def list_users(request, access_token): conf = _get_config(request) get = request.GET starts_with = None if 'startsWith' in get: starts_with = get['startsWith'] client = UsersClient('https://' + conf['org'], config.get_api_key(request)) is_org_token = False try: token_obj = parse_bearer_token(access_token) if token_obj['iss'] == 'https://{0}'.format(conf['org']): is_org_token = True except Exception as e: print(e) if is_org_token: client.set_bearer_token(access_token) users = client.list_users(15, starts_with) else: profile_dict = request.session['profile'] company_name = profile_dict.get('companyName') if api_access_admin(conf, access_token): users = client.list_users(15, starts_with) elif api_access_company_admin(conf, access_token): users = client.list_users_scoped(15, company_name, starts_with) else: return not_authorized(request) response = HttpResponse() response.status_code = 200 response.content = users return response
def update_perm(request, access_token): conf = _get_config(request) req = request.POST group_id = None perms = None if 'group_id' in req: group_id = req['group_id'] if 'perms' in req: perms = req['perms'] response = HttpResponse() response.status_code = 200 if (api_access_admin(conf, access_token) or api_access_company_admin(conf, access_token))\ and group_id and group_id and perms: if perms[-1:] == ',': perms = perms[:-1] perms = perms.split(',') print(perms) perm = {"profile": {"role_permissions": perms}} client = AppsClient('https://' + conf['org'], config.get_api_key(request), conf['aud']) perms = client.update_app_group(group_id, perm) response.content = perms else: return not_authorized(request) return response
def update_perm(request, token): req = request.POST group_id = None perms = None if 'group_id' in req: group_id = req['group_id'] if 'perms' in req: perms = req['perms'] response = HttpResponse() response.status_code = 200 if api_access_company_admin(token) and group_id and group_id and perms: if perms[-1:] == ',': perms = perms[:-1] perms = perms.split(',') print(perms) perm = {"profile": {"role_permissions": perms}} client = AppsClient('https://' + OKTA_ORG, API_KEY, CLIENT_ID) perms = client.update_app_group(group_id, perm) response.content = perms else: return not_authorized(request) return response
def update_user(request, access_token): conf = _get_config(request) response = HttpResponse() response.status_code = 200 if request.method == 'POST': req = request.POST if 'user_id' in req: user_id = req['user_id'] email = '' first_name = '' last_name = '' role = '' company_name = '' deactivate = None if 'email' in req: email = req['email'] if 'firstName' in req: first_name = req['firstName'] if 'lastName' in req: last_name = req['lastName'] if 'role' in req: role = req['role'] if 'deactivate' in req: deactivate = req['deactivate'] if 'companyName' in req: company_name = req['companyName'] client = UsersClient('https://' + conf['org'], config.get_api_key(request)) user = { "profile": { "firstName": first_name, "lastName": last_name, "email": email, "login": email, "customer_role": role, "companyName": company_name } } if api_access_admin(conf, access_token): users = client.update_user(user=user, user_id=user_id, deactivate=deactivate) elif api_access_company_admin(conf, access_token): users = client.update_user(user=user, user_id=user_id, deactivate=deactivate) else: return not_authorized(request) response.content = users return response
def add_users(request, access_token): conf = _get_config(request) response = HttpResponse() response.status_code = 200 if request.method == 'POST': req = request.POST email = '' first_name = '' last_name = '' role = '' activate = False profile_dict = request.session['profile'] company_name = '' if 'companyName' in profile_dict: company_name = profile_dict.get('companyName') if 'email' in req: email = req['email'] if 'firstName' in req: first_name = req['firstName'] if 'lastName' in req: last_name = req['lastName'] if 'role' in req: role = req['role'] if 'activate' in req: activate = req['activate'] client = UsersClient('https://' + conf['org'], config.get_api_key(request)) user = { "profile": { "firstName": first_name, "lastName": last_name, "email": email, "login": email, "customer_role": role, "companyName": company_name } } if api_access_admin(conf, access_token): users = client.create_user(user=user, activate=activate) elif api_access_company_admin(conf, access_token): users = client.create_user(user=user, activate=activate) else: return not_authorized(request) response.content = users return response
def add_users(request, token): response = HttpResponse() response.status_code = 200 if request.method == 'POST': req = request.POST email = '' firstName = '' lastName = '' role = '' activate = False #profile_dict = json.loads(request.session['profile']) profile_dict = request.session['profile'] companyName = '' if 'companyName' in profile_dict: companyName = profile_dict.get('companyName') if 'email' in req: email = req['email'] if 'firstName' in req: firstName = req['firstName'] if 'lastName' in req: lastName = req['lastName'] if 'role' in req: role = req['role'] if 'activate' in req: activate = req['activate'] client = UsersClient('https://' + OKTA_ORG, API_KEY) user = { "profile": { "firstName": firstName, "lastName": lastName, "email": email, "login": email, "customer_role": role, "companyName": companyName } } if api_access_admin(token): users = client.create_user(user=user, activate=activate) elif api_access_company_admin(token): users = client.create_user(user=user, activate=activate) # users = client.create_user_scoped(user=user, activate="false", group="") else: return not_authorized(request) response.content = users return response
def app_schema(request, token): response = HttpResponse() response.status_code = 200 if api_access_company_admin(token): client = AppsClient('https://' + OKTA_ORG, API_KEY, CLIENT_ID) schema = client.get_schema() response.content = schema else: return not_authorized(request) return response
def app_schema(request, access_token): conf = _get_config(request) response = HttpResponse() response.status_code = 200 if api_access_company_admin(conf, access_token): client = AppsClient('https://' + conf['org'], config.get_api_key(request), conf['aud']) schema = client.get_schema() response.content = schema else: return not_authorized(request) return response
def list_user(request, token): get = request.GET user_id = None if 'user' in get: user_id = get['user'] client = UsersClient('https://' + OKTA_ORG, API_KEY) if api_access_admin(token) or api_access_company_admin(token): users = client.list_user(user_id) else: return not_authorized(request) response = HttpResponse() response.status_code = 200 response.content = users return response
def get_group(request, token): get = request.GET response = HttpResponse() response.status_code = 200 group_id = None if 'group_id' in get: group_id = get['group_id'] client = GroupsClient('https://' + OKTA_ORG, API_KEY) if api_access_company_admin(token): response.content = client.get_group_by_id(group_id) else: return not_authorized(request) return response
def list_groups(request, token): response = HttpResponse() response.status_code = 200 profile_dict = request.session['profile'] #profile_dict = json.loads(profile) companyName = '' if 'companyName' in profile_dict: companyName = profile_dict.get('companyName') if api_access_company_admin(token): client = GroupsClient('https://' + OKTA_ORG, API_KEY) response.content = client.list_groups(15, companyName) else: return not_authorized(request) return response
def list_perms(request, token): get = request.GET response = HttpResponse() response.status_code = 200 if api_access_company_admin(token): client = AppsClient('https://' + OKTA_ORG, API_KEY, CLIENT_ID) group_id = None if 'group_id' in get: group_id = get['group_id'] perms = client.get_app_group_by_id(group_id) response.content = perms else: return not_authorized(request) return response
def list_user(request, access_token): conf = _get_config(request) get = request.GET user_id = None if 'user' in get: user_id = get['user'] client = UsersClient('https://' + conf['org'], config.get_api_key(request)) if api_access_admin(conf, access_token) or api_access_company_admin( conf, access_token): users = client.list_user(user_id) else: return not_authorized(request) response = HttpResponse() response.status_code = 200 response.content = users return response
def get_group(request, access_token): conf = _get_config(request) get = request.GET response = HttpResponse() response.status_code = 200 group_id = None if 'group_id' in get: group_id = get['group_id'] client = GroupsClient('https://' + conf['org'], config.get_api_key(request)) if api_access_company_admin(conf, access_token): response.content = client.get_group_by_id(group_id) else: return not_authorized(request) return response
def list_users(request, token): get = request.GET startsWith = None if 'startsWith' in get: startsWith = get['startsWith'] client = UsersClient('https://' + OKTA_ORG, API_KEY) profile_dict = request.session['profile'] #profile_dict = json.loads(profile) companyName = profile_dict.get('companyName') if api_access_admin(token): users = client.list_users(15, startsWith) elif api_access_company_admin(token): users = client.list_users_scoped(15, companyName, startsWith) else: return not_authorized(request) response = HttpResponse() response.status_code = 200 response.content = users return response
def list_perms(request, access_token): conf = _get_config(request) get = request.GET response = HttpResponse() response.status_code = 200 if api_access_admin(conf, access_token) or api_access_company_admin( conf, access_token): client = AppsClient('https://' + conf['org'], config.get_api_key(request), conf['aud']) group_id = None if 'group_id' in get: group_id = get['group_id'] perms = client.get_app_group_by_id(group_id) response.content = perms else: return not_authorized(request) return response
def add_group(request, access_token): conf = _get_config(request) response = HttpResponse() response.status_code = 200 if request.method == 'POST': req = request.POST profile_dict = request.session['profile'] if 'groupName' in req and 'companyName' in profile_dict: prefix = None if 'companyName' in profile_dict: prefix = profile_dict.get('companyName') if prefix == '': prefix = None group_name = req['groupName'] if prefix: group_name = prefix + '_' + group_name client = GroupsClient('https://' + conf['org'], config.get_api_key(request)) group = { "profile": { "name": group_name, } } if api_access_admin(conf, access_token): response.content = client.create_group(group) elif api_access_company_admin(conf, access_token): response.content = client.create_group(group) else: return not_authorized(request) return response
def list_groups(request, access_token): conf = _get_config(request) response = HttpResponse() response.status_code = 200 profile_dict = request.session['profile'] company_name = '' if 'companyName' in profile_dict: company_name = profile_dict.get('companyName') if api_access_admin(conf, access_token): client = GroupsClient('https://' + conf['org'], config.get_api_key(request)) response.content = client.list_groups(15) elif api_access_company_admin(conf, access_token): client = GroupsClient('https://' + conf['org'], config.get_api_key(request)) response.content = client.list_groups(15, company_name) else: return not_authorized(request) return response
def add_group(request, token): response = HttpResponse() response.status_code = 200 if request.method == 'POST': req = request.POST profile_dict = request.session['profile'] #profile_dict = json.loads(profile) if 'groupName' in req and 'companyName' in profile_dict: prefix = None if 'companyName' in profile_dict: prefix = profile_dict.get('companyName') if prefix == '': prefix = None group_name = req['groupName'] if prefix: group_name = prefix + '_' + group_name client = GroupsClient('https://' + OKTA_ORG, API_KEY) group = { "profile": { "name": group_name, } } if api_access_admin(token): response.content = client.create_group(group) elif api_access_company_admin(token): response.content = client.create_group(group) else: return not_authorized(request) return response