Esempio n. 1
0
def init(config_path):
    config = init_config(config_path)
    global logger
    logger = init_logging(__name__)

    keypair = read_keys("./provider/private.pem", "./provider/public.pem")
    # app.config['EXPLAIN_TEMPLATE_LOADING'] = True
    app.config['TESTING'] = os.environ.get('TESTING') == 'True'
    app.register_blueprint(
        create_authorize_blueprint(client_store, keypair.public,
                                   keypair.private))
    app.register_blueprint(
        create_token_blueprint(client_store, keypair.private, config))
    app.register_blueprint(create_register_blueprint(client_store))
    app.register_blueprint(create_jwk_blueprint())
    app.register_blueprint(create_metadata_blueprint(config))
    app.register_blueprint(create_consent_blueprint(config))
    app.register_blueprint(create_scim_blueprint(config))
    app.register_blueprint(create_userinfo_blueprint(config))
    app.register_blueprint(create_logout_blueprint(config, keypair.public))
Esempio n. 2
0
from provider.util import init_logging
from provider.model.store.user_store import user_store
from oidcpy.authorize import authorize

from flask import Blueprint, request, jsonify, make_response

logger = init_logging(__name__)

AUDIENCE = 'https://*****:*****@userinfo_bp.route('/userinfo', methods=["GET"])
    @authorize(audience=AUDIENCE, scopes='openid')
    def userinfo():
        subject = get_subject_from_token()
        user = user_store.get_by_id(subject)
        payload = {'sub': subject, 'name': user['name']}
        if 'email' in user['consented_scopes'] and 'email' in user:
            payload['email'] = user['email']
        if 'roles' in user['consented_scopes'] and 'roles' in user:
            payload['roles'] = user['roles']

        resp = make_response(jsonify(payload))
        resp.headers['Content-Type'] = 'application/json'
        resp.headers['Access-Control-Allow-Origin'] = '*'
        resp.headers['Access-Control-Allow-Methods'] = 'GET'
        resp.headers['Access-Control-Allow-Headers'] = 'Authorization'
        return resp, 200