def ecommerce_profile():
logger.debug("ecommerce_profile()")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user_info = get_userinfo()
user_info2 = okta_admin.get_user(user_info["sub"])
factors = get_enrolled_factors(user_info["sub"])
if get_udp_ns_fieldname("consent") in user_info2["profile"]:
consent = user_info2["profile"][get_udp_ns_fieldname("consent")]
if consent.strip() == "":
consent = ''
session['appointment'] = "No Appointments Currently Set."
else:
consent = ''
crediturl = ''
app_info = okta_admin.get_applications_by_user_id(user_info["sub"])
for item in app_info:
if "credit Demo (Generated by UDP)" in item["label"]:
domain = urlparse(
item["settings"]["oauthClient"]["initiate_login_uri"]).netloc
crediturl = "https://" + domain
return render_template("ecommerce/profile.html",
id_token=TokenUtil.get_id_token(request.cookies),
access_token=TokenUtil.get_access_token(
request.cookies),
user_info=user_info,
user_info2=user_info2,
consent=consent,
factors=factors,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
crediturl=crediturl)
def ecommerce_approvals_get():
logger.debug("workflow_approvals()")
workflow_list = []
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_groups = okta_admin.get_user_groups(user["id"])
user_get_response = okta_admin.get_user_list_by_search(
'profile.{0} pr '.format(get_udp_ns_fieldname("access_requests")))
for list in user_get_response:
for grp in list["profile"][get_udp_ns_fieldname("access_requests")]:
group_get_response = okta_admin.get_group(id=grp)
logging.debug(group_get_response)
var = {
"requestor": list["profile"]["login"],
"request": group_get_response["profile"]["description"],
"usr_grp": {
"user_id": list["id"],
"group_id": grp
}
}
for clist in user_groups:
if grp == clist['id']:
workflow_list.append(var)
return render_template(
"{0}/workflow-approvals.html".format(get_app_vertical()),
templatename=get_app_vertical(),
workflow_list=workflow_list,
user_info=user_info,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def streamingservice_device_complete():
logger.debug("streamingservice_device_complete()")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][
"app_deviceflow_clientid"]
user_id = request.args.get('user_id')
user_app_profile = okta_admin.get_user_application_by_client_id(
user_id=user_id, client_id=client_id)
devices = []
if get_udp_ns_fieldname(
"authorized_devices") in user_app_profile["profile"]:
user_devices = user_app_profile["profile"][get_udp_ns_fieldname(
"authorized_devices")]
if user_devices is None:
devices = []
else:
devices = []
device_id = request.args.get('device_id')
devices.append(device_id)
user_data = {
"profile": {
get_udp_ns_fieldname("authorized_devices"): devices
}
}
okta_admin.update_application_user_profile_by_clientid(
user_id=user_id, app_user_profile=user_data, client_id=client_id)
return render_template("streamingservice/device_complete.html",
config=session[SESSION_INSTANCE_SETTINGS_KEY])
def streamingservice_mydevices():
logger.debug("streamingservice_mydevices()")
user_info = get_userinfo()
user_id = user_info["sub"]
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"]
user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id)
devices = []
if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]:
devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")]
if devices is None:
devices = []
else:
devices = []
logger.debug(devices)
return render_template(
"streamingservice/mydevices.html",
user_info=get_userinfo(),
devices=devices,
config=session[SESSION_INSTANCE_SETTINGS_KEY])
def ecommerce_requests_post():
logger.debug("workflow_requests_post()")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
if get_udp_ns_fieldname("access_requests") in user["profile"]:
pendingRequest = user["profile"][get_udp_ns_fieldname(
"access_requests")]
else:
pendingRequest = []
if request.form.get("request_access"):
group_id = request.form.get("request_access")
if group_id not in pendingRequest:
pendingRequest.append(group_id)
# Remove user attribute organization ( as the request has been rejected)
# organization": "[ '{id}' ]".format(id=request.form.get('location'))
user_data = {
"profile": {
get_udp_ns_fieldname("access_requests"): pendingRequest
}
}
test = okta_admin.update_user(user_id=user_id, user=user_data)
print(test)
ecommerce_emailWorkFlowRequest(group_id)
return redirect(
url_for("ecommerce_views_bp.ecommerce_requests_get",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]))
def dealer_registration_get():
logger.debug("dealer_registration()")
CONFIG_GROUP_REGULAR = get_udp_ns_fieldname(CONFIG_REGULAR)
CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN)
