def handle_request(self, request, session):
"""
:param DisableUserCallbackRequest request:
:param Session session:
:rtype: flask.Response
"""
if SID_COOKIE_NAME not in flask_request.cookies:
return redirect(FRONTEND_URL, code=307)
sid = flask_request.cookies[SID_COOKIE_NAME]
user = get_user(sid)
if user is not None and request.disable:
self.disable_user(user, session)
self.cancel_agreements(user, session)
self.disable_account_service_user(user)
self.disable_data_service_meteringpoints(user)
response = redirect(f'{PROJECT_URL}/auth/logout', code=307)
response.delete_cookie(SID_COOKIE_NAME, domain=urlparse(FRONTEND_URL).netloc)
response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate'
response.headers['Pragma'] = 'no-cache'
response.headers['Expires'] = '0'
response.headers['Cache-Control'] = 'public, max-age=0'
else:
response = redirect(FRONTEND_URL, code=307)
return response
def handle_request(self):
"""
:rtype: flask.Response
"""
response = make_response(redirect(backend.get_logout_url(), code=307))
response.delete_cookie(SID_COOKIE_NAME, domain=urlparse(FRONTEND_URL).netloc)
return response
def handle_request(self):
"""
:rtype: flask.Response
"""
return_url = f'{PROJECT_URL}/auth/disable-user/callback'
url = f'{IDENTITY_SERVICE_DISABLE_USER_URL}?return_url={return_url}'
return redirect(url, code=307)
def handle_request(self):
"""
:rtype: flask.Response
"""
return_url = f'{PROJECT_URL}/auth/edit-profile/callback'
url = f'{IDENTITY_SERVICE_EDIT_PROFILE_URL}?return_url={return_url}'
return redirect(url, code=307)
def handle_request(self, request):
"""
:param LoginRequest request:
:rtype: flask.Response
"""
if request.return_url:
return_url = request.return_url
else:
return_url = FRONTEND_URL
login_url, state = backend.register_login_state()
redis.set(state, return_url, ex=3600)
return redirect(login_url, code=307)
def handle_request(self, request, user):
"""
:param ErrorRequest request:
:param User user:
:rtype: flask.Response
"""
logger.error("An error occurred on Hydra.", {
'error': request.error,
'error_description': request.error_description,
'error_hint': request.error_hint,
'subject': user.sub
})
return redirect(FRONTEND_URL, code=307)
def handle_request(self, request, session):
"""
:param VerifyLoginCallbackRequest request:
:param Session session:
:rtype: flask.Response
"""
return_url = redis.get(request.state)
if return_url is None:
raise BadRequest('Click back in your browser')
else:
return_url = return_url.decode()
redis.delete(request.state)
if request.error:
logger.error(f'Got login callback with ERROR', extra={
'scope': str(request.scope),
'code': request.code,
'state': request.state,
'error': str(request.error),
'error_hint': str(request.error_hint),
'error_description': str(request.error_description),
})
return redirect(return_url, 303)
# Fetch token
try:
token = backend.fetch_token(request.code, request.state)
except:
logger.exception(f'Failed to fetch token', extra={
'scope': str(request.scope),
'code': request.code,
'state': request.state,
})
return self.redirect_to_failure(return_url)
# Extract data from token
id_token = backend.get_id_token(token)
# No id_token means the user declined to give consent
if id_token is None:
return self.redirect_to_failure(return_url)
expires = datetime \
.fromtimestamp(token['expires_at']) \
.replace(tzinfo=timezone.utc)
# Lookup user from "subject"
user = UserQuery(session) \
.is_active() \
.has_sub(id_token['sub']) \
.one_or_none()
if user is None:
logger.info(f'User login: Creating new user and subscribing to webhooks', extra={
'subject': id_token['sub'],
})
self.create_new_user(token, id_token, expires, session)
datahub.webhook_on_measurement_published_subscribe(token['access_token'])
datahub.webhook_on_meteringpoint_available_subscribe(token['access_token'])
account.webhook_on_ggo_received_subscribe(token['access_token'])
else:
logger.info(f'User login: Updating tokens for existing user', extra={
'subject': id_token['sub'],
})
self.update_user_attributes(user, token, expires)
# Save session in Redis
redis.set(id_token['sid'], id_token['sub'], ex=token['expires_at'])
# Create HTTP response
response = redirect(f'{ACCOUNT_SERVICE_LOGIN_URL}?returnUrl={return_url}', 303)
response.set_cookie(SID_COOKIE_NAME, id_token['sid'], domain=urlparse(FRONTEND_URL).netloc)
response.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate'
response.headers['Pragma'] = 'no-cache'
response.headers['Expires'] = '0'
response.headers['Cache-Control'] = 'public, max-age=0'
return response
def handle_request(self):
"""
:rtype: flask.Response
"""
return redirect('/auth/login', code=307)
def handle_request(self):
"""
:rtype: flask.Response
"""
url = f'{IDENTITY_SERVICE_EDIT_CLIENTS_URL}?return_url={FRONTEND_URL}'
return redirect(url, code=307)
def redirect_to_failure(self, return_url):
"""
:param str return_url:
:rtype: flask.Response
"""
return redirect(f'{return_url}?success=0', code=307)