def logout():
return_to = flask.request.args.get("return_to") or flask.request.url_root
# Make sure return_to is URL encoded
if return_to == unquote(return_to):
# Not encoded
return_to = quote(return_to, safe="")
if auth.is_authenticated(flask.session):
auth.empty_session(flask.session)
return flask.redirect(
"https://login.ubuntu.com/+logout"
f"?return_to={return_to}&return_now=True"
)
def post_stripe_method_id():
if auth.is_authenticated(flask.session):
if not flask.request.is_json:
return flask.jsonify({"error": "JSON required"}), 400
payment_method_id = flask.request.json.get("payment_method_id")
if not payment_method_id:
return flask.jsonify({"error": "payment_method_id required"}), 400
account_id = flask.request.json.get("account_id")
if not account_id:
return flask.jsonify({"error": "account_id required"}), 400
return advantage.put_method_id(flask.session, account_id,
payment_method_id)
else:
return flask.jsonify({"error": "authentication required"}), 401
def login_handler():
if auth.is_authenticated(flask.session):
return flask.redirect(open_id.get_next_url())
root = advantage_api.get_macaroon()
for caveat in Macaroon.deserialize(root).third_party_caveats():
if caveat.location == "login.ubuntu.com":
openid_macaroon = MacaroonRequest(caveat_id=caveat.caveat_id)
break
flask.session["macaroon_root"] = root
return open_id.try_login(
"https://login.ubuntu.com",
ask_for=["email", "nickname", "image"],
ask_for_optional=["fullname"],
extensions=[openid_macaroon],
)
def advantage():
accounts = None
personal_account = None
enterprise_contracts = []
entitlements = {}
openid = flask.session.get("openid")
headers = {"Cache-Control": "no-cache"}
if auth.is_authenticated(flask.session):
try:
accounts = advantage_api.get_accounts(flask.session)
for account in accounts:
account["contracts"] = advantage_api.get_account_contracts(
account, flask.session)
for contract in account["contracts"]:
contract["token"] = advantage_api.get_contract_token(
contract, flask.session)
machines = advantage_api.get_contract_machines(
contract, flask.session).get("machines")
contract["machineCount"] = 0
if machines:
contract["machineCount"] = len(machines)
if contract["contractInfo"].get("origin", "") == "free":
personal_account = account
personal_account["free_token"] = contract["token"]
for entitlement in contract["contractInfo"][
"resourceEntitlements"]:
if entitlement["type"] == "esm-infra":
entitlements["esm"] = True
elif entitlement["type"] == "livepatch":
entitlements["livepatch"] = True
elif entitlement["type"] == "fips":
entitlements["fips"] = True
elif entitlement["type"] == "cc-eal":
entitlements["cc-eal"] = True
personal_account["entitlements"] = entitlements
else:
entitlements = {}
for entitlement in contract["contractInfo"][
"resourceEntitlements"]:
contract["supportLevel"] = "-"
if entitlement["type"] == "esm-infra":
entitlements["esm"] = True
elif entitlement["type"] == "livepatch":
entitlements["livepatch"] = True
elif entitlement["type"] == "fips":
entitlements["fips"] = True
elif entitlement["type"] == "cc-eal":
entitlements["cc-eal"] = True
elif entitlement["type"] == "support":
contract["supportLevel"] = entitlement[
"affordances"]["supportLevel"]
contract["entitlements"] = entitlements
contract["contractInfo"][
"createdAtFormatted"] = datetime.datetime.strptime(
contract["contractInfo"]["createdAt"],
"%Y-%m-%dT%H:%M:%S.%fZ",
).strftime("%d %B %Y")
contract["contractInfo"][
"effectiveFromFormatted"] = datetime.datetime.strptime(
contract["contractInfo"]["effectiveFrom"],
"%Y-%m-%dT%H:%M:%S.%fZ",
).strftime("%d %B %Y")
enterprise_contracts.append(contract)
except HTTPError as http_error:
# We got an unauthorized request, so we likely
# need to re-login to refresh the macaroon
flask.current_app.extensions["sentry"].captureException(
extra={
"request_url": http_error.request.url,
"request_headers": http_error.request.headers,
"response_headers": http_error.response.headers,
"response_body": http_error.response.json(),
})
auth.empty_session(flask.session)
return flask.render_template("advantage/index.html"), headers
