more oauth2 fixes

lenticular_cloud/hydra.py

@@ -6,8 +6,8 @@ from typing import Optional
 class HydraService:
 
     def __init__(self):
-        self._hydra_client = None # type: Optional[Client]
-        self._oauth_client = None # type: Optional[Client]
+        self._hydra_client: Optional[Client] = None
+        self._oauth_client: Optional[Client] = None
 
     @property
     def hydra_client(self) -> Client:

lenticular_cloud/migrations/versions/0518a8625b50_remove_ldap_add_rest_to_db.py

@@ -9,9 +9,6 @@ from alembic import op
 import sqlalchemy as sa
 from flask import current_app
 from lenticular_cloud.model import User
-from ldap3_orm import AttrDef, EntryBase as _EntryBase, ObjectDef, EntryType
-from ldap3_orm import Reader
-from ldap3 import Connection, Server, ALL
 import logging
 
 
@@ -23,6 +20,10 @@ depends_on = None
 
 
 def upgrade():
+    from ldap3_orm import AttrDef, EntryBase as _EntryBase, ObjectDef, EntryType
+    from ldap3_orm import Reader
+    from ldap3 import Connection, Server, ALL
+
     app = current_app
     server = Server(app.config['LDAP_URL'], get_info=ALL)
     ldap_conn = Connection(server, app.config['LDAP_BIND_DN'], app.config['LDAP_BIND_PW'], auto_bind=True) # TODO auto_bind read docu

lenticular_cloud/model.py

@@ -11,7 +11,7 @@ import logging
 import crypt
 import secrets
 import string
-from flask_sqlalchemy import SQLAlchemy, orm
+from flask_sqlalchemy import SQLAlchemy
 from flask_migrate import Migrate
 from datetime import datetime
 import uuid

lenticular_cloud/translations/__init__.py

@@ -3,16 +3,15 @@ from flask_babel import Babel
 from flask_login import current_user
 from typing import Optional
 from lenticular_cloud.model import db, User
+from importlib.metadata import version
 
 LANGUAGES = {
     'en': 'English',
     'de': 'Deutsch'
 }
 
-babel = Babel()
 
 
-@babel.localeselector
 def get_locale() -> str:
     # if a user is logged in, use the locale from the user settings
     user = current_user # type: Optional[User]
@@ -34,13 +33,31 @@ def get_locale() -> str:
     # example.  The best match wins.
     return request.accept_languages.best_match(['de'])
 
-@babel.timezoneselector
 def get_timezone() -> Optional[str]:
 #       user = getattr(g, 'user', None)
 #       if user is not None:
 #           return user.timezone
     return None
 
+flask_babel_version = version('flask_babel')
+kwargs = {}
+if flask_babel_version >= "3.0.0":
+    kwargs = {
+        'locale_selector': get_locale,
+        #'timezone_selector': get_timezone,
+    }
+
+babel = Babel(**kwargs)
+
+if flask_babel_version < "3.0.0":
+    @babel.localeselector
+    def _get_locale() -> str:
+        return get_locale()
+
+    @babel.timezoneselector
+    def _get_timezone() -> Optional[str]:
+        return get_timezone()
+
 def init_babel(app: Flask) -> None:
 
     babel.init_app(app)

lenticular_cloud/views/admin.py

@@ -8,8 +8,10 @@ from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
 from authlib.integrations.base_client.errors import InvalidTokenError
 from ory_hydra_client.api.o_auth_2 import list_o_auth_2_clients, get_o_auth_2_client, set_o_auth_2_client, create_o_auth_2_client 
 from ory_hydra_client.models import OAuth20Client, GenericError
-from typing import Optional
+from typing import Optional, List
 from collections.abc import Iterable
+from http import HTTPStatus
+import httpx
 import logging
 
 from ..model import db, User
@@ -77,7 +79,12 @@ def registration_accept(registration_id) -> ResponseReturnValue:
 
 @admin_views.route('/clients')
 async def clients() -> ResponseReturnValue:
-    clients = await list_o_auth_2_clients.asyncio_detailed(_client=hydra_service.hydra_client)
+    response = await list_o_auth_2_clients.asyncio_detailed(_client=hydra_service.hydra_client)
+    clients = response.parsed
+    if clients is None:
+        logger.error(f"could not fetch client list response {response}")
+        return 'internal error', 500
+    logger.error(f'{clients}')
     return render_template('admin/clients.html.j2', clients=clients)
 
 @admin_views.route('/client/<client_id>', methods=['GET', 'POST'])

lenticular_cloud/views/oauth2.py

@@ -92,11 +92,12 @@ def init_login_manager(app: Flask) -> None:
         name="custom",
         client_id=app.config['OAUTH_ID'],
         client_secret=app.config['OAUTH_SECRET'],
+        server_metadata_url=f'{base_url}/.well-known/openid-configuration',
         access_token_url=f"{base_url}/oauth2/token",
         authorize_url=f"{base_url}/oauth2/auth",
         api_base_url=base_url,
 
-        client_kwargs={'scope': ' '.join(['openid', 'profile', 'manage'])}
+        client_kwargs={'scope': ' '.join(['openid', 'profile', 'manage'])},
     )
     oauth2.init_app(app)
     login_manager.init_app(app)