Skip to content
Snippets Groups Projects
Commit edb31385 authored by Julian's avatar Julian
Browse files

Minor code cleanup

parent 7c86f004
No related branches found
No related tags found
1 merge request!2Minor code cleanup
Pipeline #7772 passed
...@@ -14,9 +14,10 @@ def create_app(test_config=None): ...@@ -14,9 +14,10 @@ def create_app(test_config=None):
else: else:
app.config.from_mapping(test_config) app.config.from_mapping(test_config)
# oauthlib enforces the OAuth2.0 requirement to use HTTPS, when this is not set # oauthlib enforces the OAuth2.0 requirement to use HTTPS, when this is not set
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' # That behaviour sucks, so disable it if app.debug:
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
@app.route("/auth") @app.route('/auth')
def auth(): def auth():
if not session.get('user_id'): if not session.get('user_id'):
abort(401) abort(401)
...@@ -33,7 +34,7 @@ def create_app(test_config=None): ...@@ -33,7 +34,7 @@ def create_app(test_config=None):
return OAuth2Session(request.headers['X-CLIENT-ID'], return OAuth2Session(request.headers['X-CLIENT-ID'],
redirect_uri=request.headers['X-REDIRECT-URI'], **kwargs) redirect_uri=request.headers['X-REDIRECT-URI'], **kwargs)
@app.route("/login") @app.route('/login')
def login(): def login():
client = get_oauth() client = get_oauth()
url, state = client.authorization_url(app.config['OAUTH2_AUTH_URL']) url, state = client.authorization_url(app.config['OAUTH2_AUTH_URL'])
...@@ -45,10 +46,10 @@ def create_app(test_config=None): ...@@ -45,10 +46,10 @@ def create_app(test_config=None):
session['url'] = request.values.get('url', '/') session['url'] = request.values.get('url', '/')
return redirect(url) return redirect(url)
@app.route("/callback") @app.route('/callback')
def callback(): def callback():
client = get_oauth(state=session.pop('state')) client = get_oauth(state=session.pop('state'))
token = client.fetch_token(app.config['OAUTH2_TOKEN_URL'], client.fetch_token(app.config['OAUTH2_TOKEN_URL'],
client_secret=request.headers['X-CLIENT-SECRET'], client_secret=request.headers['X-CLIENT-SECRET'],
authorization_response=request.url, verify=(not app.debug)) authorization_response=request.url, verify=(not app.debug))
userinfo = client.get(app.config['OAUTH2_USERINFO_URL']).json() userinfo = client.get(app.config['OAUTH2_USERINFO_URL']).json()
...@@ -60,27 +61,27 @@ def create_app(test_config=None): ...@@ -60,27 +61,27 @@ def create_app(test_config=None):
session['user_groups'] = userinfo['groups'] session['user_groups'] = userinfo['groups']
return redirect(session.pop('url')) return redirect(session.pop('url'))
@app.route("/logout") @app.route('/logout')
def logout(): def logout():
session.clear() session.clear()
resp = Response('Ok', 200) resp = Response('Ok', 200)
if request.values.get('redirect_url'): if request.values.get('redirect_url'):
resp = redirect(request.values.get('redirect_url')) resp = redirect(request.values.get('redirect_url'))
if request.values.get('clear_cookies'): if request.values.get('clear_cookies'):
for key, data in request.cookies.items(): for key, _ in request.cookies.items():
resp.delete_cookie(key) resp.delete_cookie(key)
return resp return resp
@app.route("/status") @app.route('/status')
def status(): def status():
resp = Response('''Proxy Configuration Status resp = Response(f'''Proxy Configuration Status
For this proxy service to work properly, the OAuth client crendentials must For this proxy service to work properly, the OAuth client crendentials must
be injected in by the webserver as HTTP-headers: be injected in by the webserver as HTTP-headers:
X-CLIENT-ID: %s X-CLIENT-ID: {request.headers.get('X-CLIENT-ID', '(unset)')}
X-CLIENT-SECRET: %s X-CLIENT-SECRET: {'(set)' if request.headers.get('X-CLIENT-SECRET') else '(unset)'}
X-REDIRECT-URI: %s X-REDIRECT-URI: {request.headers.get('X-REDIRECT-URI', '(unset)')}
If you accessed this ressource with the URL If you accessed this ressource with the URL
...@@ -92,9 +93,7 @@ then the redirect URI must be set to: ...@@ -92,9 +93,7 @@ then the redirect URI must be set to:
This exact redirect URI must also be registered with the OAuth server as This exact redirect URI must also be registered with the OAuth server as
a valid redirect_uri for the client_id. a valid redirect_uri for the client_id.
'''%(request.headers.get('X-CLIENT-ID', '(unset)'), ''')
'(set)' if request.headers.get('X-CLIENT-SECRET') else '(unset)',
request.headers.get('X-REDIRECT-URI', '(unset)')))
resp.mimetype = 'text/plain; charset=utf-8' resp.mimetype = 'text/plain; charset=utf-8'
return resp return resp
......
[pytest]
filterwarnings =
# DeprecationWarning from dependencies that we use
ignore:Using or importing the ABCs from 'collections' instead of from 'collections.abc' is deprecated since Python 3.3, and in 3.10 it will stop working:DeprecationWarning
ignore:Please switch to the public method populate_token_attributes.:DeprecationWarning
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment