def streamingservice_device_complete(): logger.debug("streamingservice_device_complete()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][ "app_deviceflow_clientid"] user_id = request.args.get('user_id') user_app_profile = okta_admin.get_user_application_by_client_id( user_id=user_id, client_id=client_id) devices = [] if get_udp_ns_fieldname( "authorized_devices") in user_app_profile["profile"]: user_devices = user_app_profile["profile"][get_udp_ns_fieldname( "authorized_devices")] if user_devices is None: devices = [] else: devices = [] device_id = request.args.get('device_id') devices.append(device_id) user_data = { "profile": { get_udp_ns_fieldname("authorized_devices"): devices } } okta_admin.update_application_user_profile_by_clientid( user_id=user_id, app_user_profile=user_data, client_id=client_id) return render_template("streamingservice/device_complete.html", config=session[SESSION_INSTANCE_SETTINGS_KEY])
def streamingservice_mydevices(): logger.debug("streamingservice_mydevices()") user_info = get_userinfo() user_id = user_info["sub"] okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"] user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id) devices = [] if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]: devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")] if devices is None: devices = [] else: devices = [] logger.debug(devices) return render_template( "streamingservice/mydevices.html", user_info=get_userinfo(), devices=devices, config=session[SESSION_INSTANCE_SETTINGS_KEY])
def streamingservice_device_complete(): logger.debug("streamingservice_device_complete()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"] user_id = request.args.get('user_id') if user_id is not None: user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id) devices = [] if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]: devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")] if devices is None: devices = [] else: devices = [] device_id = request.args.get('device_id') devices.append(device_id) user_data = { "profile": { get_udp_ns_fieldname("authorized_devices"): devices } } okta_admin.update_application_user_profile_by_clientid(user_id=user_id, app_user_profile=user_data, client_id=client_id) url = "https://sngfyrr4b2.execute-api.us-east-2.amazonaws.com/default/prd-zartan-devicetoken?device_code=" + request.args.get('device_code') headers = { "x-api-key": session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["aws_api_key"], } s3response = RestUtil.execute_get(url, headers=headers) del s3response['device_id'] del s3response['device_code'] return render_template( "streamingservice/device_complete.html", config=session[SESSION_INSTANCE_SETTINGS_KEY], deviceinfo=json.dumps(s3response, sort_keys=True, indent=4)) else: redirect_url = url_for( "streamingservice_views_bp.streamingservice_device_activate", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) return redirect(redirect_url)
def streamingservice_removedevice(): logger.debug("streamingservice_removedevice()") user_info = get_userinfo() user_id = user_info["sub"] device_id = request.args.get('device_id') okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"] user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id) devices = [] if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]: devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")] if devices is None: devices = [] else: devices.remove(device_id) else: devices = [] user_data = { "profile": { get_udp_ns_fieldname("authorized_devices"): devices } } okta_admin.update_application_user_profile_by_clientid(user_id=user_id, app_user_profile=user_data, client_id=client_id) redirect_url = url_for( "streamingservice_views_bp.streamingservice_mydevices", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) return redirect(redirect_url)
def streamingservice_token_check(): logger.debug("streamingservice_token_check()") access_token = request.form['access_token'] id_token = request.form['id_token'] refresh_token = request.form['refresh_token'] device_id = request.form['device_id'] client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][ "app_deviceflow_clientid"] client_secret = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][ "app_deviceflow_clientsecret"] okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) okta_auth = OktaAuth(session[SESSION_INSTANCE_SETTINGS_KEY]) isactiveID = okta_auth.introspect_with_clientid( id_token, client_id=client_id, client_secret=client_secret, token_type_hint="idtoken") if isactiveID["active"]: id_token_info = TokenUtil.get_claims_from_token(id_token) user_app_profile = okta_admin.get_user_application_by_client_id( user_id=id_token_info["sub"], client_id=client_id) if get_udp_ns_fieldname( "authorized_devices") in user_app_profile["profile"]: devices = user_app_profile["profile"][get_udp_ns_fieldname( "authorized_devices")] if device_id in devices: isactiveAT = okta_auth.introspect_with_clientid( access_token, client_id=client_id, client_secret=client_secret, token_type_hint="access_token") if isactiveAT["active"]: response = "true" else: isactiveRT = okta_auth.introspect_with_clientid( refresh_token, client_id=client_id, client_secret=client_secret, token_type_hint="refresh_token") if isactiveRT['active']: logging.debug("get new AT") responseurl = url_for( "streamingservice_views_bp.streamingservice_devicepage", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY] ["app_scheme"]) tokens = okta_auth.get_oauth_token_from_refresh_token( headers=None, refresh_token=refresh_token, client_id=client_id, client_secret=client_secret, grant_type="refresh_token", redirect_uri=responseurl, scopes="openid profile email offline_access") response = tokens else: response = "false" else: response = "false" else: response = "false" else: response = "false" return response