.requests_client import OAuth2Session from uploader import session import uploader.monadic_requests as mrequests +from uploader.flask_extensions import fetch_flags SCOPE = ("profile group role resource register-client user masquerade " "introspect migrate-data") @@ -157,7 +158,10 @@ def fetch_user_details() -> Either: "user_id": uuid.UUID(usrdets["user_id"]), "name": usrdets["name"], "email": usrdets["email"], - "token": session.user_token()})) + "token": session.user_token(), + "logged_in": session.user_token().either( + lambda _e: False, lambda _t: True) + })) return udets return Right(suser) @@ -173,11 +177,13 @@ def authserver_authorise_uri(): """Build up the authorisation URI.""" req_baseurl = urlparse(request.base_url, scheme=request.scheme) host_uri = f"{req_baseurl.scheme}://{req_baseurl.netloc}/" - return urljoin( - authserver_uri(), - "auth/authorise?response_type=code" - f"&client_id={oauth2_clientid()}" - f"&redirect_uri={urljoin(host_uri, 'oauth2/code')}") + args = { + "response_type": "code", + "client_id": oauth2_clientid(), + "redirect_uri": ( + f"{urljoin(host_uri, 'oauth2/code')}?{urlencode(fetch_flags())}") + } + return f"{urljoin(authserver_uri(), 'auth/authorise')}?{urlencode(args)}" def __no_token__(_err) -> Left: diff --git a/uploader/oauth2/views.py b/uploader/oauth2/views.py index 1ee4257..b1b740f 100644 --- a/uploader/oauth2/views.py +++ b/uploader/oauth2/views.py @@ -4,13 +4,13 @@ from urllib.parse import urljoin, urlparse, urlunparse from flask import ( flash, jsonify, - url_for, request, redirect, Blueprint, current_app as app) from uploader import session +from uploader.flask_extensions import url_for from uploader import monadic_requests as mrequests from uploader.monadic_requests import make_error_handler @@ -33,16 +33,16 @@ def authorisation_code(): app.logger.debug("ERROR: (%s)", error_response.content) flash("There was an error retrieving the authorisation token.", "alert alert-danger") - return redirect("/") + return redirect(url_for("base.index")) def __fail_set_user_details__(_failure): app.logger.debug("Fetching user details fails: %s", _failure) flash("Could not retrieve the user details", "alert alert-danger") - return redirect("/") + return redirect(url_for("base.index")) def __success_set_user_details__(_success): app.logger.debug("Session info: %s", _success) - return redirect("/") + return redirect(url_for("base.index")) def __success__(token): session.set_user_token(token) @@ -53,7 +53,7 @@ def authorisation_code(): code = request.args.get("code", "").strip() if not bool(code): flash("AuthorisationError: No code was provided.", "alert alert-danger") - return redirect("/") + return redirect(url_for("base.index")) baseurl = urlparse(request.base_url, scheme=request.scheme) return request_token( @@ -87,7 +87,7 @@ def logout(): _user_str = f"{_user['name']} ({_user['email']})" session.clear_session_info() flash("Successfully signed out.", "alert alert-success") - return redirect("/") + return redirect(url_for("base.index")) if user_logged_in(): return session.user_token().then( @@ -100,9 +100,9 @@ def logout(): "client_secret": oauth2_clientsecret() })).either( make_error_handler( - redirect_to=redirect("/"), + redirect_to=redirect(url_for("base.index")), cleanup_thunk=lambda: __unset_session__( session.session_info())), lambda res: __unset_session__(session.session_info())) flash("There is no user that is currently logged in.", "alert alert-info") - return redirect("/") + return redirect(url_for("base.index")) |