def callback_handling(): code = request.args.get(CODE_KEY) get_token = GetToken(AUTH0_DOMAIN) auth0_users = Users(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) user_info = auth0_users.userinfo(token['access_token']) session[PROFILE_KEY] = json.loads(user_info) # return user_info # extract data to register user on DB in order top track question set progress first_name = session['profile']['given_name'] surname = session['profile']['family_name'] try: email = session['profile']['email'] except Exception as e: # log exception arup waad has email in nickname for some reason... email = session['profile']['nickname'] if len(parseaddr(email)[1]) == 0: return 'unable to log you in, invalid email supplied' user = db.session.query(User).filter_by(first_name=first_name, surname=surname, email=email).first() # if user doesnt exist in db, add them if (user is None): user = User(first_name=first_name, surname=surname, email=email) db.session.add(user) db.session.commit() # add user id from DB to the session session['user_id'] = user.id return redirect('/index')
def role_updating(): role_id = request.json['id'] role_name = request.json['name'] role_desc = request.json['desc'] get_token = GetToken(DOMAIN) token = get_token.client_credentials(M2M_ID, M2M_SEC, '{}/api/v2/'.format(AUTH0_DOMAIN)) mgmt_api_token = token['access_token'] auth0 = Auth0(DOMAIN, mgmt_api_token) roles = auth0.roles try: resp = roles.update(id=role_id, body={ 'name': role_name, 'description': role_desc }) except exceptions.Auth0Error: return { 'resp': { 'error': 'Role id, {0}, doesn\'t exist'.format(role_id) } } return { 'resp': { 'id': resp['id'], 'name': resp['name'], 'desc': resp['description'] } }
def auth0(self): if not hasattr(self, '_auth0'): gt = GetToken(self.domain) creds = gt.client_credentials(self.client_id, self.client_secret, f'https://{self.domain}/api/v2/') self._auth0 = Auth0(self.domain, creds['access_token']) return self._auth0
def get_token(self): audience = settings.AUTH0_MANAGEMENT_API_AUDIENCE get_token = GetToken(self.domain) token = get_token.client_credentials(self.client_id, self.client_secret, audience) mgmt_api_token = token['access_token'] return mgmt_api_token
def get_auth0(): """ Retrieve instantiated auth0 client. This also uses the cache so we're not re-instantiating for every update. """ auth0_api_access_token = cache.get('auth0_api_access_token') if not auth0_api_access_token: client = GetToken(api_settings.AUTH0_DOMAIN, ) response = client.client_credentials( api_settings.AUTH0_CLIENT_ID, api_settings.AUTH0_CLIENT_SECRET, api_settings.AUTH0_AUDIENCE, ) cache.set( 'auth0_api_access_token', response['access_token'], timeout=response['expires_in'], ) auth0_api_access_token = response['access_token'] auth0 = Auth0( api_settings.AUTH0_DOMAIN, auth0_api_access_token, ) return auth0
def get_mgmt_token(): get_token = GetToken(AUTH0_DOMAIN) token = get_token.client_credentials( NON_INTERACTIVE_CLIENT_ID, NON_INTERACTIVE_CLIENT_SECRET, 'https://{}/api/v2/'.format(AUTH0_DOMAIN)) return token['access_token']
def callback_handling(): code = request.args.get('code') get_token = GetToken(const['AUTH0_DOMAIN']) auth0_users = Users(const['AUTH0_DOMAIN']) token = get_token.authorization_code(const['AUTH0_CLIENT_ID'], const['AUTH0_CLIENT_SECRET'], code, const['AUTH0_CALLBACK_URL']) user_info = auth0_users.userinfo(token['access_token']) session['profile'] = json.loads(user_info) print('USER INFO') # check if user in db user = User.query.filter_by(email=session['profile']['email']).first() print('CHECK') if user is None: print('new user being added to db') userid = session['profile']["sub"] userid = userid[userid.index('|') + 1:len(userid)] new_user = User(userid, session['profile']['email'], session['profile']['nickname'], session['profile']['picture']) db.session.add(new_user) db.session.commit() else: print('old user') return redirect('/dashboard')
