def streamingservice_device_complete():
logger.debug("streamingservice_device_complete()")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][
"app_deviceflow_clientid"]
user_id = request.args.get('user_id')
user_app_profile = okta_admin.get_user_application_by_client_id(
user_id=user_id, client_id=client_id)
devices = []
if get_udp_ns_fieldname(
"authorized_devices") in user_app_profile["profile"]:
user_devices = user_app_profile["profile"][get_udp_ns_fieldname(
"authorized_devices")]
if user_devices is None:
devices = []
else:
devices = []
device_id = request.args.get('device_id')
devices.append(device_id)
user_data = {
"profile": {
get_udp_ns_fieldname("authorized_devices"): devices
}
}
okta_admin.update_application_user_profile_by_clientid(
user_id=user_id, app_user_profile=user_data, client_id=client_id)
return render_template("streamingservice/device_complete.html",
config=session[SESSION_INSTANCE_SETTINGS_KEY])
def streamingservice_mydevices():
logger.debug("streamingservice_mydevices()")
user_info = get_userinfo()
user_id = user_info["sub"]
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"]
user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id)
devices = []
if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]:
devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")]
if devices is None:
devices = []
else:
devices = []
logger.debug(devices)
return render_template(
"streamingservice/mydevices.html",
user_info=get_userinfo(),
devices=devices,
config=session[SESSION_INSTANCE_SETTINGS_KEY])
def streamingservice_device_complete():
logger.debug("streamingservice_device_complete()")
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"]
user_id = request.args.get('user_id')
if user_id is not None:
user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id)
devices = []
if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]:
devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")]
if devices is None:
devices = []
else:
devices = []
device_id = request.args.get('device_id')
devices.append(device_id)
user_data = {
"profile": {
get_udp_ns_fieldname("authorized_devices"): devices
}
}
okta_admin.update_application_user_profile_by_clientid(user_id=user_id, app_user_profile=user_data, client_id=client_id)
url = "https://sngfyrr4b2.execute-api.us-east-2.amazonaws.com/default/prd-zartan-devicetoken?device_code=" + request.args.get('device_code')
headers = {
"x-api-key": session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["aws_api_key"],
}
s3response = RestUtil.execute_get(url, headers=headers)
del s3response['device_id']
del s3response['device_code']
return render_template(
"streamingservice/device_complete.html",
config=session[SESSION_INSTANCE_SETTINGS_KEY],
deviceinfo=json.dumps(s3response, sort_keys=True, indent=4))
else:
redirect_url = url_for(
"streamingservice_views_bp.streamingservice_device_activate",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
return redirect(redirect_url)
def streamingservice_removedevice():
logger.debug("streamingservice_removedevice()")
user_info = get_userinfo()
user_id = user_info["sub"]
device_id = request.args.get('device_id')
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"]
user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id)
devices = []
if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]:
devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")]
if devices is None:
devices = []
else:
devices.remove(device_id)
else:
devices = []
user_data = {
"profile": {
get_udp_ns_fieldname("authorized_devices"): devices
}
}
okta_admin.update_application_user_profile_by_clientid(user_id=user_id, app_user_profile=user_data, client_id=client_id)
redirect_url = url_for(
"streamingservice_views_bp.streamingservice_mydevices",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
return redirect(redirect_url)
def streamingservice_token_check():
logger.debug("streamingservice_token_check()")
access_token = request.form['access_token']
id_token = request.form['id_token']
refresh_token = request.form['refresh_token']
device_id = request.form['device_id']
client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][
"app_deviceflow_clientid"]
client_secret = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][
"app_deviceflow_clientsecret"]
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
okta_auth = OktaAuth(session[SESSION_INSTANCE_SETTINGS_KEY])
isactiveID = okta_auth.introspect_with_clientid(
id_token,
client_id=client_id,
client_secret=client_secret,
token_type_hint="idtoken")
if isactiveID["active"]:
id_token_info = TokenUtil.get_claims_from_token(id_token)
user_app_profile = okta_admin.get_user_application_by_client_id(
user_id=id_token_info["sub"], client_id=client_id)
if get_udp_ns_fieldname(
"authorized_devices") in user_app_profile["profile"]:
devices = user_app_profile["profile"][get_udp_ns_fieldname(
"authorized_devices")]
if device_id in devices:
isactiveAT = okta_auth.introspect_with_clientid(
access_token,
client_id=client_id,
client_secret=client_secret,
token_type_hint="access_token")
if isactiveAT["active"]:
response = "true"
else:
isactiveRT = okta_auth.introspect_with_clientid(
refresh_token,
client_id=client_id,
client_secret=client_secret,
token_type_hint="refresh_token")
if isactiveRT['active']:
logging.debug("get new AT")
responseurl = url_for(
"streamingservice_views_bp.streamingservice_devicepage",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]
["app_scheme"])
tokens = okta_auth.get_oauth_token_from_refresh_token(
headers=None,
refresh_token=refresh_token,
client_id=client_id,
client_secret=client_secret,
grant_type="refresh_token",
redirect_uri=responseurl,
scopes="openid profile email offline_access")
response = tokens
else:
response = "false"
else:
response = "false"
else:
response = "false"
else:
response = "false"
return response
