From 9d9c58d268e91001e43d6df08ee26294c357a6fb Mon Sep 17 00:00:00 2001 From: Tobias Kurze Date: Tue, 19 Mar 2019 15:29:26 +0100 Subject: [PATCH] added OpenID Connect support --- Pipfile | 2 + Pipfile.lock | 240 +++++++++++++++++++++++++++++++++++++++++--- __init__.py | 3 + auth/__init__.py | 6 ++ auth/oidc.py | 11 ++ auth/oidc_config.py | 14 +++ config.py | 7 ++ serve_frontend.py | 22 +++- 8 files changed, 289 insertions(+), 16 deletions(-) create mode 100644 auth/__init__.py create mode 100644 auth/oidc.py create mode 100644 auth/oidc_config.py diff --git a/Pipfile b/Pipfile index e5b0477..0a88eac 100644 --- a/Pipfile +++ b/Pipfile @@ -17,6 +17,8 @@ flask-script = "*" flask-migrate = "*" coverage = "*" flask-testing = "*" +flask-pyoidc = "*" +python-jose = "*" [dev-packages] diff --git a/Pipfile.lock b/Pipfile.lock index 14f4f50..1a8bde7 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "0b9391c6a599a7c46d16add8cf1f4d8b1f28f6bc4a8c2c4df244cb101f65d368" + "sha256": "e688fa75b0dde0fed147314666df07f60d9a4abf5fb8646ce3f2b85adf744a36" }, "pipfile-spec": 6, "requires": { @@ -16,6 +16,13 @@ ] }, "default": { + "alabaster": { + "hashes": [ + "sha256:446438bdcca0e05bd45ea2de1668c1d9b032e1a9154c2c259092d77031ddd359", + "sha256:a661d72d58e6ea8a57f7a86e37d86716863ee5e92788398526d58b26a4e4dc02" + ], + "version": "==0.7.12" + }, "alembic": { "hashes": [ "sha256:505d41e01dc0c9e6d85c116d0d35dbb0a833dcb490bf483b75abeb06648864e8" @@ -31,10 +38,17 @@ }, "apispec": { "hashes": [ - "sha256:57a7b81fd19fff0663a7e5ffd196eaea79b5364151ed2b65533be36d55e0229c", - "sha256:b45def53903516e67e8584ee41f34bc60c3e4acace6892b69340293ea20f3caa" + "sha256:9300142aa93e0c020e6b223a196cd2103ac4a61bcceea7dba894c0959b72e327", + "sha256:bcfe21887ba7c6e94c4be00f10564478a0d9109bb8e574aae97442909fd69b31" ], - "version": "==1.0.0" + "version": "==1.1.0" + }, + "asn1crypto": { + "hashes": [ + "sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87", + "sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49" + ], + "version": "==0.24.0" }, "attrs": { "hashes": [ @@ -43,6 +57,59 @@ ], "version": "==19.1.0" }, + "beaker": { + "hashes": [ + "sha256:8eb05d9f7362dc5840b188ac7fff6146b41dceb000deab58a07e9c8da893ed9b" + ], + "version": "==1.10.1" + }, + "certifi": { + "hashes": [ + "sha256:59b7658e26ca9c7339e00f8f4636cdfe59d34fa37b9b04f6f9e9926b3cece1a5", + "sha256:b26104d6835d1f5e49452a26eb2ff87fe7090b89dfcaee5ea2212697e1e1d7ae" + ], + "version": "==2019.3.9" + }, + "cffi": { + "hashes": [ + "sha256:00b97afa72c233495560a0793cdc86c2571721b4271c0667addc83c417f3d90f", + "sha256:0ba1b0c90f2124459f6966a10c03794082a2f3985cd699d7d63c4a8dae113e11", + "sha256:0bffb69da295a4fc3349f2ec7cbe16b8ba057b0a593a92cbe8396e535244ee9d", + "sha256:21469a2b1082088d11ccd79dd84157ba42d940064abbfa59cf5f024c19cf4891", + "sha256:2e4812f7fa984bf1ab253a40f1f4391b604f7fc424a3e21f7de542a7f8f7aedf", + "sha256:2eac2cdd07b9049dd4e68449b90d3ef1adc7c759463af5beb53a84f1db62e36c", + "sha256:2f9089979d7456c74d21303c7851f158833d48fb265876923edcb2d0194104ed", + "sha256:3dd13feff00bddb0bd2d650cdb7338f815c1789a91a6f68fdc00e5c5ed40329b", + "sha256:4065c32b52f4b142f417af6f33a5024edc1336aa845b9d5a8d86071f6fcaac5a", + "sha256:51a4ba1256e9003a3acf508e3b4f4661bebd015b8180cc31849da222426ef585", + "sha256:59888faac06403767c0cf8cfb3f4a777b2939b1fbd9f729299b5384f097f05ea", + "sha256:59c87886640574d8b14910840327f5cd15954e26ed0bbd4e7cef95fa5aef218f", + "sha256:610fc7d6db6c56a244c2701575f6851461753c60f73f2de89c79bbf1cc807f33", + "sha256:70aeadeecb281ea901bf4230c6222af0248c41044d6f57401a614ea59d96d145", + "sha256:71e1296d5e66c59cd2c0f2d72dc476d42afe02aeddc833d8e05630a0551dad7a", + "sha256:8fc7a49b440ea752cfdf1d51a586fd08d395ff7a5d555dc69e84b1939f7ddee3", + "sha256:9b5c2afd2d6e3771d516045a6cfa11a8da9a60e3d128746a7fe9ab36dfe7221f", + "sha256:9c759051ebcb244d9d55ee791259ddd158188d15adee3c152502d3b69005e6bd", + "sha256:b4d1011fec5ec12aa7cc10c05a2f2f12dfa0adfe958e56ae38dc140614035804", + "sha256:b4f1d6332339ecc61275bebd1f7b674098a66fea11a00c84d1c58851e618dc0d", + "sha256:c030cda3dc8e62b814831faa4eb93dd9a46498af8cd1d5c178c2de856972fd92", + "sha256:c2e1f2012e56d61390c0e668c20c4fb0ae667c44d6f6a2eeea5d7148dcd3df9f", + "sha256:c37c77d6562074452120fc6c02ad86ec928f5710fbc435a181d69334b4de1d84", + "sha256:c8149780c60f8fd02752d0429246088c6c04e234b895c4a42e1ea9b4de8d27fb", + "sha256:cbeeef1dc3c4299bd746b774f019de9e4672f7cc666c777cd5b409f0b746dac7", + "sha256:e113878a446c6228669144ae8a56e268c91b7f1fafae927adc4879d9849e0ea7", + "sha256:e21162bf941b85c0cda08224dade5def9360f53b09f9f259adb85fc7dd0e7b35", + "sha256:fb6934ef4744becbda3143d30c6604718871495a5e36c408431bf33d9c146889" + ], + "version": "==1.12.2" + }, + "chardet": { + "hashes": [ + "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", + "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" + ], + "version": "==3.0.4" + }, "click": { "hashes": [ "sha256:2335065e6395b9e67ca716de5f7526736bfa6ceead690adf616d925bdc622b13", @@ -87,12 +154,43 @@ "index": "pypi", "version": "==4.5.3" }, + "cryptography": { + "hashes": [ + "sha256:066f815f1fe46020877c5983a7e747ae140f517f1b09030ec098503575265ce1", + "sha256:210210d9df0afba9e000636e97810117dc55b7157c903a55716bb73e3ae07705", + "sha256:26c821cbeb683facb966045e2064303029d572a87ee69ca5a1bf54bf55f93ca6", + "sha256:2afb83308dc5c5255149ff7d3fb9964f7c9ee3d59b603ec18ccf5b0a8852e2b1", + "sha256:2db34e5c45988f36f7a08a7ab2b69638994a8923853dec2d4af121f689c66dc8", + "sha256:409c4653e0f719fa78febcb71ac417076ae5e20160aec7270c91d009837b9151", + "sha256:45a4f4cf4f4e6a55c8128f8b76b4c057027b27d4c67e3fe157fa02f27e37830d", + "sha256:48eab46ef38faf1031e58dfcc9c3e71756a1108f4c9c966150b605d4a1a7f659", + "sha256:6b9e0ae298ab20d371fc26e2129fd683cfc0cfde4d157c6341722de645146537", + "sha256:6c4778afe50f413707f604828c1ad1ff81fadf6c110cb669579