Skip to content

Commit d214bdf

Browse files
devinmattedevinmatte
committed
Adding flask_pyoidc
1 parent b579158 commit d214bdf

19 files changed

+407
-388
lines changed

conditional/__init__.py

Lines changed: 26 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
import os
22
import subprocess
33
from datetime import datetime
4-
from flask import Flask, redirect, request, render_template, g
5-
from flask_sqlalchemy import SQLAlchemy
6-
from flask_migrate import Migrate
4+
5+
import structlog
76
from csh_ldap import CSHLDAP
8-
from raven import fetch_git_sha
7+
from flask import Flask, redirect, render_template, g
8+
from flask_migrate import Migrate
9+
from flask_pyoidc.flask_pyoidc import OIDCAuthentication
10+
from flask_sqlalchemy import SQLAlchemy
911
from raven.contrib.flask import Sentry
10-
from raven.exceptions import InvalidGitRepository
11-
import structlog
1212

1313
app = Flask(__name__)
1414

@@ -31,6 +31,11 @@
3131
app.config['LDAP_BIND_PW'],
3232
ro=app.config['LDAP_RO'])
3333

34+
auth = OIDCAuthentication(app, issuer=app.config["OIDC_ISSUER"],
35+
client_registration_info=app.config["OIDC_CLIENT_CONFIG"])
36+
37+
app.secret_key = app.config["SECRET_KEY"]
38+
3439
def start_of_year():
3540
start = datetime(datetime.today().year, 6, 1)
3641
if datetime.today() < start:
@@ -41,7 +46,7 @@ def start_of_year():
4146
from conditional.models.models import UserLog
4247

4348
# Configure Logging
44-
def request_processor(logger, log_method, event_dict): # pylint: disable=unused-argument, redefined-outer-name
49+
def request_processor(logger, log_method, event_dict): # pylint: disable=unused-argument, redefined-outer-name
4550
if 'request' in event_dict:
4651
flask_request = event_dict['request']
4752
event_dict['user'] = flask_request.headers.get("x-webauth-user")
@@ -52,7 +57,7 @@ def request_processor(logger, log_method, event_dict): # pylint: disable=unused-
5257
return event_dict
5358

5459

55-
def database_processor(logger, log_method, event_dict): # pylint: disable=unused-argument, redefined-outer-name
60+
def database_processor(logger, log_method, event_dict): # pylint: disable=unused-argument, redefined-outer-name
5661
if 'request' in event_dict:
5762
if event_dict['method'] != 'GET':
5863
log = UserLog(
@@ -77,8 +82,9 @@ def database_processor(logger, log_method, event_dict): # pylint: disable=unused
7782

7883
logger = structlog.get_logger()
7984

85+
from conditional.util.auth import get_username
8086

81-
from conditional.blueprints.dashboard import dashboard_bp # pylint: disable=ungrouped-imports
87+
from conditional.blueprints.dashboard import dashboard_bp # pylint: disable=ungrouped-imports
8288
from conditional.blueprints.attendance import attendance_bp
8389
from conditional.blueprints.major_project_submission import major_project_bp
8490
from conditional.blueprints.intro_evals import intro_evals_bp
@@ -115,14 +121,23 @@ def static_proxy(path):
115121

116122

117123
@app.route('/')
124+
@auth.oidc_auth
118125
def default_route():
119126
return redirect('/dashboard')
120127

128+
129+
@app.route("/logout")
130+
@auth.oidc_logout
131+
def logout():
132+
return redirect("/", 302)
133+
134+
121135
@app.errorhandler(404)
122136
@app.errorhandler(500)
123-
def route_errors(error):
137+
@auth.oidc_auth
138+
@get_username
139+
def route_errors(error, username=None):
124140
data = dict()
125-
username = request.headers.get('x-webauth-user')
126141

127142
# Handle the case where the header isn't present
128143
if username is not None:

0 commit comments

Comments
 (0)