def test_initialising_session_with_new_provider_name_should_reset_session(
self):
storage = {}
session1 = UserSession(storage, 'provider1')
session1.update()
assert session1.is_authenticated() is True
session2 = UserSession(storage, 'provider2')
assert session2.is_authenticated() is False
def test_initialising_session_with_existing_user_session_should_preserve_state(
self):
storage = {}
session1 = UserSession(storage, self.PROVIDER_NAME)
session1.update()
assert session1.is_authenticated() is True
assert session1.current_provider == self.PROVIDER_NAME
session2 = UserSession(storage, self.PROVIDER_NAME)
assert session2.is_authenticated() is True
assert session2.current_provider == self.PROVIDER_NAME
session3 = UserSession(storage)
assert session3.is_authenticated() is True
assert session3.current_provider == self.PROVIDER_NAME
def oidc_auth(auth, provider_name, destination='/'):
def authenticate(client, interactive=True):
if not client.is_registered():
auth._register_client(client)
flask_session['destination'] = destination
extra_auth_params = {}
if not interactive:
extra_auth_params['prompt'] = 'none'
auth_req = client.authentication_request(
state=rndstr(),
nonce=rndstr(),
extra_auth_params=extra_auth_params)
flask_session['auth_request'] = auth_req.to_json()
login_url = client.login_url(auth_req)
auth_params = dict(parse_qsl(login_url.split('?')[1]))
flask_session[
'fragment_encoded_response'] = AuthResponseHandler.expect_fragment_encoded_response(
auth_params)
return redirect(login_url)
session = UserSession(flask_session, provider_name)
client = auth.clients[session.current_provider]
if session.should_refresh(client.session_refresh_interval_seconds):
return authenticate(client, interactive=False)
elif session.is_authenticated():
return redirect(destination)
else:
return authenticate(client)
def index():
try:
user_session = UserSession(session)
is_authorized = user_session.is_authenticated()
except UninitialisedSession:
is_authorized = False
return render_template(
'index.html',
title=('Home'),
authorized=(is_authorized),
)
def profile():
try:
user_session = UserSession(session)
is_authorized = user_session.is_authenticated()
except UninitialisedSession:
print("Not authenticated!")
redirect(url_for('main.index'))
return render_template('profile.html',
title=('Profile'),
access_token=user_session.access_token,
id_token=user_session.id_token,
userinfo=user_session.userinfo,
authorized=(is_authorized))