def get_auth0_client(config): get_token = GetToken(config['domain']) token = get_token.client_credentials(config['non_interactive_client_id'], config['non_interactive_client_secret'], 'https://{}/api/v2/'.format(config['domain'])) mgmt_api_token = token['access_token'] return Auth0(config['domain'], mgmt_api_token)
def get_token(domain, client_id, client_secret): gt = GetToken(domain) creds = gt.client_credentials( client_id, client_secret, f'https://{domain}/api/v2/' ) return creds['access_token']
def create_client(jupyterhub_endpoint): DOMAIN = os.environ["AUTH0_DOMAIN"] CLIENT_ID = os.environ["AUTH0_CLIENT_ID"] CLIENT_SECRET = os.environ["AUTH0_CLIENT_SECRET"] get_token = GetToken(DOMAIN) token = get_token.client_credentials(CLIENT_ID, CLIENT_SECRET, "https://{}/api/v2/".format(DOMAIN)) mgmt_api_token = token["access_token"] auth0 = Auth0(DOMAIN, mgmt_api_token) credentials = auth0.clients.create({ "name": f"QHub - {jupyterhub_endpoint}", "description": f"QHub - {jupyterhub_endpoint}", "callbacks": [f"https://{jupyterhub_endpoint}/hub/oauth_callback"], "app_type": "regular_web", }) return { "auth0_subdomain": ".".join(DOMAIN.split(".")[:-2]), "client_id": credentials["client_id"], "client_secret": credentials["client_secret"], "scope": ["openid", "email", "profile"], "oauth_callback_url": f"https://{jupyterhub_endpoint}/hub/oauth_callback", }
def user_creation(): user_email = request.json['email'] user_name = request.json['name'] user_username = request.json['username'] user_first = user_name.split()[0] user_last = user_name.split()[1] user_password = request.json['password'] get_token = GetToken(DOMAIN) token = get_token.client_credentials(M2M_ID, M2M_SEC, '{}/api/v2/'.format(AUTH0_DOMAIN)) mgmt_api_token = token['access_token'] auth0 = Auth0(DOMAIN, mgmt_api_token) users = auth0.users try: resp = users.create({ 'email': user_email, 'name': user_name, 'given_name': user_first, 'family_name': user_last, 'username': user_username, 'connection': 'LoginSystem', 'password': user_password }) except exceptions.Auth0Error: return {'resp': {'error': 'User already exists'}} return {'resp': resp}
def auth0_callback_view(self): # pragma: no cover """This callback is called after a successful Auth0 login. Args: code(str): Auth0's authentication code. """ # Check for errors error = request.args.get('error') if error: error_code = request.args.get('error_description') return redirect( url_for('regular.unauthorized', error_code=error_code)) from auth0.v3.authentication import GetToken from auth0.v3.authentication import Users import json # Retrieve AUTH0 settings from the local settings file AUTH0_DOMAIN = current_app.config.get('AUTH0_DOMAIN', '') AUTH0_CLIENT_ID = current_app.config.get('AUTH0_CLIENT_ID', '') AUTH0_CLIENT_SECRET = current_app.config.get('AUTH0_CLIENT_SECRET', '') AUTH0_CALLBACK_URL = url_for('user.auth0_callback', _external=True) auth0_users = Users(AUTH0_DOMAIN) # Retrieve Auth0 code from the URL query parameters code = request.args.get('code') # Decode Auth0 code and extract the Auth0 Token get_token = GetToken(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) # Retrieve user_info from AUTH0 token user_info_str = auth0_users.userinfo(token['access_token']) user_info = json.loads(user_info_str) email = user_info['email'] email_verified = user_info['email_verified'] # Retrieve User record by email user, user_email = self.db_manager.get_user_and_user_email_by_email( email) if not user: # Create new user if needed user = self.db_manager.add_user( email=email, active=True, first_name=user_info.get('given_name', ''), last_name=user_info.get('family_name', ''), ) self.db_manager.commit() # Retrieve next URL from 'state' query param state = request.args.get('state', '/') safe_next_url = self.make_safe_url(state) # Log user in return self._do_login_user(user, safe_next_url)