CONFIG_GROUP_LOCATION_STARTSWITH = get_udp_ns_fieldname(CONFIG_LOCATION)
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
setup_options = {
"type_users": [],
"dealerships": [],
"type_user_selected": request.form.get('role'),
"dealership_selected": request.form.get('location')
}
user_data = {
"profile": {
"firstName": "",
"lastName": "",
"email": "",
"login": "",
"mobilePhone": ""
}
}
try:
# Prepopulate choice for setup
# Get Group
group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_ADMIN)
for i in group_get_response:
setup_options["type_users"].append({"id": i["id"], "description": i["profile"]["description"]})
group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_REGULAR)
for i in group_get_response:
setup_options["type_users"].append({"id": i["id"], "description": i["profile"]["description"]})
group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_LOCATION_STARTSWITH)
for i in group_get_response:
setup_options["dealerships"].append({"id": i["id"], "description": i["profile"]["description"]})
# On a GET display the registration page with the defaults
return render_template(
"{0}/registration.html".format(get_app_vertical()),
templatename=get_app_vertical(),
config=session[SESSION_INSTANCE_SETTINGS_KEY],
user_data=user_data,
setup_options=setup_options,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
except Exception as e:
return render_template(
"{0}/registration.html".format(get_app_vertical()),
templatename=get_app_vertical(),
config=session[SESSION_INSTANCE_SETTINGS_KEY],
error=e,
user_data=user_data,
setup_options=setup_options,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def b2b_requests_get():
logger.debug("b2bworkflow_requests_get()")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
if get_udp_ns_fieldname("access_requests") in user["profile"]:
pendingRequest = user["profile"][get_udp_ns_fieldname(
"access_requests")]
else:
pendingRequest = []
# On a GET display the registration page with the defaults
applist = []
list_group_full = []
# Find the groups the user belongs to
get_user_groups_response = okta_admin.get_user_groups(user_id=user_id)
CONFIG_GROUP_B2B_STARTSWITH = get_udp_ns_fieldname("b2b")
for item in get_user_groups_response:
logging.debug(item)
if item["profile"]["name"].startswith(CONFIG_GROUP_B2B_STARTSWITH):
group_id = "{id}".format(id=item["id"])
applist.append(item["profile"]["name"].replace(
CONFIG_GROUP_B2B_STARTSWITH, ""))
logging.debug(applist)
get_groups = okta_admin.get_groups_by_name(get_udp_ns_fieldname(""))
for item in get_groups:
if item["profile"]["name"].startswith(CONFIG_GROUP_B2B_STARTSWITH):
if item["profile"]["name"].replace(CONFIG_GROUP_B2B_STARTSWITH,
"") not in applist:
logging.debug(item["profile"]["name"])
group_id = "{id}".format(id=item["id"])
list_group_full.append({
"id":
item["id"],
"name":
item["profile"]["name"],
"description":
item["profile"]["description"],
"status":
"Pending"
if group_id in pendingRequest else "Not Requested"
})
return render_template(
"{0}/workflow-requests.html".format(get_app_vertical()),
templatename=get_app_vertical(),
user_info=user_info,
workflow_list=list_group_full,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def healthcare_add_schedule():
logger.debug("healthcare_add_schedule")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user_id = request.form.get('user_id')
first_name = safe_get_dict(request.form, 'firstname')
last_name = safe_get_dict(request.form, 'lastname')
email = safe_get_dict(request.form, 'email')
address = safe_get_dict(request.form, 'address')
city = safe_get_dict(request.form, 'city')
state = safe_get_dict(request.form, 'state')
zip_code = safe_get_dict(request.form, 'zipCode')
country = safe_get_dict(request.form, 'country')
dob = safe_get_dict(request.form, 'dob')
hasvisited = safe_get_dict(request.form, 'hasvisited')
mobile_phone = safe_get_dict(request.form, 'mobilePhone')
gender = safe_get_dict(request.form, 'gender')
if request.form.get('datepicker'):
session['appointment'] = "Appointment set for " + request.form.get(
'datepicker') + " between the hours of " + request.form.get(
'timepicker')
user_data = {
"profile": {
"firstName": first_name,
"lastName": last_name,
"email": email,
"mobilePhone": mobile_phone,
"streetAddress": address,
"city": city,
"state": state,
"zipCode": zip_code,
"countryCode": country,
get_udp_ns_fieldname("dob"): dob,
get_udp_ns_fieldname("hasvisited"): hasvisited,
get_udp_ns_fieldname("gender"): gender,
}
}
user_update_response = okta_admin.update_user(user_id, user_data)
if "error" in user_update_response:
message = "Error During Update: " + user_update_response
else:
message = "Appointment is scheduled!"
