def handle_request(self, request, session): """ :param DisableUserCallbackRequest request: :param Session session: :rtype: flask.Response """ if SID_COOKIE_NAME not in flask_request.cookies: return redirect(FRONTEND_URL, code=307) sid = flask_request.cookies[SID_COOKIE_NAME] user = get_user(sid) if user is not None and request.disable: self.disable_user(user, session) self.cancel_agreements(user, session) self.disable_account_service_user(user) self.disable_data_service_meteringpoints(user) response = redirect(f'{PROJECT_URL}/auth/logout', code=307) response.delete_cookie(SID_COOKIE_NAME, domain=urlparse(FRONTEND_URL).netloc) response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate' response.headers['Pragma'] = 'no-cache' response.headers['Expires'] = '0' response.headers['Cache-Control'] = 'public, max-age=0' else: response = redirect(FRONTEND_URL, code=307) return response
def handle_request(self): """ :rtype: flask.Response """ response = make_response(redirect(backend.get_logout_url(), code=307)) response.delete_cookie(SID_COOKIE_NAME, domain=urlparse(FRONTEND_URL).netloc) return response
def handle_request(self): """ :rtype: flask.Response """ return_url = f'{PROJECT_URL}/auth/disable-user/callback' url = f'{IDENTITY_SERVICE_DISABLE_USER_URL}?return_url={return_url}' return redirect(url, code=307)
def handle_request(self): """ :rtype: flask.Response """ return_url = f'{PROJECT_URL}/auth/edit-profile/callback' url = f'{IDENTITY_SERVICE_EDIT_PROFILE_URL}?return_url={return_url}' return redirect(url, code=307)
def handle_request(self, request): """ :param LoginRequest request: :rtype: flask.Response """ if request.return_url: return_url = request.return_url else: return_url = FRONTEND_URL login_url, state = backend.register_login_state() redis.set(state, return_url, ex=3600) return redirect(login_url, code=307)
def handle_request(self, request, user): """ :param ErrorRequest request: :param User user: :rtype: flask.Response """ logger.error("An error occurred on Hydra.", { 'error': request.error, 'error_description': request.error_description, 'error_hint': request.error_hint, 'subject': user.sub }) return redirect(FRONTEND_URL, code=307)
def handle_request(self, request, session): """ :param VerifyLoginCallbackRequest request: :param Session session: :rtype: flask.Response """ return_url = redis.get(request.state) if return_url is None: raise BadRequest('Click back in your browser') else: return_url = return_url.decode() redis.delete(request.state) if request.error: logger.error(f'Got login callback with ERROR', extra={ 'scope': str(request.scope), 'code': request.code, 'state': request.state, 'error': str(request.error), 'error_hint': str(request.error_hint), 'error_description': str(request.error_description), }) return redirect(return_url, 303) # Fetch token try: token = backend.fetch_token(request.code, request.state) except: logger.exception(f'Failed to fetch token', extra={ 'scope': str(request.scope), 'code': request.code, 'state': request.state, }) return self.redirect_to_failure(return_url) # Extract data from token id_token = backend.get_id_token(token) # No id_token means the user declined to give consent if id_token is None: return self.redirect_to_failure(return_url) expires = datetime \ .fromtimestamp(token['expires_at']) \ .replace(tzinfo=timezone.utc) # Lookup user from "subject" user = UserQuery(session) \ .is_active() \ .has_sub(id_token['sub']) \ .one_or_none() if user is None: logger.info(f'User login: Creating new user and subscribing to webhooks', extra={ 'subject': id_token['sub'], }) self.create_new_user(token, id_token, expires, session) datahub.webhook_on_measurement_published_subscribe(token['access_token']) datahub.webhook_on_meteringpoint_available_subscribe(token['access_token']) account.webhook_on_ggo_received_subscribe(token['access_token']) else: logger.info(f'User login: Updating tokens for existing user', extra={ 'subject': id_token['sub'], }) self.update_user_attributes(user, token, expires) # Save session in Redis redis.set(id_token['sid'], id_token['sub'], ex=token['expires_at']) # Create HTTP response response = redirect(f'{ACCOUNT_SERVICE_LOGIN_URL}?returnUrl={return_url}', 303) response.set_cookie(SID_COOKIE_NAME, id_token['sid'], domain=urlparse(FRONTEND_URL).netloc) response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate' response.headers['Pragma'] = 'no-cache' response.headers['Expires'] = '0' response.headers['Cache-Control'] = 'public, max-age=0' return response
def handle_request(self): """ :rtype: flask.Response """ return redirect('/auth/login', code=307)
def handle_request(self): """ :rtype: flask.Response """ url = f'{IDENTITY_SERVICE_EDIT_CLIENTS_URL}?return_url={FRONTEND_URL}' return redirect(url, code=307)
def redirect_to_failure(self, return_url): """ :param str return_url: :rtype: flask.Response """ return redirect(f'{return_url}?success=0', code=307)