94 lines
2.9 KiB
Python
94 lines
2.9 KiB
Python
|
|
||
|
from urllib.parse import urlencode, parse_qs
|
||
|
|
||
|
import flask
|
||
|
from flask import Blueprint, redirect
|
||
|
from flask import current_app, session
|
||
|
from flask import jsonify, send_file
|
||
|
from flask.helpers import make_response
|
||
|
from flask.templating import render_template
|
||
|
from oic.oic.message import TokenErrorResponse, UserInfoErrorResponse, EndSessionRequest
|
||
|
|
||
|
from pyop.access_token import AccessToken, BearerTokenError
|
||
|
from pyop.exceptions import InvalidAuthenticationRequest, InvalidAccessToken, InvalidClientAuthentication, OAuthError, \
|
||
|
InvalidSubjectIdentifier, InvalidClientRegistrationRequest
|
||
|
from pyop.util import should_fragment_encode
|
||
|
|
||
|
from flask import Blueprint, render_template, request, url_for
|
||
|
from flask_login import login_required, login_user, logout_user, current_user
|
||
|
from werkzeug.utils import redirect
|
||
|
import logging
|
||
|
from datetime import timedelta
|
||
|
|
||
|
|
||
|
from ..model import User, SecurityUser
|
||
|
from ..form.login import LoginForm
|
||
|
from ..form.frontend import ClientCertForm
|
||
|
from ..auth_providers import AUTH_PROVIDER_LIST
|
||
|
|
||
|
|
||
|
frontend_views = Blueprint('frontend', __name__, url_prefix='')
|
||
|
|
||
|
|
||
|
@frontend_views.route('/', methods=['GET'])
|
||
|
@login_required
|
||
|
def index():
|
||
|
return render_template('frontend/index.html.j2')
|
||
|
|
||
|
|
||
|
@frontend_views.route('/client_cert')
|
||
|
@login_required
|
||
|
def client_cert():
|
||
|
client_certs = {}
|
||
|
for service in current_app.lenticular_services.values():
|
||
|
client_certs[str(service.name)] = current_app.pki.get_client_certs(current_user, service)
|
||
|
|
||
|
return render_template('frontend/client_cert.html.j2', services=current_app.lenticular_services, client_certs=client_certs)
|
||
|
|
||
|
|
||
|
@frontend_views.route('/client_cert/<service_name>/<fingerprint>')
|
||
|
@login_required
|
||
|
def get_client_cert(service_name, fingerprint):
|
||
|
service = current_app.lenticular_services[service_name]
|
||
|
current_app.pki.get_client_cert(current_user, service, fingerprint)
|
||
|
pass
|
||
|
|
||
|
|
||
|
@frontend_views.route(
|
||
|
'/client_cert/<service_name>/new',
|
||
|
methods=['GET', 'POST'])
|
||
|
@login_required
|
||
|
def client_cert_new(service_name):
|
||
|
service = current_app.lenticular_services[service_name]
|
||
|
form = ClientCertForm()
|
||
|
if form.validate_on_submit():
|
||
|
valid_time = int(form.data['valid_time']) * timedelta(1, 0, 0)
|
||
|
cert = current_app.pki.signing_publickey(
|
||
|
current_user,
|
||
|
service,
|
||
|
form.data['publickey'],
|
||
|
valid_time=valid_time)
|
||
|
return jsonify( {
|
||
|
'status': 'ok',
|
||
|
'data': {
|
||
|
'cert': cert.pem(),
|
||
|
'ca_cert': current_app.pki.get_ca_cert_pem(service)
|
||
|
}})
|
||
|
elif form.is_submitted():
|
||
|
return jsonify({
|
||
|
'status': 'error',
|
||
|
'errors': form.errors
|
||
|
})
|
||
|
|
||
|
return render_template('frontend/client_cert_new.html.j2',
|
||
|
service=service,
|
||
|
form=form)
|
||
|
|
||
|
|
||
|
@frontend_views.route('/totp')
|
||
|
@login_required
|
||
|
def totp():
|
||
|
return render_template('frontend/totp.html.j2')
|
||
|
|
||
|
|