return redirect(
url_for("healthcare_views_bp.healthcare_profile",
_external="True",
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"],
user_id=user_id,
message=message))
def ecommerce_approvals_post():
logger.debug("workflow_approvals()")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
if request.form.get("action") == "reject":
req = request.form.get("action_value")
req = req.replace("\'", "\"")
req = json.loads(req)
user_id = req["user_id"]
group_id = req["group_id"]
user_wf = okta_admin.get_user(user_id)
grps = user_wf["profile"][get_udp_ns_fieldname("access_requests")]
grps.remove(group_id)
# Remove user attribute organization ( as the request has been rejected)
user_data = {
"profile": {
get_udp_ns_fieldname("access_requests"): grps
}
}
okta_admin.update_user(user_id=user_id, user=user_data)
if request.form.get("action") == "approve":
req = request.form.get("action_value")
req = req.replace("\'", "\"")
req = json.loads(req)
user_id = req["user_id"]
group_id = req["group_id"]
# Assign user to group
okta_admin.assign_user_to_group(group_id, user_id)
user_wf = okta_admin.get_user(user_id)
grps = user_wf["profile"][get_udp_ns_fieldname("access_requests")]
grps.remove(group_id)
# Remove user attribute organization ( as the request has been rejected)
user_data = {
"profile": {
get_udp_ns_fieldname("access_requests"): grps
}
}
okta_admin.update_user(user_id=user_id, user=user_data)
return redirect(
url_for("ecommerce_views_bp.ecommerce_approvals_get",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]))
def gbac_idverification_updateidentity():
logger.debug("gbac_idverification_updateidentity")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
basicauth = OktaUtil.get_encoded_auth(
"okta", "Ry4EZf8SyxKyStLK6BqxBBLXEW4SrIo6hc0m2rR3PoI")
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Basic {0}".format(basicauth)
}
evident_id = user["profile"][get_udp_ns_fieldname("evident_id")]
response = RestUtil.execute_get(
"https://verify.api.demo.evidentid.com/api/v1/verify/requests/{0}".
