60 lines
1.5 KiB
Python
60 lines
1.5 KiB
Python
# Copyright (c) 2019. Tobias Kurze
|
|
"""
|
|
OIDC login auth module
|
|
"""
|
|
|
|
import flask
|
|
from flask import jsonify
|
|
from flask_login import login_user
|
|
from flask_pyoidc.flask_pyoidc import OIDCAuthentication
|
|
from flask_pyoidc.user_session import UserSession
|
|
|
|
from backend import app, db
|
|
from backend.models.user_model import User
|
|
from . import auth_bp
|
|
from .oidc_config import PROVIDER_NAME, OIDC_PROVIDERS
|
|
|
|
|
|
def oidc_auth_default_provider(self):
|
|
return self.oidc_auth_orig(PROVIDER_NAME)
|
|
|
|
|
|
OIDCAuthentication.oidc_auth_orig = OIDCAuthentication.oidc_auth
|
|
OIDCAuthentication.oidc_auth = oidc_auth_default_provider
|
|
|
|
oidc_auth = OIDCAuthentication(OIDC_PROVIDERS)
|
|
|
|
|
|
def create_or_retrieve_user_from_userinfo(userinfo):
|
|
try:
|
|
email = userinfo["email"]
|
|
except KeyError:
|
|
return None
|
|
user = User.get_by_identifier(email)
|
|
|
|
if user is not None:
|
|
app.logger.info("user found")
|
|
return user
|
|
|
|
user = User(email=email, first_name=userinfo.get("given_name", ""),
|
|
last_name=userinfo.get("family_name", ""))
|
|
|
|
app.logger.info("creating new user")
|
|
|
|
db.session.add(user)
|
|
db.session.commit()
|
|
return user
|
|
|
|
|
|
|
|
@auth_bp.route('/oidc', methods=['GET'])
|
|
@oidc_auth.oidc_auth()
|
|
def oidc():
|
|
user_session = UserSession(flask.session)
|
|
app.logger.info(user_session.userinfo)
|
|
user = create_or_retrieve_user_from_userinfo(user_session.userinfo)
|
|
login_user(user)
|
|
return jsonify(id_token=user_session.id_token,
|
|
access_token=flask.session['access_token'],
|
|
userinfo=user_session.userinfo)
|