def add_workflow_registry(type, name,
client_id, client_secret, client_auth_method="client_secret_post",
api_base_url=None, redirect_uris=None) -> models.WorkflowRegistry:
try:
# At the moment client_credentials of registries
# are associated with the admin account
user = User.find_by_username("admin")
if not user:
raise lm_exceptions.EntityNotFoundException(User, entity_id="admin")
server_credentials = providers.new_instance(provider_type=type,
name=name,
client_id=client_id,
client_secret=client_secret,
api_base_url=api_base_url)
client_credentials = \
server.create_client(user, name, server_credentials.api_base_url,
['client_credentials', 'authorization_code', 'refresh_token'],
["code", "token"],
"read write",
redirect_uris.split(',')
if isinstance(redirect_uris, str)
else redirect_uris,
client_auth_method, commit=False)
registry = models.WorkflowRegistry.new_instance(type, client_credentials, server_credentials)
registry.save()
logger.debug(f"WorkflowRegistry '{name}' (type: {type})' created: {registry}")
return registry
except providers.OAuth2ProviderNotSupportedException as e:
raise lm_exceptions.WorkflowRegistryNotSupportedException(exception=e)
def get_admin_user(_app_settings):
admin = User.find_by_username("admin")
if admin is None:
admin = User("admin")
admin.password = _app_settings['LIFEMONITOR_ADMIN_PASSWORD']
admin.id = 1
lm_db.db.session.add(admin)
lm_db.db.session.commit()
return admin
def get_admin_user():
admin = User.find_by_username("admin")
if admin is None:
admin = User("admin")
admin.password = "******"
admin.id = 1
lm_db.db.session.add(admin)
lm_db.db.session.commit()
return admin
def api_key_create(username, scope="read", length=40):
"""
Create an API Key for a given user (identified by username)
"""
logger.debug("Finding User '%s'...", username)
user = User.find_by_username(username)
if not user:
print("User not found", file=sys.stderr)
sys.exit(99)
logger.debug("User found: %r", user)
api_key = generate_new_api_key(user, scope, length)
print("%r" % api_key)
logger.debug("ApiKey created")
def api_key_list(username):
"""
Create an API Key for a given user (identified by username)
"""
logger.debug("Finding User '%s'...", username)
user = User.find_by_username(username)
if not user:
print("User not found", file=sys.stderr)
sys.exit(99)
logger.debug("User found: %r", user)
logger.info('-' * 82)
logger.info("User '%s' ApiKeys", user.username)
logger.info('-' * 82)
for key in user.api_keys:
print(key)
def db_init():
"""
Initialize the DB
"""
from lifemonitor.db import create_db, db
logger.debug("Initializing DB...")
create_db(settings=current_app.config)
db.create_all()
logger.info("DB initialized")
# create a default admin user if not exists
admin = User.find_by_username('admin')
if not admin:
admin = User('admin')
admin.password = current_app.config["LIFEMONITOR_ADMIN_PASSWORD"]
db.session.add(admin)
db.session.commit()
def api_key_clean(username):
"""
Create an API Key for a given user (identified by username)
"""
logger.debug("Finding User '%s'...", username)
user = User.find_by_username(username)
if not user:
print("User not found", file=sys.stderr)
sys.exit(99)
logger.debug("User found: %r", user)
count = 0
for key in user.api_keys:
key.delete()
print("ApiKey '%s' deleted!" % key.key)
count += 1
print("%d ApiKeys deleted!" % count, file=sys.stderr)
logger.debug("ApiKeys of User '%s' deleted!", user.username)
def token_invalidate(username):
"""
Invalidate all tokens related with a given user
"""
logger.debug("Finding User '%s'...", username)
user = User.find_by_username(username)
if not user:
print("User not found", file=sys.stderr)
sys.exit(99)
logger.debug("User found: %r", user)
count = 0
for identity in user.oauth_identity.values():
identity.token = invalidate_token(identity.token)
identity.save()
print("Token invalidated: %r !" % identity.token)
count += 1
print("%d Token invalidated!" % count, file=sys.stderr)
logger.debug("Token of User '%s' invalidated!", user.username)
def create_client_credentials(client_name, client_uri, client_auth_method,
scope, username):
"""
Create a OAuth2 client with 'client_credentials' grant
"""
user = User.find_by_username(username)
logger.debug("USERNAME: %r", username)
if not user:
print("User not found", file=sys.stderr)
sys.exit(99)
logger.debug("User found: %r", user)
client = server.create_client(user, client_name, client_uri,
'client_credentials', ["token"], scope, "",
client_auth_method)
print("CLIENT ID: %s" % client.client_id)
print("CLIENT SECRET: %s" % client.client_secret)
print("ACCESS TOKEN URL: <LIFE_MONITOR_BASE_URL>/oauth/token")
logger.debug("Client created")
def create_client_oauth_code(client_name, client_uri, client_redirect_uri,
client_auth_method, scope, username):
"""
Create a OAuth2 client with 'authorization_code' grant
"""
user = User.find_by_username(username)
logger.debug("USERNAME: %r", username)
if not user:
print("User not found", file=sys.stderr)
sys.exit(99)
logger.debug("User found: %r", user)
client = server.create_client(user, client_name, client_uri,
['authorization_code', 'token', 'id_token'],
["code", "token"], scope,
client_redirect_uri, client_auth_method)
print("CLIENT ID: %s" % client.client_id)
print("CLIENT SECRET: %s" % client.client_secret)
print("AUTHORIZATION URL: <LIFE_MONITOR_BASE_URL>/oauth/authorize")
print("ACCESS TOKEN URL: <LIFE_MONITOR_BASE_URL>/oauth/token")
logger.debug("Client created")
