diff --git a/lenticular_cloud/views/auth.py b/lenticular_cloud/views/auth.py index 308f910..5d4f2e7 100644 --- a/lenticular_cloud/views/auth.py +++ b/lenticular_cloud/views/auth.py @@ -21,7 +21,7 @@ from ory_hydra_client.api.o_auth_2 import get_o_auth_2_consent_request, accept_o from ory_hydra_client import models as ory_hydra_m from ory_hydra_client.models import TheRequestPayloadUsedToAcceptALoginOrConsentRequest, TheRequestPayloadUsedToAcceptAConsentRequest, GenericError from typing import Optional -from uuid import uuid4 +from uuid import uuid4, UUID from ..model import db, User, SecurityUser from ..form.auth import ConsentForm, LoginForm, RegistrationForm @@ -54,7 +54,9 @@ async def consent() -> ResponseReturnValue: requested_audiences = consent_request.requested_access_token_audience if form.validate_on_submit() or consent_request.skip: - user = User.query.get(consent_request.subject) # type: Optional[User] + + uid = UUID(consent_request.subject) + user = User.query.get(uid) if user is None: return 'internal error', 500 access_token = { diff --git a/lenticular_cloud/views/oauth2.py b/lenticular_cloud/views/oauth2.py index 457438b..c1320bb 100644 --- a/lenticular_cloud/views/oauth2.py +++ b/lenticular_cloud/views/oauth2.py @@ -7,6 +7,7 @@ from flask_login import LoginManager from typing import Optional from werkzeug.wrappers.response import Response as WerkzeugResponse import logging +from uuid import UUID from ..model import User, SecurityUser from ..hydra import hydra_service @@ -46,7 +47,7 @@ def authorized() -> ResponseReturnValue: return 'bad request', 400 session['token'] = token userinfo = oauth2.custom.get('/userinfo').json() - user = User.query.get(str(userinfo["sub"])) # type: Optional[User] + user = User.query.get(UUID(userinfo["sub"])) # type: Optional[User] if user is None: return "user not found", 404 logger.info(f"user `{user.username}` successfully logged in")