def oidc_login(): auth_obj = AuthSourceManager(None, ['oidc']) print("Logging auth_obj") print(auth_obj) session['_auth_source_manager_obj'] = auth_obj.as_dict() print("added _auth_source_manager_obj to session") oidc_auth_source = get_auth_sources("oidc") print("Logging oidc_auth_source") print(oidc_auth_source) unique_id = "u" + oidc.user_getfield('sub') + "@cyton" display_name = oidc.user_getfield('preferred_username') email = oidc.user_getfield('email') if email is None or email == "None": email = unique_id user = User.query.filter_by(username=unique_id).first() if user is None: res, user = create_user({ 'username': unique_id, 'email': email, 'role': 2, 'active': True, 'is_active': True, 'auth_source': 'oidc' }) print("Logging res and user") print(res) print(user) print("querying for user") user = User.query.filter_by(username=unique_id).first() print("Logging user:"******"loading servers.json for user") storage_dir = get_storage_directory() print("storage_dir") print(storage_dir) system('rm -f ' + storage_dir + '/pgpassfile') system('cp /pgadmin4/pgpass/pgpassfile ' + storage_dir + '/') system('chmod 0600 ' + storage_dir + '/pgpassfile') system('/usr/local/bin/python /pgadmin4/setup.py --load-servers "' + environ.get('PGADMIN_SERVER_JSON_FILE') + '" --user ' + unique_id) return redirect(get_post_login_redirect())
def test_oauth2_authentication(self): """ Ensure that when the client sends an correct authorization token, they receive a 200 OK response and the user principal is extracted and passed on to the routed method. """ profile = self.mock_user_profile() # Mock Oauth2 Authenticate AuthSourceRegistry._registry[OAUTH2].authenticate = MagicMock( return_value=[True, '']) AuthSourceManager.update_auth_sources = MagicMock() # Create AuthSourceManager object auth_obj = AuthSourceManager({}, [OAUTH2]) auth_source = AuthSourceRegistry.get(OAUTH2) auth_obj.set_source(auth_source) auth_obj.set_current_source(auth_source.get_source_name()) # Check the login with Oauth2 res = self.tester.login( email=None, password=None, _follow_redirects=True, headers=None, extra_form_data=dict(oauth2_button=self.oauth2_provider)) respdata = 'Gravatar image for %s' % profile['email'] self.assertTrue(respdata in res.data.decode('utf8'))
def reset_password(token): """View function that handles a reset password request.""" expired, invalid, user = reset_password_token_status(token) if invalid: do_flash(*get_message('INVALID_RESET_PASSWORD_TOKEN')) if expired: do_flash(*get_message('PASSWORD_RESET_EXPIRED', email=user.email, within=_security.reset_password_within)) if invalid or expired: return redirect(url_for('browser.forgot_password')) has_error = False form = _security.reset_password_form() if form.validate_on_submit(): try: update_password(user, form.password.data) except SOCKETErrorException as e: # Handle socket errors which are not covered by SMTPExceptions. logging.exception(str(e), exc_info=True) flash(gettext(SMTP_SOCKET_ERROR).format(e), 'danger') has_error = True except (SMTPConnectError, SMTPResponseException, SMTPServerDisconnected, SMTPDataError, SMTPHeloError, SMTPException, SMTPAuthenticationError, SMTPSenderRefused, SMTPRecipientsRefused) as e: # Handle smtp specific exceptions. logging.exception(str(e), exc_info=True) flash(gettext(SMTP_ERROR).format(e), 'danger') has_error = True except Exception as e: # Handle other exceptions. logging.exception(str(e), exc_info=True) flash(gettext(PASS_ERROR).format(e), 'danger') has_error = True if not has_error: after_this_request(view_commit) auth_obj = AuthSourceManager(form, [INTERNAL]) session['_auth_source_manager_obj'] = auth_obj.as_dict() if user.login_attempts >= config.MAX_LOGIN_ATTEMPTS > 0: flash( gettext('You successfully reset your password but' ' your account is locked. Please contact ' 'the Administrator.'), 'warning') return redirect(get_post_logout_redirect()) do_flash(*get_message('PASSWORD_RESET')) login_user(user) auth_obj = AuthSourceManager(form, [INTERNAL]) session['auth_source_manager'] = auth_obj.as_dict() return redirect( get_url(_security.post_reset_view) or get_url(_security.post_login_view)) return _security.render_template( config_value('RESET_PASSWORD_TEMPLATE'), reset_password_form=form, reset_password_token=token, **_ctx('reset_password'))