def init_app(app): app.client_config["saml_auth"] = False if app.config.get("SAML_PATH"): assert imported, "onelogin module is not available" app.client_config["saml_auth"] = True app.client_config["saml_label"] = app.config["SAML_LABEL"] superdesk.blueprint(bp, app)
def init_app(app): oauth = OAuth(app) app.client_config['google_auth'] = False if app.config.get('GOOGLE_CLIENT_ID') and app.config.get('GOOGLE_CLIENT_SECRET'): app.client_config['google_auth'] = True configure_google(app, oauth) superdesk.blueprint(bp, app)
def init_app(app): app.locators = LocatorIndex() superdesk.blueprint(bp, app) _locators_file_path = app.config.get( "LOCATORS_DATA_FILE", os.path.join(os.path.dirname(os.path.realpath(__file__)), "data", "locators.json") ) app.locators.register(_load_json(_locators_file_path))
def init_app(app): app.client_config['saml_auth'] = False if app.config.get('SAML_PATH'): assert imported, 'onelogin module is not available' app.client_config['saml_auth'] = True app.client_config['saml_label'] = app.config['SAML_LABEL'] superdesk.blueprint(bp, app)
def init_app(app): app.locators = LocatorIndex() superdesk.blueprint(bp, app) _locators_file_path = app.config.get( 'LOCATORS_DATA_FILE', os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data', 'locators.json') ) app.locators.register(_load_json(_locators_file_path))
def init_app(app): oauth = OAuth(app) app.client_config['google_auth'] = False if app.config.get('GOOGLE_CLIENT_ID') and app.config.get( 'GOOGLE_CLIENT_SECRET'): app.client_config['google_auth'] = True configure_google(app, oauth) superdesk.blueprint(bp, app)
def init_app(app): endpoint_name = 'upload' service = UploadService(endpoint_name, backend=superdesk.get_backend()) UploadResource(endpoint_name, app=app, service=service) superdesk.blueprint(bp, app) app.upload_url = upload_url # Using intrinsic privilege so that any user can update their profile Avatar # This still restricts this endpoint to logged in users only superdesk.intrinsic_privilege(resource_name='upload', method=['POST'])
def init_app(app: Eve): client = get_sams_client(app) app.on_session_end -= unlock_assets_on_logout app.on_session_end += unlock_assets_on_logout @assets_bp.before_request @destinations_bp.before_request @sets_bp.before_request @blueprint_auth() def before_request(): """ Add authentication before request to all blueprint """ pass @assets_bp.after_request @destinations_bp.after_request @sets_bp.after_request def after_request(response): response.headers.set("Access-Control-Allow-Origin", "*") response.headers.set("Access-Control-Allow-Headers", "*") response.headers.set("Access-Control-Allow-Methods", "*") return response superdesk.blueprint(destinations_bp, app, client=client) superdesk.blueprint(sets_bp, app, client=client) superdesk.blueprint(assets_bp, app, client=client) superdesk.privilege( name="sams", label=_("Sams"), description=_( "Access to the SAMS management page (and to upload assets etc)")) superdesk.privilege(name="sams_manage", label=_("Sams manage"), description=_("Allows management of SAMS Sets etc")) superdesk.privilege(name="sams_manage_assets", label=_("SAMS Manage Assets"), description=_("Allows management of SAMS Assets"))
def init_app(app): superdesk.blueprint(bp, app) app.upload_url = upload_url
def configure_google(app, extra_scopes: Optional[List[str]] = None, refresh: bool = False) -> None: scopes = ["openid", "email", "profile"] token_url_id_queue = [] if extra_scopes: scopes.extend(extra_scopes) kwargs = {} if refresh: kwargs["authorize_params"] = {"access_type": "offline"} oauth.register( # type: ignore # mypy seems confused with this global oauth "google", server_metadata_url= "https://accounts.google.com/.well-known/openid-configuration", client_kwargs={"scope": " ".join(scopes)}, **kwargs, ) @bp.route("/login/google") @bp.route("/login/google/<url_id>") def google_login(url_id=None): """Redirect to google OAuth authorization page :param url_id: used to identify the token if OAuth is used for Superdesk login, url_id is None. Otherwise, it is used to associate the token with the provider needing it """ token_url_id_queue.append(url_id) redirect_uri = url_for(".google_authorized", _external=True) return oauth.google.authorize_redirect(redirect_uri) @bp.route("/login/google_authorized") def google_authorized(): token_id = token_url_id_queue.pop() if token_url_id_queue else None token = oauth.google.authorize_access_token() if not token: return render_template(TEMPLATE, data={}) if token_id else auth_user() user = oauth.google.parse_id_token(token) if token_id: # token_id is used to link token with provider, we need to store the token # in this case, to be able to use it and refresh later without user interaction oauth2_token_service = superdesk.get_resource_service( "oauth2_token") if