diff --git a/lenticular_cloud/model.py b/lenticular_cloud/model.py index 43d8e56..12fc118 100644 --- a/lenticular_cloud/model.py +++ b/lenticular_cloud/model.py @@ -19,7 +19,7 @@ from flask_sqlalchemy import SQLAlchemy, orm from datetime import datetime import uuid import pyotp -from typing import Optional +from typing import Optional, Callable logger = logging.getLogger(__name__) @@ -49,10 +49,10 @@ class SecurityUser(UserMixin): class LambdaStr: - def __init__(self, lam): + def __init__(self, lam: Callable[[],str]): self.lam = lam - def __str__(self): + def __str__(self) -> str: return self.lam() @@ -68,6 +68,8 @@ class EntryBase(db.Model): # self._ldap_object = self.get_type()(**kwargs) # else: # self._ldap_object = ldap_object + dn = '' + base_dn = '' def __str__(self) -> str: return str(self._ldap_object) diff --git a/lenticular_cloud/template/auth/error.html.j2 b/lenticular_cloud/template/auth/error.html.j2 new file mode 100644 index 0000000..b8700c6 --- /dev/null +++ b/lenticular_cloud/template/auth/error.html.j2 @@ -0,0 +1,12 @@ +{% extends 'auth/base.html.j2' %} + +{% block title %}{{ gettext('Error') }}{% endblock %} + +{% block content %} + +
This should not happend
+ +
{{ error_description|e }}
+ +{% endblock %} diff --git a/lenticular_cloud/views/auth.py b/lenticular_cloud/views/auth.py index 194d455..88225cb 100644 --- a/lenticular_cloud/views/auth.py +++ b/lenticular_cloud/views/auth.py @@ -17,6 +17,7 @@ import crypt import ory_hydra_client from datetime import datetime import logging +import json from ..model import db, User, SecurityUser, UserSignUp from ..form.auth import ConsentForm, LoginForm, RegistrationForm @@ -34,7 +35,7 @@ def consent(): # DUMMPY ONLY form = ConsentForm() - remember_for = 60*60*24*30 # remember for 7 days + remember_for = 60*60*24*30 # remember for 30 days try: consent_request = current_app.hydra_api.get_consent_request( @@ -46,8 +47,8 @@ def consent(): logger.exception('ory exception - could not fetch user data') return redirect(url_for('frontend.index')) - requested_scope = consent_request.requested_scope - requested_audiences = consent_request.requested_access_token_audience + requested_scope = json.loads(consent_request.requested_scope.to_str().replace("'", '"')) + requested_audiences = json.loads(consent_request.requested_access_token_audience.to_str().replace("'", '"')) if form.validate_on_submit() or consent_request.skip: user = User.query.get(consent_request.subject) @@ -151,12 +152,18 @@ def login_auth(): @auth_views.route("/logout") def logout(): logout_challenge = request.args.get('logout_challenge') - logout_request = current_app.hydra_api.get_logout_request(logout_challenge) - resp = current_app.hydra_api.accept_logout_request(logout_challenge) # TODO confirm + resp = current_app.hydra_api.accept_logout_request(logout_challenge) return redirect(resp.redirect_to) +@auth_views.route("/error", methods=["GET"]) +def auth_error(): + error = request.args.get('error') + error_description = request.args.get('error_description') + + return render_template('auth/error.html.j2', error=error, error_description=error_description) + @auth_views.route("/sign_up", methods=["GET"]) def sign_up(): diff --git a/mypy.ini b/mypy.ini new file mode 100644 index 0000000..e717bea --- /dev/null +++ b/mypy.ini @@ -0,0 +1,6 @@ + + +[mypy] +warn_return_any = True +warn_unused_configs = True +ignore_missing_imports = True