format(evident_id),
headers=headers)
now = datetime.datetime.now()
# dd/mm/YY H:M:S
verifydate = now.strftime("%d/%m/%Y %H:%M:%S")
user_data = {
"profile": {
get_udp_ns_fieldname("last_verified_date"): str(verifydate)
}
}
status = ""
for item in response["attributes"]:
status = item["status"]
if status == "pending":
break
if item["type"] == "core.firstname":
user_data["profile"]["firstName"] = item["values"][0]
if item["type"] == "core.lastname":
user_data["profile"]["lastName"] = item["values"][0]
if item["type"] == "core.address.zipcode":
user_data["profile"]["zipCode"] = item["values"][0]
if item["type"] == "core.address.city":
user_data["profile"]["city"] = item["values"][0]
if item["type"] == "core.address.state":
user_data["profile"]["state"] = item["values"][0]
if status == "pending":
return status
else:
logging.debug(user_data)
okta_admin.update_user(user["id"], user_data)
return response
def gbac_idverification_getverificationcode():
logger.debug("gbac_idverification_bp")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
evidenttoken = ""
basicauth = OktaUtil.get_encoded_auth("okta", "Ry4EZf8SyxKyStLK6BqxBBLXEW4SrIo6hc0m2rR3PoI")
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Basic {0}".format(basicauth)
}
my_str = user["profile"]["email"]
idx = my_str.index("@")
email = my_str[:idx] + str(time.time()) + my_str[idx:]
body = {
"email": email,
"templateId": "1ce55f4e-7bb2-4907-9643-dc61f1f04f4d"
}
response = RestUtil.execute_post(" https://verify.api.demo.evidentid.com/api/v1/verify/requests", headers=headers, body=body)
evidenttoken = response["userIdentityToken"]
user_data = {"profile": {get_udp_ns_fieldname("evident_id"): response["id"]}}
okta_admin.update_user(user["id"], user_data)
return evidenttoken
def gbac_idverification_isverified():
logger.debug("gbac_idverification_isverified")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
verified_date = user["profile"][get_udp_ns_fieldname("last_verified_date")]
return verified_date
def emailRegistration(self, recipient, token):
logger.debug("emailRegistration()")
CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN)
app_title = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_name"]
activation_link = url_for(
"dealer_views_bp.dealer_registration_state_get",
stateToken=token,
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
subject = "Welcome to the {app_title}".format(app_title=session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_name"])
# Send Activation Email to the user
message = """
Welcome to the {app_title}! Click this link to activate your account <br />
<a href='{activation_link}'>{activation_link}</a>).
""".format(app_title=app_title, activation_link=activation_link)
Email.send_mail(subject=subject, message=message, recipients=[recipient])
# Send Activation Email to the Admin
subject_admin = "Registration Activation request for user {user}".format(user=request.form.get('email'))
message_admin = """
A new user has registered. His request is awaiting your approval.
Click this link to log into your account <br />
<a href='{activation_link}'>{activation_link}</a> to review the request
""".format(
activation_link=url_for(
"dealer_views_bp.workflow_approvals_get",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]))
return self.emailAllMembersOfGroup(group_name=CONFIG_GROUP_ADMIN, subject=subject_admin, message=message_admin)
def dealer_myapps_get():
logger.debug("dealer_myapps_get()")
CONFIG_GROUP_LOCATION_STARTSWITH = "{0}_".format(get_udp_ns_fieldname(CONFIG_LOCATION))
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
location = ""
# Find the groups the user belongs to and find the description of the _LOC_* group
get_user_groups_response = okta_admin.get_user_groups(user_id=user_id)
for item in get_user_groups_response:
if item["profile"]["name"].startswith(CONFIG_GROUP_LOCATION_STARTSWITH):
location = item["profile"]["description"]
get_apps_response = okta_admin.get_applications_by_user_id(user_id)
return render_template(
"{0}/myapps.html".format(get_app_vertical()),
templatename=get_app_vertical(),
user_info=user_info,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
location=location,
apps=get_apps_response,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def ecommerce_accept_terms():
logger.debug("ecommerce_accept_terms()")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
now = datetime.datetime.now()
# dd/mm/YY H:M:S
consent = now.strftime("%d/%m/%Y %H:%M:%S")
user_data = {"profile": {get_udp_ns_fieldname("consent"): consent}}
user_update_response = okta_admin.update_user(user_id, user_data)
if user_update_response:
message = "Thank you for completing the Consent Form."