def __init__(self, service_url, loop=asyncio.get_event_loop()): self.service_url = service_url domain = os.getenv('REMOTE_KSVC_AUTH_DOMAIN') self.c_id = os.getenv('REMOTE_KSVC_AUTH_CLIENT_ID') self.secret = os.getenv('REMOTE_KSVC_AUTH_CLIENT_SECRET') self.identifier = os.getenv('REMOTE_KSVC_AUTH_IDENTIFIER') try: self.getter = GetToken(domain) token = self.getter.client_credentials(client_id=self.c_id, client_secret=self.secret, audience=self.identifier) self.token = token['access_token'] self.expires = token['expires_in'] expiration_time = '{}d {}h:{}m:{}s'.format( self.expires // 86400, (self.expires % 86400) // 3600, (self.expires % 3600) // 60, self.expires % 60) self.renewal_time_hours = .5 * (self.expires // 3600) logger.info("Token expires in {}".format(expiration_time)) self.headers = { "Content-Type": "application/json", "authorization": "Bearer " + self.token } self.session = aiohttp.ClientSession(loop=loop) asyncio.ensure_future( self.renewal(self.renewal_time_hours * 60 * 60)) except Exception as e: logger.error("Unable to connect to Maana {}".format(service_url)) pass
def get_auth0_client() -> Auth0: token = GetToken(AUTH0_DOMAIN).client_credentials( AUTH0_CLIENT_ID, str(AUTH0_CLIENT_SECRET), f"https://{AUTH0_DOMAIN}/api/v2/", ) mgmt_api_token = token["access_token"] return Auth0(AUTH0_DOMAIN, mgmt_api_token)
def get_auth0_inst(domain, client_id, client_secret): """ Return an authenticated Auth0 instance """ gt = GetToken(domain) creds = gt.client_credentials(client_id, client_secret, f"https://{domain}/api/v2/") auth0_inst = Auth0(domain, creds["access_token"]) return auth0_inst
def __init__(self): get_token = GetToken(domain) self.token = get_token.client_credentials(client_id, client_secret, API_ENDPOINT) self.mgmt_api_token = self.token['access_token'] self.session = RequestSession(API_ENDPOINT) headers = {'Bearer': self.mgmt_api_token} self.session.headers.update(headers)
def callback_handling(): code = request.args.get('code') get_token = GetToken('manishsethis.auth0.com') auth0_users = Users('manishsethis.auth0.com') token = get_token.authorization_code(os.environ['CLIENT_ID'], os.environ['CLIENT_SECRET'], code, 'http://localhost:5000/callback') user_info = auth0_users.userinfo(token['access_token']) session['profile'] = json.loads(user_info) return redirect('/dashboard')
def get_token(): gt = GetToken(current_app.config['AUTH0_DOMAIN']) token = gt.client_credentials( current_app.config['AUTH0_CLIENT_ID'], current_app.config['AUTH0_CLIENT_SECRET'], 'https://{}/api/v2/'.format(current_app.config['AUTH0_DOMAIN'])) mgmt_api_token = token['access_token'] return mgmt_api_token
def get_token(self) -> Dict[str, str]: """Makes a request to the Auth0 Management API for an access token using the client credentials authorization flow.""" return GetToken(self._domain).client_credentials( client_id=self._client_id, client_secret=self._client_secret, audience=self.audience, )
def get_auth0_token(): get_token = GetToken(settings.AUTH0_DOMAIN) token = get_token.client_credentials( settings.AUTH0_CLIENT_ID, settings.AUTH0_CLIENT_SECRET, f'https://{settings.AUTH0_DOMAIN}/api/v2/', ) return token
def get_auth0_token(): client = GetToken(settings.AUTH0_DOMAIN) token = client.client_credentials( settings.AUTH0_API_ID, settings.AUTH0_API_SECRET, settings.AUTH0_AUDIENCE, ) return token['access_token']
def callback_handling(): code = request.args.get(constants.CODE_KEY) get_token = GetToken(AUTH0_DOMAIN) auth0_users = Users(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) user_info = auth0_users.userinfo(token['access_token']) session[constants.PROFILE_KEY] = json.loads(user_info) return redirect('/dashboard')
def get_tokens(code, request): '''Given an auth code, by making an Auth0 API call, returns an access_token and id_token. ''' get_token = GetToken(DOMAIN) # exchange the Authorization Code for tokens: access_token, id_token tokens = get_token.authorization_code(CLIENT_ID, CLIENT_SECRET, code, get_callback_url(request)) # tokens is a dict including access_token and id_token return tokens
