def oidc_login():
auth_obj = AuthSourceManager(None, ['oidc'])
print("Logging auth_obj")
print(auth_obj)
session['_auth_source_manager_obj'] = auth_obj.as_dict()
print("added _auth_source_manager_obj to session")
oidc_auth_source = get_auth_sources("oidc")
print("Logging oidc_auth_source")
print(oidc_auth_source)
unique_id = "u" + oidc.user_getfield('sub') + "@cyton"
display_name = oidc.user_getfield('preferred_username')
email = oidc.user_getfield('email')
if email is None or email == "None":
email = unique_id
user = User.query.filter_by(username=unique_id).first()
if user is None:
res, user = create_user({
'username': unique_id,
'email': email,
'role': 2,
'active': True,
'is_active': True,
'auth_source': 'oidc'
})
print("Logging res and user")
print(res)
print(user)
print("querying for user")
user = User.query.filter_by(username=unique_id).first()
print("Logging user:"******"loading servers.json for user")
storage_dir = get_storage_directory()
print("storage_dir")
print(storage_dir)
system('rm -f ' + storage_dir + '/pgpassfile')
system('cp /pgadmin4/pgpass/pgpassfile ' + storage_dir + '/')
system('chmod 0600 ' + storage_dir + '/pgpassfile')
system('/usr/local/bin/python /pgadmin4/setup.py --load-servers "' +
environ.get('PGADMIN_SERVER_JSON_FILE') + '" --user ' + unique_id)
return redirect(get_post_login_redirect())
def test_oauth2_authentication(self):
"""
Ensure that when the client sends an correct authorization token,
they receive a 200 OK response and the user principal is extracted and
passed on to the routed method.
"""
profile = self.mock_user_profile()
# Mock Oauth2 Authenticate
AuthSourceRegistry._registry[OAUTH2].authenticate = MagicMock(
return_value=[True, ''])
AuthSourceManager.update_auth_sources = MagicMock()
# Create AuthSourceManager object
auth_obj = AuthSourceManager({}, [OAUTH2])
auth_source = AuthSourceRegistry.get(OAUTH2)
auth_obj.set_source(auth_source)
auth_obj.set_current_source(auth_source.get_source_name())
# Check the login with Oauth2
res = self.tester.login(
email=None,
password=None,
_follow_redirects=True,
headers=None,
extra_form_data=dict(oauth2_button=self.oauth2_provider))
respdata = 'Gravatar image for %s' % profile['email']
self.assertTrue(respdata in res.data.decode('utf8'))
def reset_password(token):
"""View function that handles a reset password request."""
expired, invalid, user = reset_password_token_status(token)
if invalid:
do_flash(*get_message('INVALID_RESET_PASSWORD_TOKEN'))
if expired:
do_flash(*get_message('PASSWORD_RESET_EXPIRED',
email=user.email,
within=_security.reset_password_within))
if invalid or expired:
return redirect(url_for('browser.forgot_password'))
has_error = False
form = _security.reset_password_form()
if form.validate_on_submit():
try:
update_password(user, form.password.data)
except SOCKETErrorException as e:
# Handle socket errors which are not covered by SMTPExceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(SMTP_SOCKET_ERROR).format(e), 'danger')
has_error = True
except (SMTPConnectError, SMTPResponseException,
SMTPServerDisconnected, SMTPDataError, SMTPHeloError,
SMTPException, SMTPAuthenticationError, SMTPSenderRefused,
SMTPRecipientsRefused) as e:
# Handle smtp specific exceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(SMTP_ERROR).format(e), 'danger')
has_error = True
except Exception as e:
# Handle other exceptions.
logging.exception(str(e), exc_info=True)
flash(gettext(PASS_ERROR).format(e), 'danger')
has_error = True
if not has_error:
after_this_request(view_commit)
auth_obj = AuthSourceManager(form, [INTERNAL])
session['_auth_source_manager_obj'] = auth_obj.as_dict()
if user.login_attempts >= config.MAX_LOGIN_ATTEMPTS > 0:
flash(
gettext('You successfully reset your password but'
' your account is locked. Please contact '
'the Administrator.'), 'warning')
return redirect(get_post_logout_redirect())
do_flash(*get_message('PASSWORD_RESET'))
login_user(user)
auth_obj = AuthSourceManager(form, [INTERNAL])
session['auth_source_manager'] = auth_obj.as_dict()
return redirect(
get_url(_security.post_reset_view)
or get_url(_security.post_login_view))
return _security.render_template(
config_value('RESET_PASSWORD_TEMPLATE'),
reset_password_form=form,
reset_password_token=token,
**_ctx('reset_password'))