dea7e2e98a75e", + "sha256:8c33fb99025d353c9520141f8bc989c2134a1f76bac6369cea060812f5b5c2bb", + "sha256:9873a1760a274b620a135054b756f9f218fa61ca030e42df31b409f0fb738b6c", + "sha256:9b069768c627f3f5623b1cbd3248c5e7e92aec62f4c98827059eed7053138cc9", + "sha256:9e4ce27a507e4886efbd3c32d120db5089b906979a4debf1d5939ec01b9dd6c5", + "sha256:acb424eaca214cb08735f1a744eceb97d014de6530c1ea23beb86d9c6f13c2ad", + "sha256:c8181c7d77388fe26ab8418bb088b1a1ef5fde058c6926790c8a0a3d94075a4a", + "sha256:d4afbb0840f489b60f5a580a41a1b9c3622e08ecb5eec8614d4fb4cd914c4460", + "sha256:d9ed28030797c00f4bc43c86bf819266c76a5ea61d006cd4078a93ebf7da6bfd", + "sha256:e603aa7bb52e4e8ed4119a58a03b60323918467ef209e6ff9db3ac382e5cf2c6" + ], + "version": "==2.6.1" + }, "decorator": { "hashes": [ - "sha256:33cd704aea07b4c28b3eb2c97d288a06918275dac0ecebdaf1bc8a48d98adb9e", - "sha256:cabb249f4710888a2fc0e13e9a16c343d932033718ff62e1e9bc93a9d3a9122b" + "sha256:86156361c50488b84a3f148056ea716ca587df2f0de1d34750d35c21312725de", + "sha256:f069f3a01830ca754ba5258fde2278454a0b5b79e0d7f5c13b3b97e57d4acff6" ], - "version": "==4.3.2" + "version": "==4.4.0" + }, + "ecdsa": { + "hashes": [ + "sha256:40d002cf360d0e035cf2cb985e1308d41aaa087cbfc135b2dc2d844296ea546c", + "sha256:64cf1ee26d1cde3c73c6d7d107f835fed7c6a2904aef9eac223d57ad800c43fa" + ], + "version": "==0.13" }, "flask": { "hashes": [ @@ -132,6 +230,13 @@ "index": "pypi", "version": "==2.4.0" }, + "flask-pyoidc": { + "hashes": [ + "sha256:6a8fac4459ae5c65f710ec77877391d55b338068405b89f1f4a4394770ef1114" + ], + "index": "pypi", + "version": "==2.0.0" + }, "flask-restplus": { "hashes": [ "sha256:3fad697e1d91dfc13c078abcb86003f438a751c5a4ff41b84c9050199d2eab62", @@ -168,6 +273,19 @@ "index": "pypi", "version": "==0.7.1" }, + "future": { + "hashes": [ + "sha256:67045236dcfd6816dc439556d009594abf643e5eb48992e36beac09c2ca659b8" + ], + "version": "==0.17.1" + }, + "idna": { + "hashes": [ + "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", + "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + ], + "version": "==2.8" + }, "itsdangerous": { "hashes": [ "sha256:321b033d07f2a4136d3ec762eac9f16a10ccd60f53c0c91af90217ace7ba1f19", @@ -230,10 +348,16 @@ }, "marshmallow": { "hashes": [ - "sha256:f2668d41a817aaaf6106d9922479bd1a97cae240dfac0eb7e320e0c29148a084", - "sha256:f8e51314623247b5c444e460b2bbb04aee102ca1ce7fb27bb16e3107cb81dfe9" + "sha256:01412e979b45c003aeb3632718780b15b01566ae0182cc9232434b30f6b85e1b", + "sha256:8a1a2e13c6a621f4970faf21e5d9b146e451e779d0f334a96eae4fcdef53455f" ], - "version": "==2.19.0" + "version": "==2.19.1" + }, + "oic": { + "hashes": [ + "sha256:34da42f4f9b4a36a02b28d72a42a3197a91e7efc5356c1c41d7f1a0bdf3ad1d2" + ], + "version": "==0.12" }, "passlib": { "hashes": [ @@ -250,6 +374,58 @@ ], "version": "==5.1.3" }, + "pyasn1": { + "hashes": [ + "sha256:da2420fe13a9452d8ae97a0e478adde1dee153b11ba832a95b223a2ba01c10f7", + "sha256:da6b43a8c9ae93bc80e2739efb38cc776ba74a886e3e9318d65fe81a8b8a2c6e" + ], + "version": "==0.4.5" + }, + "pycparser": { + "hashes": [ + "sha256:a988718abfad80b6b157acce7bf130a30876d27603738ac39f140993246b25b3" + ], + "version": "==2.19" + }, + "pycryptodomex": { + "hashes": [ + "sha256:0bda549e20db1eb8e29fb365d10acf84b224d813b1131c828fc830b2ce313dcd", + "sha256:1210c0818e5334237b16d99b5785aa0cee815d9997ee258bd5e2936af8e8aa50", + "sha256:2090dc8cd7843eae75bd504b9be86792baa171fc5a758ea3f60188ab67ca95cf", + "sha256:22e6784b65dfdd357bf9a8a842db445192b227103e2c3137a28c489c46742135", + "sha256:2edb8c3965a77e3092b5c5c1233ffd32de083f335202013f52d662404191ac79", + "sha256:310fe269ac870135ff610d272e88dcb594ee58f40ac237a688d7c972cbca43e8", + "sha256:456136b7d459f000794a67b23558351c72e21f0c2d4fcaa09fc99dae7844b0ef", + "sha256:463e49a9c5f1fa7bd36aff8debae0b5c487868c1fb66704529f2ad7e92f0cc9f", + "sha256:4a33b2828799ef8be789a462e6645ea6fe2c42b0df03e6763ccbfd1789c453e6", + "sha256:5ff02dff1b03929e6339226b318aa59bd0b5c362f96e3e0eb7f3401d30594ed3", + "sha256:6b1db8234b8ee2b30435d9e991389c2eeae4d45e09e471ffe757ba1dfae682bb", + "sha256:6eb67ee02de143cd19e36a52bd3869a9dc53e9184cd6bed5c39ff71dee2f6a45", + "sha256:6f42eea5afc7eee29494fdfddc6bb7173953d4197d9200e4f67096c2a24bc21b", + "sha256:87bc8082e2de2247df7d0b161234f8edb1384294362cc0c8db9324463097578b", + "sha256:8df93d34bc0e3a28a27652070164683a07d8a50c628119d6e0f7710f4d01b42f", + "sha256:989952c39e8fef1c959f0a0f85656e29c41c01162e33a3f5fd8ce71e47262ae9", + "sha256:a4a203077e2f312ec8677dde80a5c4e6fe5a82a46173a8edc8da668602a3e073", + "sha256:a793c1242dffd39f585ae356344e8935d30f01f6be7d4c62ffc87af376a2f5f9", + "sha256:b70fe991564e178af02ccf89435a8f9e8d052707a7c4b95bf6027cb785da3175", + "sha256:b83594196e3661cb78c97b80a62fbfbba2add459dfd532b58e7a7c62dd06aab4", + "sha256:ba27725237d0a3ea66ec2b6b387259471840908836711a3b215160808dffed0f", + "sha256:d1ab8ad1113cdc553ca50c4d5f0142198c317497364c0c70443d69f7ad1c9288", + "sha256:dce039a8a8a318d7af83cae3fd08d58cefd2120075dfac0ae14d706974040f63", + "sha256:e3213037ea33c85ab705579268cbc8a4433357e9fb99ec7ce9fdcc4d4eec1d50", + "sha256:ec8d8023d31ef72026d46e9fb301ff8759eff5336bcf3d1510836375f53f96a9", + "sha256:ece65730d50aa57a1330d86d81582a2d1587b2ca51cb34f586da8551ddc68fee", + "sha256:ed21fc515e224727793e4cc3fb3d00f33f59e3a167d3ad6ac1475ab3b05c2f9e", + "sha256:eec1132d878153d61a05424f35f089f951bd6095a4f6c60bdd2ef8919d44425e" + ], + "version": "==3.7.3" + }, + "pyjwkest": { + "hashes": [ + "sha256:128e3c81d02993ac4cd7e29ef7aac767d91daa59380e6883ae589092945e4aad" + ], + "version": "==1.4.0" + }, "pyjwt": { "hashes": [ "sha256:5c6eca3c2940464d106b99ba83b00c6add741c9becaec087fb7ccdefea71350e", @@ -258,6 +434,13 @@ "index": "pypi", "version": "==1.7.1" }, + "pyopenssl": { + "hashes": [ + "sha256:aeca66338f6de19d1aa46ed634c3b9ae519a64b458f8468aec688e7e3c20f200", + "sha256:c727930ad54b10fc157015014b666f2d8b41f70c0d03e83ab67624fd3dd5d1e6" + ], + "version": "==19.0.0" + }, "pyrsistent": { "hashes": [ "sha256:3ca82748918eb65e2d89f222b702277099aca77e34843c5eb9d52451173970e2" @@ -279,6 +462,14 @@ ], "version": "==1.0.4" }, + "python-jose": { + "hashes": [ + "sha256:29701d998fe560e52f17246c3213a882a4a39da7e42c7015bcc1f7823ceaff1c", + "sha256:ed7387f0f9af2ea0ddc441d83a6eb47a5909bd0c8a72ac3250e75afec2cc1371" + ], + "index": "pypi", + "version": "==3.0.1" + }, "pytz": { "hashes": [ "sha256:32b0891edff07e28efe91284ed9c31e123d84bea3fd98e1f72be2508f43ef8d9", @@ -286,6 +477,20 @@ ], "version": "==2018.9" }, + "requests": { + "hashes": [ + "sha256:502a824f31acdacb3a35b6690b5fbf0bc41d63a24a45c4004352b0242707598e", + "sha256:7bf2a778576d825600030a110f3c0e3e8edc51dfaafe1c146e39a2027784957b" + ], + "version": "==2.21.0" + }, + "rsa": { + "hashes": [ + "sha256:14ba45700ff1ec9eeb206a2ce76b32814958a98e372006c8fb76ba820211be66", + "sha256:1a836406405730121ae9823e19c6e806c62bbad73f890574fff50efa4122c487" + ], + "version": "==4.0" + }, "six": { "hashes": [ "sha256:3350809f0555b11f552448330d0b52d5f24c91a322ea4a15ef22629740f3761c", @@ -321,13 +526,20 @@ ], "version": "==0.5.2" }, + "urllib3": { + "hashes": [ + "sha256:61bf29cada3fc2fbefad4fdf059ea4bd1b4a86d2b6d15e1c7c0b582b9752fe39", + "sha256:de9529817c93f27c8ccbfead6985011db27bd0ddfcdb2d86f3f663385c6a9c22" + ], + "version": "==1.24.1" + }, "webargs": { "hashes": [ - "sha256:097e6ad80942d96160411b1448eaa562852b028a4af8115bfd7f3982effbdfb0", - "sha256:b0d1d614007cee5d5fc292ae71e72e9057d9e9f74d6817e5e37f701211ef0a28", - "sha256:e53d07008e31beef2b55e748d8c6531d10a3419f8921afa7e475b72eb246d48b" + "sha256:15ddf90d7bfe05c9db87c9f22215cacc1228da98a8e7bd62508d9d8020935123", + "sha256:75c568581af6ef6345156fc8621a7735ce6846bf9d7ec058aa6ea9cc3a620580", + "sha256:e2381557f0a5e4db37dbbddc2833b0f3aa6dca58b5ced4ca6b14620f685a643f" ], - "version": "==5.1.3" + "version": "==5.2.0" }, "werkzeug": { "hashes": [ diff --git a/__init__.py b/__init__.py index fd53a82..7afbcc2 100644 --- a/__init__.py +++ b/__init__.py @@ -18,6 +18,9 @@ app = Flask(__name__) app.config.from_object('backend.config.Config') +from backend.auth import oidc_auth +oidc_auth.init_app(app) + app.register_blueprint(api_bp) app.register_blueprint(fe_bp) diff --git a/auth/__init__.py b/auth/__init__.py new file mode 100644 index 0000000..cb976d9 --- /dev/null +++ b/auth/__init__.py @@ -0,0 +1,6 @@ +# Copyright (c) 2019. Tobias Kurze +from backend.auth.oidc import OIDCAuthentication + +from backend.auth.oidc_config import PROVIDERS + +oidc_auth = OIDCAuthentication(PROVIDERS) diff --git a/auth/oidc.py b/auth/oidc.py new file mode 100644 index 0000000..3e0d174 --- /dev/null +++ b/auth/oidc.py @@ -0,0 +1,11 @@ +# Copyright (c) 2019. Tobias Kurze +from flask_pyoidc.flask_pyoidc import OIDCAuthentication +from backend.auth.oidc_config import PROVIDER_NAME + + +def