return (
flask.render_template(
"advantage/index.html",
openid=openid,
accounts=accounts,
enterprise_contracts=enterprise_contracts,
personal_account=personal_account,
),
headers,
)
def advantage_view():
accounts = None
personal_account = None
enterprise_contracts = {}
entitlements = {}
openid = flask.session.get("openid")
if auth.is_authenticated(flask.session):
try:
accounts = advantage.get_accounts(flask.session)
except HTTPError as http_error:
if http_error.response.status_code == 401:
# We got an unauthorized request, so we likely
# need to re-login to refresh the macaroon
flask.current_app.extensions["sentry"].captureException(
extra={
"session_keys": flask.session.keys(),
"request_url": http_error.request.url,
"request_headers": http_error.request.headers,
"response_headers": http_error.response.headers,
"response_body": http_error.response.json(),
"response_code": http_error.response.json()["code"],
"response_message": http_error.response.json()
["message"],
})
auth.empty_session(flask.session)
return (
flask.render_template("advantage/index.html"),
{
"Cache-Control": "private"
},
)
raise http_error
for account in accounts:
account["contracts"] = advantage.get_account_contracts(
account, flask.session)
for contract in account["contracts"]:
contract["token"] = advantage.get_contract_token(
contract, flask.session)
machines = advantage.get_contract_machines(
contract, flask.session).get("machines")
contract["machineCount"] = 0
if machines:
contract["machineCount"] = len(machines)
if contract["contractInfo"].get("origin", "") == "free":
personal_account = account
personal_account["free_token"] = contract["token"]
for entitlement in contract["contractInfo"][
"resourceEntitlements"]:
if entitlement["type"] == "esm-infra":
entitlements["esm-infra"] = True
elif entitlement["type"] == "esm-apps":
entitlements["esm-apps"] = True
elif entitlement["type"] == "livepatch":
entitlements["livepatch"] = True
elif entitlement["type"] == "fips":
entitlements["fips"] = True
elif entitlement["type"] == "cc-eal":
entitlements["cc-eal"] = True
personal_account["entitlements"] = entitlements
else:
entitlements = {}
for entitlement in contract["contractInfo"][
"resourceEntitlements"]:
contract["supportLevel"] = "-"
if entitlement["type"] == "esm-infra":
entitlements["esm-infra"] = True
elif entitlement["type"] == "esm-apps":
entitlements["esm-apps"] = True
elif entitlement["type"] == "livepatch":
entitlements["livepatch"] = True
elif entitlement["type"] == "fips":
entitlements["fips"] = True
elif entitlement["type"] == "cc-eal":
entitlements["cc-eal"] = True
elif entitlement["type"] == "support":
contract["supportLevel"] = entitlement[
"affordances"]["supportLevel"]
contract["entitlements"] = entitlements
created_at = dateutil.parser.parse(
contract["contractInfo"]["createdAt"])
contract["contractInfo"][
"createdAtFormatted"] = created_at.strftime("%d %B %Y")
contract["contractInfo"]["status"] = "active"
if "effectiveTo" in contract["contractInfo"]:
effective_to = dateutil.parser.parse(
contract["contractInfo"]["effectiveTo"])
contract["contractInfo"][
"effectiveToFormatted"] = effective_to.strftime(
"%d %B %Y")
time_now = datetime.utcnow().replace(tzinfo=pytz.utc)
if effective_to < time_now:
contract["contractInfo"]["status"] = "expired"
else:
date_difference = effective_to - time_now
contract["expiring"] = date_difference.days <= 30
contract["contractInfo"][
"daysTillExpiry"] = date_difference.days
if "renewals" in contract["contractInfo"]:
contract["renewal"] = contract["contractInfo"][
"renewals"][0]
enterprise_contracts.setdefault(
contract["accountInfo"]["name"], []).append(contract)
return (
flask.render_template(
"advantage/index.html",
openid=openid,
accounts=accounts,
enterprise_contracts=enterprise_contracts,
personal_account=personal_account,
),
{
"Cache-Control": "private"
},
)
def accept_renewal(renewal_id):
if auth.is_authenticated(flask.session):
return advantage.accept_renewal(flask.session, renewal_id)
else:
return flask.jsonify({"error": "authentication required"}), 401