beenull/simple-login
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

rename ScopeE to just Scope

Browse source
This commit is contained in:
Son NK 2019-07-03 12:13:28 +02:00 committed by Son NK
parent b263886434
commit 9f3cba61ca
6 changed files with 32 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
app/models.py
View file

@ -12,7 +12,7 @@ from app import s3
from app.config import URL, MAX_NB_EMAIL_FREE_PLAN, EMAIL_DOMAIN
from app.extensions import db
from app.log import LOG
from app.oauth_models import ScopeE
from app.oauth_models import Scope
from app.utils import convert_to_id, random_string
@ -248,9 +248,9 @@ class Client(db.Model, ModelMixin):
def nb_user(self):
return ClientUser.filter_by(client_id=self.id).count()
def get_scopes(self) -> [ScopeE]:
def get_scopes(self) -> [Scope]:
# todo: client can choose which scopes they want to have access
return [ScopeE.NAME, ScopeE.EMAIL, ScopeE.AVATAR_URL]
return [Scope.NAME, Scope.EMAIL, Scope.AVATAR_URL]
@classmethod
def create_new(cls, name, user_id) -> "Client":
@ -375,22 +375,22 @@ class ClientUser(db.Model, ModelMixin):
res = {"id": self.id, "client": self.client.name, "email_verified": True}
for scope in self.client.get_scopes():
if scope == ScopeE.NAME:
res[ScopeE.NAME.value] = self.user.name
elif scope == ScopeE.AVATAR_URL:
if scope == Scope.NAME:
res[Scope.NAME.value] = self.user.name
elif scope == Scope.AVATAR_URL:
if self.user.profile_picture_id:
res[ScopeE.AVATAR_URL.value] = self.user.profile_picture.get_url()
res[Scope.AVATAR_URL.value] = self.user.profile_picture.get_url()
else:
res[ScopeE.AVATAR_URL.value] = None
elif scope == ScopeE.EMAIL:
res[Scope.AVATAR_URL.value] = None
elif scope == Scope.EMAIL:
# Use generated email
if self.gen_email_id:
LOG.debug(
"Use gen email for user %s, client %s", self.user, self.client
)
res[ScopeE.EMAIL.value] = self.gen_email.email
res[Scope.EMAIL.value] = self.gen_email.email
# Use user original email
else:
res[ScopeE.EMAIL.value] = self.user.email
res[Scope.EMAIL.value] = self.user.email
return res

19
app/oauth/templates/oauth/authorize.html
View file

@ -14,26 +14,27 @@
You have already authorized <b>{{ client.name }}</b>.
</div>
<div>
<hr>
<div class="mb-4">
<b>{{ client.name }}</b> has access to the following information:
</div>
<ul>
<div>
{% for scope in client.get_scopes() %}
<li style="margin-top: .4rem">
{% if scope == ScopeE.AVATAR_URL %}
<div>
{% if scope == Scope.AVATAR_URL and user_info[scope.value] %}
{{ scope.value }}: <img src="{{ user_info[scope.value] }}" class="avatar">
{% elif scope == ScopeE.EMAIL %}
{% elif scope == Scope.EMAIL %}
{{ scope.value }}:
<a href="mailto:{{ user_info[scope.value] }}">
{{ user_info[scope.value] }}
</a>
{% elif scope == ScopeE.NAME %}
{% elif scope == Scope.NAME %}
{{ scope.value }}: <b>{{ user_info[scope.value] }}</b>
{% endif %}
</li>
</div>
{% endfor %}
</ul>
</div>
{% else %}
<div class="card-title">
<b>{{ client.name }}</b> will receive your following information:

4
app/oauth/views/authorize.py
View file

@ -17,7 +17,7 @@ from app.models import (
OauthToken,
)
from app.oauth.base import oauth_bp
from app.oauth_models import get_response_types, ResponseType, ScopeE
from app.oauth_models import get_response_types, ResponseType, Scope
from app.utils import random_string, encode_url
@ -77,7 +77,7 @@ def authorize():
client=client,
user_info=user_info,
client_user=client_user,
ScopeE=ScopeE,
Scope=Scope,
)
else:
# after user logs in, redirect user back to this page

4
app/oauth/views/token.py
View file

@ -6,7 +6,7 @@ from app.log import LOG
from app.models import Client, AuthorizationCode, OauthToken, ClientUser
from app.oauth.base import oauth_bp
from app.oauth.views.authorize import generate_access_token
from app.oauth_models import ScopeE
from app.oauth_models import Scope
@oauth_bp.route("/token", methods=["POST"])
@ -82,7 +82,7 @@ def get_access_token():
"user": user_data,
}
if oauth_token.scope and ScopeE.OPENID.value in oauth_token.scope:
if oauth_token.scope and Scope.OPENID.value in oauth_token.scope:
res["id_token"] = make_id_token(client_user)
return jsonify(res)

8
app/oauth_models.py
View file

@ -4,9 +4,7 @@ from typing import Set, Union
import flask
class ScopeE(enum.Enum):
"""ScopeE to distinguish with Scope model"""
class Scope(enum.Enum):
EMAIL = "email"
NAME = "name"
OPENID = "openid"
@ -19,10 +17,10 @@ class ResponseType(enum.Enum):
ID_TOKEN = "id_token"
def get_scopes(request: flask.Request) -> Set[ScopeE]:
def get_scopes(request: flask.Request) -> Set[Scope]:
scope_strs = _split_arg(request.args.getlist("scope"))
return set([ScopeE(scope_str) for scope_str in scope_strs])
return set([Scope(scope_str) for scope_str in scope_strs])
def get_response_types(request: flask.Request) -> Set[ResponseType]:

8
tests/test_oauth_models.py
View file

@ -1,7 +1,7 @@
import flask
import pytest
from app.oauth_models import get_scopes, ScopeE, get_response_types, ResponseType
from app.oauth_models import get_scopes, Scope, get_response_types, ResponseType
def test_get_scopes(flask_app):
@ -11,17 +11,17 @@ def test_get_scopes(flask_app):
with flask_app.test_request_context("/?scope=email&scope=name"):
scopes = get_scopes(flask.request)
assert scopes == {ScopeE.NAME, ScopeE.EMAIL}
assert scopes == {Scope.NAME, Scope.EMAIL}
# a space between email and name
with flask_app.test_request_context("/?scope=email%20name"):
scopes = get_scopes(flask.request)
assert scopes == {ScopeE.NAME, ScopeE.EMAIL}
assert scopes == {Scope.NAME, Scope.EMAIL}
# a comma between email and name
with flask_app.test_request_context("/?scope=email,name"):
scopes = get_scopes(flask.request)
assert scopes == {ScopeE.NAME, ScopeE.EMAIL}
assert scopes == {Scope.NAME, Scope.EMAIL}
# non-existent scope: raise ValueError
with flask_app.test_request_context("/?scope=abcd"):