added user and group API and models

auth/oidc.py

@@ -4,7 +4,7 @@ OIDC login auth module
 """
 
 import flask
-from flask import jsonify
+from flask import jsonify, redirect, url_for
 from flask_login import login_user
 from flask_pyoidc.flask_pyoidc import OIDCAuthentication
 from flask_pyoidc.user_session import UserSession
@@ -15,17 +15,28 @@ from . import auth_bp
 from .oidc_config import PROVIDER_NAME, OIDC_PROVIDERS
 
 
+OIDCAuthentication.oidc_auth_orig = OIDCAuthentication.oidc_auth
+OIDCAuthentication.oidc_logout_orig = OIDCAuthentication.oidc_logout
+
+
 def oidc_auth_default_provider(self):
+    """monkey patch oidc_auth"""
     return self.oidc_auth_orig(PROVIDER_NAME)
 
 
-OIDCAuthentication.oidc_auth_orig = OIDCAuthentication.oidc_auth
+def oidc_logout_default_provider(self):
+    """monkey patch oidc_logout"""
+    return self.oidc_logout_orig(PROVIDER_NAME)
+
+
 OIDCAuthentication.oidc_auth = oidc_auth_default_provider
+OIDCAuthentication.oidc_logout = oidc_logout_default_provider
 
 oidc_auth = OIDCAuthentication(OIDC_PROVIDERS)
 
 
 def create_or_retrieve_user_from_userinfo(userinfo):
+    """Updates and returns ar creates a user from userinfo (part of OIDC token)."""
     try:
         email = userinfo["email"]
     except KeyError:
@@ -34,6 +45,7 @@ def create_or_retrieve_user_from_userinfo(userinfo):
 
     if user is not None:
         app.logger.info("user found")
+        #TODO: update user!
         return user
 
     user = User(email=email, first_name=userinfo.get("given_name", ""),
@@ -57,3 +69,9 @@ def oidc():
     return jsonify(id_token=user_session.id_token,
                    access_token=flask.session['access_token'],
                    userinfo=user_session.userinfo)
+
+
+@auth_bp.route('/oidc_logout', methods=['GET'])
+def oidc_logout():
+    oidc_auth.oidc_logout()
+    return redirect('/')