def oidc_login():
auth_obj = AuthSourceManager(None, ['oidc'])
print("Logging auth_obj")
print(auth_obj)
session['_auth_source_manager_obj'] = auth_obj.as_dict()
print("added _auth_source_manager_obj to session")
oidc_auth_source = get_auth_sources("oidc")
print("Logging oidc_auth_source")
print(oidc_auth_source)
unique_id = "u" + oidc.user_getfield('sub') + "@cyton"
display_name = oidc.user_getfield('preferred_username')
email = oidc.user_getfield('email')
if email is None or email == "None":
email = unique_id
user = User.query.filter_by(username=unique_id).first()
if user is None:
res, user = create_user({
'username': unique_id,
'email': email,
'role': 2,
'active': True,
'is_active': True,
'auth_source': 'oidc'
})
print("Logging res and user")
print(res)
print(user)
print("querying for user")
user = User.query.filter_by(username=unique_id).first()
print("Logging user:"******"loading servers.json for user")
storage_dir = get_storage_directory()
print("storage_dir")
print(storage_dir)
system('rm -f ' + storage_dir + '/pgpassfile')
system('cp /pgadmin4/pgpass/pgpassfile ' + storage_dir + '/')
system('chmod 0600 ' + storage_dir + '/pgpassfile')
system('/usr/local/bin/python /pgadmin4/setup.py --load-servers "' +
environ.get('PGADMIN_SERVER_JSON_FILE') + '" --user ' + unique_id)
return redirect(get_post_login_redirect())
def __auto_create_user(self, username, useremail):
"""Add the webserver user to the internal SQLite database."""
if config.WEBSERVER_AUTO_CREATE_USER:
user = User.query.filter_by(username=username).first()
if not user:
return create_user({
'username': username,
'email': useremail,
'role': 2,
'active': True,
'auth_source': WEBSERVER
})
return True, None
def __auto_create_user(self, resp):
if config.OAUTH2_AUTO_CREATE_USER:
user = User.query.filter_by(username=resp['email'],
auth_source=OAUTH2).first()
if not user:
return create_user({
'username': resp['email'],
'email': resp['email'],
'role': 2,
'active': True,
'auth_source': OAUTH2
})
return True, {'username': resp['email']}
def __auto_create_user(self, user_email):
"""Add the ldap user to the internal SQLite database."""
if config.LDAP_AUTO_CREATE_USER:
user = User.query.filter_by(username=self.username).first()
if user is None:
return create_user({
'username': self.username,
'email': user_email,
'role': 2,
'active': True,
'auth_source': 'ldap'
})
return True, None
def __auto_create_user(self, username):
"""Add the ldap user to the internal SQLite database."""
username = str(username)
if config.KRB_AUTO_CREATE_USER:
user = User.query.filter_by(username=username).first()
if user is None:
return create_user({
'username': username,
'email': username,
'role': 2,
'active': True,
'auth_source': KERBEROS
})
return True, {'username': username}
def authenticate(self, form):
try:
current_app.login_manager.oidc._process_callback('destination')
except:
return False, 'Forbidden'
tkn = jwt.decode(current_app.login_manager.oidc.get_access_token(),
verify=False)
user = User.query.filter_by(username=tkn['preferred_username']).first()
if user is None:
return create_user({
'username': tkn['preferred_username'],
'email': tkn['email'],
'role': 2,
'active': True,
'auth_source': 'oidc'
})
return True, None
def __auto_create_user(self, user_email):
"""Add the ldap user to the internal SQLite database."""
if config.LDAP_AUTO_CREATE_USER:
if config.LDAP_DN_CASE_SENSITIVE:
user = User.query.filter_by(username=self.username).first()
else:
user = User.query.filter(
func.lower(User.username) == func.lower(
self.username)).first()
if user is None:
return create_user({
'username': self.username,
'email': user_email,
'role': 2,
'active': True,
'auth_source': LDAP
})
return True, None