token.get("refresh_token"): oauth2_token_service.post( [token2dict(token_id, user["email"], token)]) else: # we have no refresh_token, that probably means that's it not the first time that we log in # with OAuth (refresh token is only returned on first token exchange). We should already have # a token in database, let's check it. current_token = oauth2_token_service.find_one(req=None, _id=token_id) if current_token: if current_token["access_token"] != token["access_token"]: # we have a new access_token, we update it, but we want to keep existing refresh_token token_dict = token2dict(token_id, user["email"], token) oauth2_token_service.update( token_id, { "access_token": token_dict["access_token"], "expires_at": token_dict["expires_at"] }, current_token, ) else: logger.warning( "No refresh token received, that probably means that it's not the first time login is " "requested. Please remove granted permission to Superdesk in Google settings (under " '"security/Third-party apps with account access") then try to log-in again' ) return render_template(TEMPLATE, data={}) else: # no token_id, OAuth is only used for log-in return auth_user(user["email"], {"needs_activation": False}) superdesk.blueprint(bp, app)
def init_app(app) -> None: app.subjects = SubjectIndex() superdesk.blueprint(bp, app)
def init_app(app): app.subjects = SubjectIndex() superdesk.blueprint(bp, app)
def init_app(app): endpoint_name = 'planning_download' superdesk.blueprint(bp, app) service = superdesk.Service(endpoint_name, backend=superdesk.get_backend()) PlanningDownloadResource(endpoint_name, app=app, service=service)
def init_app(app): endpoint_name = 'upload' service = UploadService(endpoint_name, backend=superdesk.get_backend()) UploadResource(endpoint_name, app=app, service=service) superdesk.blueprint(bp, app) app.upload_url = upload_url
def init_app(app): endpoint_name = 'download' app.download_url = download_url superdesk.blueprint(bp, app) service = BaseService(endpoint_name, backend=superdesk.get_backend()) DownloadResource(endpoint_name, app=app, service=service)
def init_app(app) -> None: superdesk.blueprint(bp, app)
def init_app(app): superdesk.blueprint(bp)
def init_app(app): oauth2.config_oauth(app) superdesk.register_resource('auth_server_clients', AuthServerClientsResource, AuthServerClientsService) superdesk.blueprint(oauth2.bp, app)
def init_app(app): superdesk.blueprint(bp, app)
# Copyright 2013, 2015 Sourcefabric z.u. and contributors. # # For the full copyright and license information, please see the # AUTHORS and LICENSE files distributed with this source code, or # at https://www.sourcefabric.org/superdesk/license """Assets module""" import logging import superdesk from content_api.errors import FileNotFoundError from werkzeug.wsgi import wrap_file from flask import request, current_app as app bp = superdesk.Blueprint('assets', __name__) superdesk.blueprint(bp) logger = logging.getLogger(__name__) cache_for = 3600 * 24 * 1 # 1d cache @bp.route('/assets/<path:media_id>/raw', methods=['GET']) def get_media_streamed(media_id): media_file = app.media.get(media_id, 'items') if media_file: data = wrap_file(request.environ, media_file, buffer_size=1024 * 256) response = app.response_class( data, mimetype=media_file.content_type, direct_passthrough=True) response.content_length = media_file.length response.last_modified = media_file.upload_date
def init_app(app) -> None: endpoint_name = "download" app.download_url = download_url superdesk.blueprint(bp, app) service = BaseService(endpoint_name, backend=superdesk.get_backend()) DownloadResource(endpoint_name, app=app, service=service)
"""Upload module""" import logging import superdesk from eve.utils import config from superdesk import SuperdeskError from .resource import Resource from .services import BaseService from flask import url_for, Response, current_app as app, json from superdesk.media.renditions import generate_renditions, delete_file_on_error from superdesk.media.media_operations import download_file_from_url, process_file_from_stream, \ crop_image, decode_metadata, download_file_from_encoded_str bp = superdesk.Blueprint('upload_raw', __name__) superdesk.blueprint(bp) logger = logging.getLogger(__name__) @bp.route('/upload/<path:media_id>/raw', methods=['GET']) def get_upload_as_data_uri(media_id): media_file = app.media.get(media_id) if media_file: return Response(media_file.read(), mimetype=media_file.content_type) raise SuperdeskError(status_code=404, payload='File not found on media storage.') def url_for_media(media_id): return url_for('upload_raw.get_upload_as_data_uri', media_id=media_id, _external=True, _schema=superdesk.config.URL_PROTOCOL)
def init_app(app): app.client_config['saml_auth'] = False if app.config.get('SAML_PATH'): app.client_config['saml_auth'] = True app.client_config['saml_label'] = app.config['SAML_LABEL'] superdesk.blueprint(bp, app)