def get_management_api_client(): get_token = GetToken(Config.AUTH0_DOMAIN) token = get_token.client_credentials( Config.AUTH0_NON_INTERACTIVE_CLIENT_ID, Config.AUTH0_NON_INTERACTIVE_CLIENT_SECRET, Config.AUTH0_BASE_URL + '/api/v2/') mgmt_api_token = token['access_token'] auth0 = Auth0(Config.AUTH0_DOMAIN, mgmt_api_token) return auth0
def auth0(self): """ Return an authenticated Auth0 instance """ if not hasattr(self, "_auth0"): gt = GetToken(self.domain) creds = gt.client_credentials(self.client_id, self.client_secret, f"https://{self.domain}/api/v2/") self._auth0 = Auth0(self.domain, creds["access_token"]) return self._auth0
def create_client(jupyterhub_endpoint, project_name, reuse_existing=True): for variable in {"AUTH0_DOMAIN", "AUTH0_CLIENT_ID", "AUTH0_CLIENT_SECRET"}: if variable not in os.environ: raise ValueError( f"Required environment variable={variable} not defined") get_token = GetToken(os.environ["AUTH0_DOMAIN"]) token = get_token.client_credentials( os.environ["AUTH0_CLIENT_ID"], os.environ["AUTH0_CLIENT_SECRET"], f'https://{os.environ["AUTH0_DOMAIN"]}/api/v2/', ) mgmt_api_token = token["access_token"] auth0 = Auth0(os.environ["AUTH0_DOMAIN"], mgmt_api_token) oauth_callback_url = ( f"https://{jupyterhub_endpoint}/auth/realms/qhub/broker/auth0/endpoint" ) for client in auth0.clients.all( fields=["name", "client_id", "client_secret", "callbacks"], include_fields=True): if client["name"] == project_name and reuse_existing: if oauth_callback_url not in client["callbacks"]: logger.info( f"updating existing application={project_name} client_id={client['client_id']} adding callback url={oauth_callback_url}" ) auth0.clients.update( client["client_id"], {"callbacks": client["callbacks"] + [oauth_callback_url]}, ) return { "auth0_subdomain": ".".join(os.environ["AUTH0_DOMAIN"].split(".")[:-2]), "client_id": client["client_id"], "client_secret": client["client_secret"], } client = auth0.clients.create({ "name": project_name, "description": f"QHub - {project_name} - {jupyterhub_endpoint}", "callbacks": [oauth_callback_url], "app_type": "regular_web", }) return { "auth0_subdomain": ".".join(os.environ["AUTH0_DOMAIN"].split(".")[:-2]), "client_id": client["client_id"], "client_secret": client["client_secret"], }
def auth_auth0(endpoint, client_id, client_secret, realm, username, password): client = GetToken(endpoint) try: resp = client.login(client_id, client_secret, username, password, None, realm, None) if resp: auth_success(username) else: auth_failure("Invalid credentials for username " + username) except Auth0Error, e: auth_failure('Auth0 error: ' + e.message)
def get_management_api_token(): domain = auth0_api_settings.MANAGEMENT_API['AUTH0_DOMAIN'] client_id = auth0_api_settings.MANAGEMENT_API['AUTH0_CLIENT_ID'] client_secret = auth0_api_settings.MANAGEMENT_API['AUTH0_CLIENT_SECRET'] get_token = GetToken(domain) token = get_token.client_credentials( client_id, client_secret, 'https://{domain}/api/v2/'.format(domain=domain)) return token['access_token']
def get_token(self): get_token = GetToken(self.domain) token = get_token.client_credentials( settings.AUTH0_CLIENT_ID, settings.AUTH0_CLIENT_SECRET, f"https://{self.domain}/api/v2/", ) mgmt_api_token = token["access_token"] return mgmt_api_token
def callback_handling(): code = request.args.get('code') get_token = GetToken('abdul4343.eu.auth0.com') auth0_users = Users('abdul4343.eu.auth0.com') token = get_token.authorization_code( 'xYbqBYbjcd2rS6o9Xb0HrLwQWHXu8jH1', 'rZHMb64rreOI6j0umN8_ZHpcer4VuJbdVCUO3hEdB795kEadyp7GhNdw2Fy5lEFO', code, 'http://192.168.0.6:5000/callback') user_info = auth0_users.userinfo(token['access_token']) #session['profile'] = json.loads(user_info) print(json.loads(user_info)) return json.loads(user_info)