Module `control.authoidc`

Expand source code Browse git

from flask_oidc import OpenIDConnect
import json


def _json_loads(content):
    """Handles loading of json content as unicode strings.
    """
    if not isinstance(content, str):
        content = content.decode('utf-8')
    return json.loads(content)


class AuthOidc:
    """Invoke the OIDC authentication.

    Here the Pure3D app is configured to work with the CLARIAH authentication provider.

    For that we use the Python module
    [flask-oidc](https://github.com/puiterwijk/flask-oidc).
    """
    OIDC_CLIENT_SECRETS = "/app/secret/client_secrets.json"

    @classmethod
    def load_secrets(cls):
        """Reads secrets used in encryption and decryption.
        """
        return _json_loads(open(cls.OIDC_CLIENT_SECRETS, 'r').read())

    @classmethod
    def prepare(cls, app):
        """Injects the OIDC module into the main app.
        """
        authconf = {
            # 'SECRET_KEY': app.secret_key,
            'TESTING': True,
            'DEBUG': True,
            'OIDC_CLIENT_SECRETS': cls.OIDC_CLIENT_SECRETS,
            # 'OIDC_USER_INFO_ENABLED': True,
            'OIDC_ID_TOKEN_COOKIE_SECURE': False,
            # 'OIDC_REQUIRE_VERIFIED_EMAIL': False,
            # 'OIDC_OPENID_REALM': 'auth realm',
            # 'OVERWRITE_REDIRECT_URI': OpenIDConnect.client_secrets.get("redirect_uris"),
        }
        secrets = cls.load_secrets()
        client_secrets = list(secrets.values())[0]

        # check and set custom redirect
        custom_redirect = client_secrets.get("custom_redirect", None)
        if custom_redirect:
            authconf["OVERWRITE_REDIRECT_URI"] = custom_redirect

        # check and set custom scopes
        custom_scopes = client_secrets.get("custom_scopes", None)
        if custom_scopes:
            authconf["OIDC_SCOPES"] = custom_scopes

        app.config.update(authconf)

        return OpenIDConnect(app)

Classes

class AuthOidc

Invoke the OIDC authentication.

Here the Pure3D app is configured to work with the CLARIAH authentication provider.

For that we use the Python module flask-oidc.

Expand source code Browse git

class AuthOidc:
    """Invoke the OIDC authentication.

    Here the Pure3D app is configured to work with the CLARIAH authentication provider.

    For that we use the Python module
    [flask-oidc](https://github.com/puiterwijk/flask-oidc).
    """
    OIDC_CLIENT_SECRETS = "/app/secret/client_secrets.json"

    @classmethod
    def load_secrets(cls):
        """Reads secrets used in encryption and decryption.
        """
        return _json_loads(open(cls.OIDC_CLIENT_SECRETS, 'r').read())

    @classmethod
    def prepare(cls, app):
        """Injects the OIDC module into the main app.
        """
        authconf = {
            # 'SECRET_KEY': app.secret_key,
            'TESTING': True,
            'DEBUG': True,
            'OIDC_CLIENT_SECRETS': cls.OIDC_CLIENT_SECRETS,
            # 'OIDC_USER_INFO_ENABLED': True,
            'OIDC_ID_TOKEN_COOKIE_SECURE': False,
            # 'OIDC_REQUIRE_VERIFIED_EMAIL': False,
            # 'OIDC_OPENID_REALM': 'auth realm',
            # 'OVERWRITE_REDIRECT_URI': OpenIDConnect.client_secrets.get("redirect_uris"),
        }
        secrets = cls.load_secrets()
        client_secrets = list(secrets.values())[0]

        # check and set custom redirect
        custom_redirect = client_secrets.get("custom_redirect", None)
        if custom_redirect:
            authconf["OVERWRITE_REDIRECT_URI"] = custom_redirect

        # check and set custom scopes
        custom_scopes = client_secrets.get("custom_scopes", None)
        if custom_scopes:
            authconf["OIDC_SCOPES"] = custom_scopes

        app.config.update(authconf)

        return OpenIDConnect(app)

Class variables

var OIDC_CLIENT_SECRETS

Static methods

def load_secrets()

Reads secrets used in encryption and decryption.

Expand source code Browse git

@classmethod
def load_secrets(cls):
    """Reads secrets used in encryption and decryption.
    """
    return _json_loads(open(cls.OIDC_CLIENT_SECRETS, 'r').read())

def prepare(app)

Injects the OIDC module into the main app.

Expand source code Browse git

@classmethod
def prepare(cls, app):
    """Injects the OIDC module into the main app.
    """
    authconf = {
        # 'SECRET_KEY': app.secret_key,
        'TESTING': True,
        'DEBUG': True,
        'OIDC_CLIENT_SECRETS': cls.OIDC_CLIENT_SECRETS,
        # 'OIDC_USER_INFO_ENABLED': True,
        'OIDC_ID_TOKEN_COOKIE_SECURE': False,
        # 'OIDC_REQUIRE_VERIFIED_EMAIL': False,
        # 'OIDC_OPENID_REALM': 'auth realm',
        # 'OVERWRITE_REDIRECT_URI': OpenIDConnect.client_secrets.get("redirect_uris"),
    }
    secrets = cls.load_secrets()
    client_secrets = list(secrets.values())[0]

    # check and set custom redirect
    custom_redirect = client_secrets.get("custom_redirect", None)
    if custom_redirect:
        authconf["OVERWRITE_REDIRECT_URI"] = custom_redirect

    # check and set custom scopes
    custom_scopes = client_secrets.get("custom_scopes", None)
    if custom_scopes:
        authconf["OIDC_SCOPES"] = custom_scopes

    app.config.update(authconf)

    return OpenIDConnect(app)