else:
message = "Error During consent"
return redirect(
url_for(
"ecommerce_views_bp.ecommerce_profile",
_external="True",
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"],
user_id=user_id,
message=message))
def streamingservice_device_complete():
logger.debug("streamingservice_device_complete()")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"]
user_id = request.args.get('user_id')
if user_id is not None:
user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id)
devices = []
if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]:
devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")]
if devices is None:
devices = []
else:
devices = []
device_id = request.args.get('device_id')
devices.append(device_id)
user_data = {
"profile": {
get_udp_ns_fieldname("authorized_devices"): devices
}
}
okta_admin.update_application_user_profile_by_clientid(user_id=user_id, app_user_profile=user_data, client_id=client_id)
url = "https://sngfyrr4b2.execute-api.us-east-2.amazonaws.com/default/prd-zartan-devicetoken?device_code=" + request.args.get('device_code')
headers = {
"x-api-key": session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["aws_api_key"],
}
s3response = RestUtil.execute_get(url, headers=headers)
del s3response['device_id']
del s3response['device_code']
return render_template(
"streamingservice/device_complete.html",
config=session[SESSION_INSTANCE_SETTINGS_KEY],
deviceinfo=json.dumps(s3response, sort_keys=True, indent=4))
else:
redirect_url = url_for(
"streamingservice_views_bp.streamingservice_device_activate",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
return redirect(redirect_url)
def workflow_approvals_get():
logger.debug("workflow_approvals()")
CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN)
workflow_list = []
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
# On a GET display the registration page with the defaults
admin_groups = okta_admin.get_user_groups(user_id)
admin_group_id = ""
# Must be an admin
for item in admin_groups:
if item["profile"]["name"] == CONFIG_GROUP_ADMIN:
admin_group_id = item["id"]
if admin_group_id:
# access_requests attribute contains workflow request
# 'profile.access_requests eq pr"
user_get_response = okta_admin.get_user_list_by_search(
'profile.{0} pr '.format(get_udp_ns_fieldname("access_requests")))
for list in user_get_response:
for grp in list["profile"][get_udp_ns_fieldname(
"access_requests")]:
group_get_response = okta_admin.get_group(id=grp)
var = {
"requestor": list["profile"]["login"],
"request": group_get_response["profile"]["description"],
"usr_grp": {
"user_id": list["id"],
"group_id": grp
}
}
workflow_list.append(var)
return render_template(
"{0}/workflow-approvals.html".format(get_app_vertical()),
templatename=get_app_vertical(),
workflow_list=workflow_list,
user_info=user_info,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
else:
return "ERROR: Unauthorized", 401
def developer_api():
logger.debug("developer_api()")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user_info = get_userinfo()
user_info2 = okta_admin.get_user(user_info["sub"])
production = user_info2["profile"][get_udp_ns_fieldname("production")]
return render_template("developer/api.html",
user_info=user_info,
user_info2=user_info2,
production=production,
config=session[SESSION_INSTANCE_SETTINGS_KEY])
def healthcare_schedule():
logger.debug("healthcare_schedule")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
dob = ""
gender = ""
if get_udp_ns_fieldname("dob") in user["profile"]:
dob = user["profile"][get_udp_ns_fieldname("dob")]
if get_udp_ns_fieldname("gender") in user["profile"]:
gender = user["profile"][get_udp_ns_fieldname("gender")]
return render_template(
"healthcare/schedule.html",
id_token=TokenUtil.get_id_token(request.cookies),
access_token=TokenUtil.get_access_token(request.cookies),
user_info=get_userinfo(),
user_info2=user,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
dob=dob,
gender=gender)
def emailWorkFlowRequest(self):
logger.debug("emailWorkFlowRequest()")
CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN)
activation_link = url_for("dealer_views_bp.workflow_approvals_get", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
# Send Activation Email to the Admin
subject_admin = "A workflow request was received"
message_admin = """
A new request for access was received. The request is awaiting your approval.
Click this link to log into your account <br />
<a href='{activation_link}'>{activation_link}</a> to review the request"
""".format(activation_link=activation_link)
return self.emailAllMembersOfGroup(group_name=CONFIG_GROUP_ADMIN, subject=subject_admin, message=message_admin)
def healthcare_profile():
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
if get_udp_ns_fieldname("consent") in user["profile"]:
logging.debug(user)
consent = user["profile"][get_udp_ns_fieldname("consent")]
logging.debug(consent)
if consent.strip() == "":
consent = ''
session['appointment'] = "No Appointments Currently Set."
else:
consent = ''
logging.debug(consent)
factors = get_enrolled_factors(user["id"])
id_token = TokenUtil.get_id_token(request.cookies)
patientid = TokenUtil.get_single_claim_from_token(id_token, "extPatientId")
is_evident_validated = ""
if get_udp_ns_fieldname("is_evident_validated") in user["profile"]:
is_evident_validated = user["profile"][get_udp_ns_fieldname(
"is_evident_validated")]
return render_template("healthcare/profile.html",
id_token=TokenUtil.get_id_token(request.cookies),
access_token=TokenUtil.get_access_token(
request.cookies),
user_info=get_userinfo(),
user_info2=user,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
consent=consent,
factors=factors,
patientid=patientid,
is_evident_validated=is_evident_validated)
def streamingservice_removedevice():
logger.debug("streamingservice_removedevice()")
user_info = get_userinfo()
user_id = user_info["sub"]
device_id = request.args.get('device_id')
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"]
user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id)
devices = []
if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]:
devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")]
if devices is None:
devices = []
else:
devices.remove(device_id)
else:
devices = []
user_data = {
"profile": {
get_udp_ns_fieldname("authorized_devices"): devices
}
}
okta_admin.update_application_user_profile_by_clientid(user_id=user_id, app_user_profile=user_data, client_id=client_id)
redirect_url = url_for(
"streamingservice_views_bp.streamingservice_mydevices",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
return redirect(redirect_url)
def healthcare_accept_terms():
logger.debug("healthcare_accept_terms()")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
now = datetime.datetime.now()
# dd/mm/YY H:M:S
consent = now.strftime("%d/%m/%Y %H:%M:%S")
user_data = {"profile": {get_udp_ns_fieldname("consent"): consent}}
user_update_response = okta_admin.update_user(user_id, user_data)
logger.debug(user_update_response)
return redirect(
url_for("healthcare_views_bp.healthcare_profile",
_external="True",
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"],
user_id=user_id))
def ecommerce_clear_consent(userid):
logger.debug("ecommerce_clear_consent")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user_data = {"profile": {
get_udp_ns_fieldname("consent"): "",
}}
user_update_response = okta_admin.update_user(userid, user_data)
if "error" in user_update_response:
message = "Error During Update: " + user_update_response
else:
message = ""
return redirect(
url_for(
"ecommerce_views_bp.ecommerce_profile",
_external="True",
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"],
user_id=userid,
message=message))
def ecommerce_user_update():
logger.debug("ecommerce_user_update")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user_id = request.form.get('user_id')
logging.debug(request.form.to_dict())
first_name = safe_get_dict(request.form, 'firstname')
last_name = safe_get_dict(request.form, 'lastname')
email = safe_get_dict(request.form, 'email')
mobile_phone = safe_get_dict(request.form, 'mobilePhone')
consent = safe_get_dict(request.form, 'nconsent')
user_data = {
"profile": {
"firstName": first_name,
"lastName": last_name,
"email": email,
"mobilePhone": mobile_phone,
get_udp_ns_fieldname("consent"): consent,
}
}
logging.debug(user_data)
user_update_response = okta_admin.update_user(user_id, user_data)
logging.debug(user_update_response)
if "error" in user_update_response:
message = "Error During Update: " + user_update_response
else:
message = "User Updated!"
return redirect(
url_for("ecommerce_views_bp.ecommerce_profile",
_external="True",
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"],
user_id=user_id,
message=message))
def ecommerce_requests_get():
logger.debug("workflow_requests_get()")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
if get_udp_ns_fieldname("access_requests") in user["profile"]:
pendingRequest = user["profile"][get_udp_ns_fieldname(
"access_requests")]
else:
pendingRequest = []
workflow_list = []
# On a GET display the registration page with the defaults
list_group_user = []
list_group_full = []
# Find the groups the user belongs to
get_user_groups_response = okta_admin.get_user_groups(user_id=user_id)
CONFIG_GROUP_EMPLOYEE_STARTSWITH = get_udp_ns_fieldname("employee")
CONFIG_GROUP_BUYER_STARTSWITH = get_udp_ns_fieldname("buyer")
print(CONFIG_GROUP_BUYER_STARTSWITH)
companylist = []
buyerlist = []
for item in get_user_groups_response:
if item["profile"]["name"].startswith(
CONFIG_GROUP_EMPLOYEE_STARTSWITH):
group_id = "{id}".format(id=item["id"])
companylist.append(item["profile"]["name"].replace(
CONFIG_GROUP_EMPLOYEE_STARTSWITH, ""))
for item in get_user_groups_response:
if item["profile"]["name"].startswith(CONFIG_GROUP_BUYER_STARTSWITH):
group_id = "{id}".format(id=item["id"])
buyerlist.append(item["profile"]["name"].replace(
CONFIG_GROUP_BUYER_STARTSWITH, ""))
get_groups = okta_admin.get_groups_by_name(get_udp_ns_fieldname(""))
for item in get_groups:
if item["profile"]["name"].replace(CONFIG_GROUP_BUYER_STARTSWITH,
"") in companylist:
if item["profile"]["name"].replace(CONFIG_GROUP_BUYER_STARTSWITH,
"") not in buyerlist:
group_id = "{id}".format(id=item["id"])
list_group_full.append({
"id":
item["id"],
"name":
item["profile"]["name"],
"description":
item["profile"]["description"],
"status":
"Pending"
if group_id in pendingRequest else "Not Requested"
})
# Populate the workflow list with groups that the user is absent in
set_list1 = set(tuple(sorted(d.items())) for d in list_group_full)
set_list2 = set(tuple(sorted(d.items())) for d in list_group_user)
set_difference = set_list1 - set_list2
for tuple_element in set_difference:
workflow_list = list_group_full
return render_template(
"{0}/workflow-requests.html".format(get_app_vertical()),
templatename=get_app_vertical(),
user_info=user_info,
workflow_list=workflow_list,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def dealer_registration_post():
logger.debug("dealer_registration()")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
setup_options = {
"type_users": [],
"dealerships": [],
"type_user_selected": request.form.get('role'),
"dealership_selected": request.form.get('location')
}
# Prepopulate
user_data = {
"profile": {
"firstName": request.form.get('firstname'),
"lastName": request.form.get('lastname'),
"email": request.form.get('email'),
"login": request.form.get('email'),
"mobilePhone": request.form.get('phonenumber'),
get_udp_ns_fieldname("access_requests"): ['{id}'.format(id=request.form.get('location'))]
},
"credentials": {
"password": {"value": request.form.get('password')}
},
"groupIds": []
}
user_data["groupIds"].append(setup_options["type_user_selected"])
user_create_response = okta_admin.create_user(user_data, activate_user=False)
if "errorCode" in user_create_response:
CONFIG_GROUP_REGULAR = get_udp_ns_fieldname(CONFIG_REGULAR)
CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN)
CONFIG_GROUP_LOCATION_STARTSWITH = get_udp_ns_fieldname(CONFIG_LOCATION)
# Prepopulate choice for setup
# Get Group
group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_ADMIN)
for i in group_get_response:
setup_options["type_users"].append({"id": i["id"], "description": i["profile"]["description"]})
group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_REGULAR)
for i in group_get_response:
setup_options["type_users"].append({"id": i["id"], "description": i["profile"]["description"]})
group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_LOCATION_STARTSWITH)
for i in group_get_response:
setup_options["dealerships"].append({"id": i["id"], "description": i["profile"]["description"]})
return render_template(
"{0}/registration.html".format(get_app_vertical()),
templatename=get_app_vertical(),
config=session[SESSION_INSTANCE_SETTINGS_KEY],
error=user_create_response,
user_data=user_data,
setup_options=setup_options)
# Send Activation Email to the user
EmailServices().emailRegistration(
recipient={"address": request.form.get('email')},
token=user_create_response["id"])
return render_template(
"{0}/registration-completion.html".format(get_app_vertical()),
templatename=get_app_vertical(),
