def add_workflow_registry(type, name,
client_id, client_secret, client_auth_method="client_secret_post",
api_base_url=None, redirect_uris=None) -> models.WorkflowRegistry:
try:
# At the moment client_credentials of registries
# are associated with the admin account
user = User.find_by_username("admin")
if not user:
raise lm_exceptions.EntityNotFoundException(User, entity_id="admin")
server_credentials = providers.new_instance(provider_type=type,
name=name,
client_id=client_id,
client_secret=client_secret,
api_base_url=api_base_url)
client_credentials = \
server.create_client(user, name, server_credentials.api_base_url,
['client_credentials', 'authorization_code', 'refresh_token'],
["code", "token"],
"read write",
redirect_uris.split(',')
if isinstance(redirect_uris, str)
else redirect_uris,
client_auth_method, commit=False)
registry = models.WorkflowRegistry.new_instance(type, client_credentials, server_credentials)
registry.save()
logger.debug(f"WorkflowRegistry '{name}' (type: {type})' created: {registry}")
return registry
except providers.OAuth2ProviderNotSupportedException as e:
raise lm_exceptions.WorkflowRegistryNotSupportedException(exception=e)
def create_authorization_code_flow_client(_admin_user, _is_registry=False):
from lifemonitor.auth.oauth2.server import server
client = server.create_client(
_admin_user, "test_code_flow", _fake_callback_uri(),
['authorization_code', 'token', 'id_token'], ["code", "token"],
registry_code_flow_scopes() if _is_registry else
auth_code_flow_scopes(), _fake_callback_uri(), "client_secret_post")
logger.debug("Registered client: %r", client)
return client
def create_client_credentials(client_name, client_uri, client_auth_method,
scope, username):
"""
Create a OAuth2 client with 'client_credentials' grant
"""
user = User.find_by_username(username)
logger.debug("USERNAME: %r", username)
if not user:
print("User not found", file=sys.stderr)
sys.exit(99)
logger.debug("User found: %r", user)
client = server.create_client(user, client_name, client_uri,
'client_credentials', ["token"], scope, "",
client_auth_method)
print("CLIENT ID: %s" % client.client_id)
print("CLIENT SECRET: %s" % client.client_secret)
print("ACCESS TOKEN URL: <LIFE_MONITOR_BASE_URL>/oauth/token")
logger.debug("Client created")
def create_client_oauth_code(client_name, client_uri, client_redirect_uri,
client_auth_method, scope, username):
"""
Create a OAuth2 client with 'authorization_code' grant
"""
user = User.find_by_username(username)
logger.debug("USERNAME: %r", username)
if not user:
print("User not found", file=sys.stderr)
sys.exit(99)
logger.debug("User found: %r", user)
client = server.create_client(user, client_name, client_uri,
['authorization_code', 'token', 'id_token'],
["code", "token"], scope,
client_redirect_uri, client_auth_method)
print("CLIENT ID: %s" % client.client_id)
print("CLIENT SECRET: %s" % client.client_secret)
print("AUTHORIZATION URL: <LIFE_MONITOR_BASE_URL>/oauth/authorize")
print("ACCESS TOKEN URL: <LIFE_MONITOR_BASE_URL>/oauth/token")
logger.debug("Client created")
