lenticular_cloud2/lenticular_cloud/views/api.py

import flask
from flask import Blueprint, redirect, request
from flask import current_app, session
from flask import jsonify
from flask.helpers import make_response
from flask.templating import render_template
from oic.oic.message import TokenErrorResponse, UserInfoErrorResponse, EndSessionRequest

from flask import Blueprint, render_template, request, url_for
import logging
import requests

from ..model import User
from ..model_db import User as DbUser
from ..auth_providers import LdapAuthProvider


api_views = Blueprint('api', __name__, url_prefix='/api')

@api_views.route('/userinfo', methods=['GET', 'POST'])
def userinfo():
    token = request.headers['authorization'].replace('Bearer ', '')
    token_info = current_app.hydra_api.introspect_o_auth2_token(token=token)

    user_db = DbUser.query.get(token_info.sub)
    user = User.query().by_username(user_db.username)

    public_url = current_app.config.get('HYDRA_PUBLIC_URL')
    r = requests.get(
            f"{public_url}/userinfo",
            headers={
                'authorization': request.headers['authorization']})
    userinfo = r.json()
    scopes = token_info.scope.split(' ')
    if 'email' in scopes:
        userinfo['email'] = str(user.email)
    if 'profile' in scopes:
        userinfo['username'] = str(user.username)
    print(userinfo)
    return jsonify(userinfo)


@api_views.route('/users', methods=['GET'])
def user_list():
    if 'authorization' not in request.headers:
        return '', 403
    token = request.headers['authorization'].replace('Bearer ', '')
    token_info = current_app.hydra_api.introspect_o_auth2_token(token=token)

    if 'lc_i_userlist' not in token_info.scope.split(' '):
        return '', 403

    return jsonify([{'username': str(user.username), 'email': str(user.email)}
            for user in User.query().all()])
change to hydra as oauth backend 2020-05-21 11:20:27 +00:00			`import flask`
			`from flask import Blueprint, redirect, request`
			`from flask import current_app, session`
			`from flask import jsonify`
			`from flask.helpers import make_response`
			`from flask.templating import render_template`
			`from oic.oic.message import TokenErrorResponse, UserInfoErrorResponse, EndSessionRequest`

			`from flask import Blueprint, render_template, request, url_for`
			`import logging`
			`import requests`

add oauth2 token managment, partial password change, bugfixes 2020-05-26 20:55:37 +00:00			`from ..model import User`
change to hydra as oauth backend 2020-05-21 11:20:27 +00:00			`from ..model_db import User as DbUser`
			`from ..auth_providers import LdapAuthProvider`


			`api_views = Blueprint('api', __name__, url_prefix='/api')`

			`@api_views.route('/userinfo', methods=['GET', 'POST'])`
			`def userinfo():`
			`token = request.headers['authorization'].replace('Bearer ', '')`
			`token_info = current_app.hydra_api.introspect_o_auth2_token(token=token)`

			`user_db = DbUser.query.get(token_info.sub)`
			`user = User.query().by_username(user_db.username)`

add oauth2 token managment, partial password change, bugfixes 2020-05-26 20:55:37 +00:00			`public_url = current_app.config.get('HYDRA_PUBLIC_URL')`
change to hydra as oauth backend 2020-05-21 11:20:27 +00:00			`r = requests.get(`
add oauth2 token managment, partial password change, bugfixes 2020-05-26 20:55:37 +00:00			`f"{public_url}/userinfo",`
change to hydra as oauth backend 2020-05-21 11:20:27 +00:00			`headers={`
			`'authorization': request.headers['authorization']})`
			`userinfo = r.json()`
			`scopes = token_info.scope.split(' ')`
			`if 'email' in scopes:`
			`userinfo['email'] = str(user.email)`
			`if 'profile' in scopes:`
			`userinfo['username'] = str(user.username)`
			`print(userinfo)`
			`return jsonify(userinfo)`


			`@api_views.route('/users', methods=['GET'])`
			`def user_list():`
			`if 'authorization' not in request.headers:`
			`return '', 403`
			`token = request.headers['authorization'].replace('Bearer ', '')`
			`token_info = current_app.hydra_api.introspect_o_auth2_token(token=token)`

			`if 'lc_i_userlist' not in token_info.scope.split(' '):`
			`return '', 403`

			`return jsonify([{'username': str(user.username), 'email': str(user.email)}`
			`for user in User.query().all()])`