config=session[SESSION_INSTANCE_SETTINGS_KEY],
email=request.form.get('email'),
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def workflow_requests_get():
logger.debug("workflow_requests_get()")
CONFIG_GROUP_LOCATION_STARTSWITH = get_udp_ns_fieldname(CONFIG_LOCATION)
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
if get_udp_ns_fieldname("access_requests") in user["profile"]:
pendingRequest = user["profile"][get_udp_ns_fieldname("access_requests")]
else:
pendingRequest = []
workflow_list = []
# On a GET display the registration page with the defaults
list_group_user = []
list_group_full = []
is_user_dealership = False
# Find the groups the user belongs to
get_user_groups_response = okta_admin.get_user_groups(user_id=user_id)
for item in get_user_groups_response:
if item["profile"]["name"].startswith(CONFIG_GROUP_LOCATION_STARTSWITH):
is_user_dealership = True
if item["profile"]["name"] != "Everyone": # Ignore the Everyone group
group_id = "{id}".format(id=item["id"])
list_group_user.append({"id": item["id"],
"name": item["profile"]["name"],
"description": item["profile"]["description"],
"status": "Pending" if group_id in pendingRequest else "Not Requested"})
# If not a user of a dealership, cannot request access to applications
if is_user_dealership:
# Find the groups for this portal that start with name "DEALER_"
get_groups = okta_admin.get_groups_by_name(get_udp_ns_fieldname(""))
for item in get_groups:
group_id = "{id}".format(id=item["id"])
list_group_full.append({"id": item["id"],
"name": item["profile"]["name"],
"description": item["profile"]["description"],
"status": "Pending" if group_id in pendingRequest else "Not Requested"})
# Populate the workflow list with groups that the user is absent in
set_list1 = set(tuple(sorted(d.items())) for d in list_group_full)
set_list2 = set(tuple(sorted(d.items())) for d in list_group_user)
set_difference = set_list1 - set_list2
for tuple_element in set_difference:
workflow_list.append(dict((x, y) for x, y in tuple_element))
return render_template(
"{0}/workflow-requests.html".format(get_app_vertical()),
templatename=get_app_vertical(),
user_info=user_info,
workflow_list=workflow_list,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
else: # If not a user of a dealership, cannot request access to applications
return render_template(
"{0}/workflow-requests.html".format(get_app_vertical()),
templatename=get_app_vertical(),
user_info=user_info,
error="You have not been assigned to a dealership. Only users of a dealership can request access to applications",
config=session[SESSION_INSTANCE_SETTINGS_KEY],
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def streamingservice_token_check():
logger.debug("streamingservice_token_check()")
access_token = request.form['access_token']
id_token = request.form['id_token']
refresh_token = request.form['refresh_token']
device_id = request.form['device_id']
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][
"app_deviceflow_clientid"]
client_secret = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][
"app_deviceflow_clientsecret"]
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
okta_auth = OktaAuth(session[SESSION_INSTANCE_SETTINGS_KEY])
isactiveID = okta_auth.introspect_with_clientid(
id_token,
client_id=client_id,
client_secret=client_secret,
token_type_hint="idtoken")
if isactiveID["active"]:
id_token_info = TokenUtil.get_claims_from_token(id_token)
user_app_profile = okta_admin.get_user_application_by_client_id(
user_id=id_token_info["sub"], client_id=client_id)
if get_udp_ns_fieldname(
"authorized_devices") in user_app_profile["profile"]:
devices = user_app_profile["profile"][get_udp_ns_fieldname(
"authorized_devices")]
if device_id in devices:
isactiveAT = okta_auth.introspect_with_clientid(
access_token,
client_id=client_id,
client_secret=client_secret,
token_type_hint="access_token")
if isactiveAT["active"]:
response = "true"
else:
isactiveRT = okta_auth.introspect_with_clientid(
refresh_token,
client_id=client_id,
client_secret=client_secret,
token_type_hint="refresh_token")
if isactiveRT['active']:
logging.debug("get new AT")
responseurl = url_for(
"streamingservice_views_bp.streamingservice_devicepage",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]
["app_scheme"])
tokens = okta_auth.get_oauth_token_from_refresh_token(
headers=None,
refresh_token=refresh_token,
client_id=client_id,
client_secret=client_secret,
grant_type="refresh_token",
redirect_uri=responseurl,
scopes="openid profile email offline_access")
response = tokens
else:
response = "false"
else:
response = "false"
else:
response = "false"
else:
response = "false"
return response
