Commit c73eef44 authored by janis.streib's avatar janis.streib 🦉
Browse files

WIP: oic

parent 47f22f8f
Pipeline #93597 passed with stages
in 7 minutes and 15 seconds
......@@ -4,34 +4,6 @@ from net_suite import db
from net_suite.views import get_db_conn
from net_suite.model import *
@login_db.route('/login', methods=['GET', 'POST'])
def login():
s = request.environ['beaker.session']
if 'login' not in s:
error = False
if request.method == 'POST':
username = request.form['username'].strip()
password = request.form['password']
if ldap_con.login(username=username, password=password):
user = DBMgr.get_by_login_name(db, get_db_conn(), username)
if user is not None:
s['login'] = user
s['plan'] = Transaction()
s.save()
return redirect('/') if 'next' not in request.args else redirect(request.args['next'])
else:
s['login'] = ldap_con.get_simple_kit_user(username=username)
s['plan'] = Transaction()
s.save()
else:
flash('Benutzername/Passwort fehlerhaft.', 'danger')
error = True
if error or 'login' not in s:
return render_template('login.html', title='Netzdienste-Portal des SCC am KIT')
return redirect('/') if 'next' not in request.args else redirect(request.args['next'])
@login_db.route('/api/login', methods=['GET', 'POST'])
def api_login():
s = request.environ['beaker.session']
......@@ -43,13 +15,11 @@ def api_login():
user = DBMgr.get_by_login_name(db, get_db_conn(), username)
if user is not None:
s['login'] = user
s['plan'] = Transaction()
s.save()
return jsonify({'login': user, 'token': user.create_session_token(db, get_db_conn(), False)})
else:
user = ldap_con.get_simple_kit_user(username=username)
s['login'] = user
s['plan'] = Transaction()
s.save()
return jsonify({'login': user})
else:
......
from flask import Blueprint
login_url = 'login_oic.login'
login_oic = Blueprint('login_oic', __name__)
from oic.oic import Client
from oic import rndstr
from oic.utils.authn.client import CLIENT_AUTHN_METHOD
state = rndstr()
nonce = rndstr()
client = Client(client_authn_method=CLIENT_AUTHN_METHOD)
provider_info = client.provider_config('https://oidc.scc.kit.edu/auth/realms/kit/')
registration_response = client.register(
provider_info["registration_endpoint"])
args = {
"client_id": client.client_id,
"response_type": "code",
"scope": ["openid"],
"nonce": nonce,
"redirect_uri": client.registration_response["redirect_uris"][0],
"state": state
}
print(registration_response)
auth_req = client.construct_AuthorizationRequest(request_args=args)
login_url = auth_req.request(client.authorization_endpoint)
from . import views
from flask import render_template, request, redirect, abort, flash, jsonify
from net_suite import db
from net_suite.views import get_db_conn
from net_suite.model import *
from . import login_oic
@login_oic.route('/api/login', methods=['GET', 'POST'])
def api_login():
s = request.environ['beaker.session']
if 'login' not in s:
if request.method == 'POST':
username = request.json['username'].strip()
password = request.json['password']
if ldap_con.login(username=username, password=password):
user = DBMgr.get_by_login_name(db, get_db_conn(), username)
if user is not None:
s['login'] = user
s['plan'] = Transaction()
s.save()
return jsonify({'login': user})
else:
user = ldap_con.get_simple_kit_user(username=username)
s['login'] = user
s['plan'] = Transaction()
s.save()
return jsonify({'login': user})
else:
return jsonify({'login': None})
return jsonify({'login': s['login']})
appdirs>=1.4.3
Beaker>=1.9.0
certifi>=2018.1.18
appdirs>=1.4.4
Babel>=2.8.0
Beaker>=1.11.0
Brotli>=1.0.7
certifi>=2020.4.5.2
cffi>=1.14.0
chardet>=3.0.4
click>=6.7
dnspython>=1.15.0
Flask>=0.12.2
Flask-Breadcrumbs>=0.4.0
Flask-Compress>=1.4.0
Flask-Menu>=0.7.0
Flask-WTF>=0.14.2
idna>=2.6
itsdangerous>=0.24
Jinja2>=2.10
MarkupSafe>=1.0
packaging>=16.8
psycopg2-binary>=2.7.4
click>=7.1.2
cryptography>=2.9.2
defusedxml>=0.6.0
dnspython>=1.16.0
Flask>=1.1.2
Flask-Breadcrumbs>=0.5.1
Flask-Compress>=1.5.0
Flask-Menu>=0.7.1
Flask-WTF>=0.14.3
future>=0.18.2
httplib2>=0.18.1
idna>=2.9
itsdangerous>=1.1.0
Jinja2>=2.11.2
Mako>=1.1.3
MarkupSafe>=1.1.1
oauth2client>=4.1.3
oic>=1.2.0
packaging>=20.4
psycopg2-binary>=2.8.5
py-postgresql>=1.2.1
pyasn1>=0.4.2
pyldap>=2.4.45
pyparsing>=2.2.0
-e git+ssh://git@git.scc.kit.edu:scc-net/net-suite/python3.x-packages.git@master#egg=python3.x_packages.pgsql
requests>=2.18.4
six>=1.11.0
urllib3>=1.22
Werkzeug>=0.14.1
WTForms>=2.1
Babel>=2.5.3
pytz>=2018.3
pyasn1>=0.4.8
pyasn1-modules>=0.2.8
pycparser>=2.20
pycryptodomex>=3.9.7
pyjwkest>=1.4.2
pyldap>=3.0.0.post1
pyparsing>=2.4.7
python-ldap>=3.2.0
-e git+ssh://git@git.scc.kit.edu/scc-net/net-suite/python3.x-packages.git@master#egg=python3.x_packages.pgsql
pytz>=2020.1
requests>=2.23.0
rsa>=4.1
six>=1.15.0
typing-extensions>=3.7.4.2
urllib3>=1.25.9
Werkzeug>=1.0.1
WTForms>=2.3.1
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment