def delete_client(secret):
client = OAuthClient.query.filter(OAuthClient.client_secret == secret).first()
if not client:
abort(404)
db.delete(client)
db.commit()
return redirect("/oauth/clients")
def remove_admin(arguments):
u = User.query.filter(User.username == arguments['<name>']).first()
if (u):
u.admin = False # remove admin
db.commit()
else:
print('Not a valid user')
def remove_admin(arguments):
u = User.query.filter(User.username == arguments['<name>']).first()
if(u):
u.admin = False # remove admin
db.commit()
else:
print('Not a valid user')
def exchange():
client_id = request.form.get("client_id")
client_secret = request.form.get("client_secret")
code = request.form.get("code")
if not client_id:
return { "error": "Missing client_id" }, 400
client = OAuthClient.query.filter(OAuthClient.client_id == client_id).first()
if not client:
return { "error": "Unknown client" }, 404
if client.client_secret != client_secret:
return { "error": "Incorrect client secret" }, 401
r = redis.Redis(unix_socket_path=_cfg("socket"), db=_cfg("database"))
_client_id = r.get("oauth.exchange.client." + code)
user_id = r.get("oauth.exchange.user." + code)
if not client_id or not user_id:
return { "error": "Unknown or expired exchange code" }, 404
_client_id = _client_id.decode("utf-8")
user_id = int(user_id.decode("utf-8"))
user = User.query.filter(User.id == user_id).first()
if not user or _client_id != client.client_id:
return { "error": "Unknown or expired exchange code" }, 404
token = OAuthToken.query.filter(OAuthToken.client == client, OAuthToken.user == user).first()
if not token:
token = OAuthToken(user, client)
db.add(token)
db.commit()
r.delete("oauth.exchange.client." + code)
r.delete("oauth.exchange.user." + code)
return { "token": token.token }
def approve_user(arguments):
u = User.query.filter(User.username == arguments['<name>']).first()
if (u):
u.approved = True # approve user
u.approvalDate = datetime.now()
db.commit()
else:
print('Not a valid user')
def approve_user(arguments):
u = User.query.filter(User.username == arguments['<name>']).first()
if(u):
u.approved = True # approve user
u.approvalDate = datetime.now()
db.commit()
else:
print('Not a valid user')
def regenerate(secret):
client = OAuthClient.query.filter(OAuthClient.client_secret == secret).first()
if not client:
abort(404)
salt = os.urandom(40)
client.client_secret = hashlib.sha256(salt).hexdigest()[:40]
db.commit()
return redirect("/oauth/clients")
def delete_client(secret):
client = OAuthClient.query.filter(
OAuthClient.client_secret == secret).first()
if not client:
abort(404)
db.delete(client)
db.commit()
return redirect("/oauth/clients")
def revoke_token(token):
token = OAuthToken.query.filter(OAuthToken.token == token).first()
if not token:
abort(404)
if token.user != current_user:
abort(404)
db.delete(token)
db.commit()
return redirect("/oauth/tokens")
def go(*args, **kw):
try:
ret = f(*args, **kw)
db.commit()
return ret
except:
db.rollback()
db.close()
raise
def regenerate(secret):
client = OAuthClient.query.filter(
OAuthClient.client_secret == secret).first()
if not client:
abort(404)
salt = os.urandom(40)
client.client_secret = hashlib.sha256(salt).hexdigest()[:40]
db.commit()
return redirect("/oauth/clients")
def go(*args, **kw):
try:
ret = f(*args, **kw)
db.commit()
return ret
except:
db.rollback()
db.close()
raise
def revoke_token(token):
token = OAuthToken.query.filter(OAuthToken.token == token).first()
if not token:
abort(404)
if token.user != current_user:
abort(404)
db.delete(token)
db.commit()
return redirect("/oauth/tokens")
def reset_password(arguments):
u = User.query.filter(User.username == arguments['<name>']).first()
if (u):
password = arguments['<password>']
if len(password) < 5 or len(password) > 256:
print('Password must be between 5 and 256 characters.')
return
u.set_password(password)
db.commit()
else:
print('Not a valid user')
def create_user(arguments):
u = User(arguments['<name>'], arguments['<email>'],
arguments['<password>'])
if (u):
u.approved = True # approve user
u.approvalDate = datetime.now()
db.add(u)
db.commit()
print('User created')
else:
print('Couldn\'t create the uer')
def clients_POST():
name = request.form.get("name")
info_url = request.form.get("info_url")
redirect_uri = request.form.get("redirect_uri")
if not name or not info_url or not redirect_uri:
return render_template("oauth-clients.html", errors="All fields are required.")
if not info_url.startswith("http://") and not info_url.startswith("https://"):
return render_template("oauth-clients.html", errors="URL fields must be a URL.")
if not redirect_uri.startswith("http://") and not redirect_uri.startswith("https://"):
return render_template("oauth-clients.html", errors="URL fields must be a URL.")
if len(current_user.clients) > 10:
return render_template("oauth-clients.html", errors="You can only have 10 clients, chill out dude.")
client = OAuthClient(current_user, name, info_url, redirect_uri)
db.add(client)
db.commit()
return redirect("/oauth/clients")
def clients_POST():
name = request.form.get("name")
info_url = request.form.get("info_url")
redirect_uri = request.form.get("redirect_uri")
if not name or not info_url or not redirect_uri:
return render_template("oauth-clients.html",
errors="All fields are required.")
if not info_url.startswith("http://") and not info_url.startswith(
"https://"):
return render_template("oauth-clients.html",
errors="URL fields must be a URL.")
if not redirect_uri.startswith("http://") and not redirect_uri.startswith(
"https://"):
return render_template("oauth-clients.html",
errors="URL fields must be a URL.")
if len(current_user.clients) > 10:
return render_template(
"oauth-clients.html",
errors="You can only have 10 clients, chill out dude.")
client = OAuthClient(current_user, name, info_url, redirect_uri)
db.add(client)
db.commit()
return redirect("/oauth/clients")
def exchange():
client_id = request.form.get("client_id")
client_secret = request.form.get("client_secret")
code = request.form.get("code")
if not client_id:
return {"error": "Missing client_id"}, 400
client = OAuthClient.query.filter(
OAuthClient.client_id == client_id).first()
if not client:
return {"error": "Unknown client"}, 404
if client.client_secret != client_secret:
return {"error": "Incorrect client secret"}, 401
r = redis.Redis(unix_socket_path=_cfg("socket"), db=_cfg("database"))
_client_id = r.get("oauth.exchange.client." + code)
user_id = r.get("oauth.exchange.user." + code)
if not client_id or not user_id:
return {"error": "Unknown or expired exchange code"}, 404
_client_id = _client_id.decode("utf-8")
user_id = int(user_id.decode("utf-8"))
user = User.query.filter(User.id == user_id).first()
if not user or _client_id != client.client_id:
return {"error": "Unknown or expired exchange code"}, 404
token = OAuthToken.query.filter(OAuthToken.client == client,
OAuthToken.user == user).first()
if not token:
token = OAuthToken(user, client)
db.add(token)
db.commit()
r.delete("oauth.exchange.client." + code)
r.delete("oauth.exchange.user." + code)
return {"token": token.token}