oidc_auth_default_provider(self): + return self.oidc_auth_orig(PROVIDER_NAME) + + +OIDCAuthentication.oidc_auth_orig = OIDCAuthentication.oidc_auth +OIDCAuthentication.oidc_auth = oidc_auth_default_provider diff --git a/auth/oidc_config.py b/auth/oidc_config.py new file mode 100644 index 0000000..f59fb6b --- /dev/null +++ b/auth/oidc_config.py @@ -0,0 +1,14 @@ +# Copyright (c) 2019. Tobias Kurze +from flask_pyoidc.provider_configuration import ClientMetadata, ProviderConfiguration + +REG_RESPONSE_CLIENT_ID = "lrc-test-bibliothek-kit-edu" +REG_RESPONSE_CLIENT_SECRET = "d8531b30-0e6b-4280-b611-1e6c8b4911fa" + +CLIENT_METADATA = ClientMetadata(REG_RESPONSE_CLIENT_ID, REG_RESPONSE_CLIENT_SECRET) + +PROVIDER_URL = "https://oidc.scc.kit.edu/auth/realms/kit" +PROVIDER_NAME = 'kit_oidc' +PROVIDER_CONFIG = ProviderConfiguration(issuer=PROVIDER_URL, + client_metadata=CLIENT_METADATA) + +PROVIDERS = {PROVIDER_NAME: PROVIDER_CONFIG} diff --git a/config.py b/config.py index a705f23..536730c 100644 --- a/config.py +++ b/config.py @@ -6,6 +6,11 @@ basedir = os.path.abspath(os.path.dirname(__file__)) class Config(): + SERVER_NAME = "ubkaps154.ubka.uni-karlsruhe.de:5443" + #SERVER_NAME = "localhost.dev" + #SERVER_NAME = "localhost:5443" + PREFERRED_URL_SCHEME = 'https' + TEMPLATE_AUTO_RELOAD = True SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'app.db') @@ -69,6 +74,8 @@ class ProductionConfig(Config): class DevelopmentConfig(Config): SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'app.db_debug') + SERVER_NAME = "ubkaps154.ubka.uni-karlsruhe.de" + PORT = 5443 DEBUG = True class TestingConfig(Config): diff --git a/serve_frontend.py b/serve_frontend.py index a125ddc..de42dc1 100644 --- a/serve_frontend.py +++ b/serve_frontend.py @@ -1,9 +1,13 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- - +import flask +from jose import jwt, jwk import os -from flask import render_template, send_from_directory, Blueprint +from flask import render_template, send_from_directory, Blueprint, jsonify +from flask_pyoidc.user_session import UserSession + +from backend.auth import oidc_auth fe_path = os.path.join(os.getcwd(), "frontend", "dist") fe_bp = Blueprint('frontend', __name__, url_prefix='/', template_folder=os.path.join(fe_path, "")) @@ -24,6 +28,20 @@ def send_img(path): return send_from_directory(os.path.join(fe_path, "img"), path) +@fe_bp.route('/test') +@oidc_auth.oidc_auth() +def test_oidc(): + user_session = UserSession(flask.session) + access_token = user_session.access_token + token_claim = jwt.get_unverified_claims(access_token) + token_header = jwt.get_unverified_header(access_token) + return jsonify(id_token=flask.session['id_token'], access_token=flask.session['access_token'], + userinfo=flask.session['userinfo'], + token_claim=token_claim, + token_header=token_header) + + + @fe_bp.route('/', defaults={'path': ''}) @fe_bp.route('/') def catch_all(path):