def ecommerce_profile(): logger.debug("ecommerce_profile()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user_info = get_userinfo() user_info2 = okta_admin.get_user(user_info["sub"]) factors = get_enrolled_factors(user_info["sub"]) if get_udp_ns_fieldname("consent") in user_info2["profile"]: consent = user_info2["profile"][get_udp_ns_fieldname("consent")] if consent.strip() == "": consent = '' session['appointment'] = "No Appointments Currently Set." else: consent = '' crediturl = '' app_info = okta_admin.get_applications_by_user_id(user_info["sub"]) for item in app_info: if "credit Demo (Generated by UDP)" in item["label"]: domain = urlparse( item["settings"]["oauthClient"]["initiate_login_uri"]).netloc crediturl = "https://" + domain return render_template("ecommerce/profile.html", id_token=TokenUtil.get_id_token(request.cookies), access_token=TokenUtil.get_access_token( request.cookies), user_info=user_info, user_info2=user_info2, consent=consent, factors=factors, config=session[SESSION_INSTANCE_SETTINGS_KEY], crediturl=crediturl)
def ecommerce_approvals_get(): logger.debug("workflow_approvals()") workflow_list = [] user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_groups = okta_admin.get_user_groups(user["id"]) user_get_response = okta_admin.get_user_list_by_search( 'profile.{0} pr '.format(get_udp_ns_fieldname("access_requests"))) for list in user_get_response: for grp in list["profile"][get_udp_ns_fieldname("access_requests")]: group_get_response = okta_admin.get_group(id=grp) logging.debug(group_get_response) var = { "requestor": list["profile"]["login"], "request": group_get_response["profile"]["description"], "usr_grp": { "user_id": list["id"], "group_id": grp } } for clist in user_groups: if grp == clist['id']: workflow_list.append(var) return render_template( "{0}/workflow-approvals.html".format(get_app_vertical()), templatename=get_app_vertical(), workflow_list=workflow_list, user_info=user_info, config=session[SESSION_INSTANCE_SETTINGS_KEY], _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def streamingservice_device_complete(): logger.debug("streamingservice_device_complete()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][ "app_deviceflow_clientid"] user_id = request.args.get('user_id') user_app_profile = okta_admin.get_user_application_by_client_id( user_id=user_id, client_id=client_id) devices = [] if get_udp_ns_fieldname( "authorized_devices") in user_app_profile["profile"]: user_devices = user_app_profile["profile"][get_udp_ns_fieldname( "authorized_devices")] if user_devices is None: devices = [] else: devices = [] device_id = request.args.get('device_id') devices.append(device_id) user_data = { "profile": { get_udp_ns_fieldname("authorized_devices"): devices } } okta_admin.update_application_user_profile_by_clientid( user_id=user_id, app_user_profile=user_data, client_id=client_id) return render_template("streamingservice/device_complete.html", config=session[SESSION_INSTANCE_SETTINGS_KEY])
def streamingservice_mydevices(): logger.debug("streamingservice_mydevices()") user_info = get_userinfo() user_id = user_info["sub"] okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"] user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id) devices = [] if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]: devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")] if devices is None: devices = [] else: devices = [] logger.debug(devices) return render_template( "streamingservice/mydevices.html", user_info=get_userinfo(), devices=devices, config=session[SESSION_INSTANCE_SETTINGS_KEY])
def ecommerce_requests_post(): logger.debug("workflow_requests_post()") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] if get_udp_ns_fieldname("access_requests") in user["profile"]: pendingRequest = user["profile"][get_udp_ns_fieldname( "access_requests")] else: pendingRequest = [] if request.form.get("request_access"): group_id = request.form.get("request_access") if group_id not in pendingRequest: pendingRequest.append(group_id) # Remove user attribute organization ( as the request has been rejected) # organization": "[ '{id}' ]".format(id=request.form.get('location')) user_data = { "profile": { get_udp_ns_fieldname("access_requests"): pendingRequest } } test = okta_admin.update_user(user_id=user_id, user=user_data) print(test) ecommerce_emailWorkFlowRequest(group_id) return redirect( url_for("ecommerce_views_bp.ecommerce_requests_get", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]))
def dealer_registration_get(): logger.debug("dealer_registration()") CONFIG_GROUP_REGULAR = get_udp_ns_fieldname(CONFIG_REGULAR) CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN) CONFIG_GROUP_LOCATION_STARTSWITH = get_udp_ns_fieldname(CONFIG_LOCATION) okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) setup_options = { "type_users": [], "dealerships": [], "type_user_selected": request.form.get('role'), "dealership_selected": request.form.get('location') } user_data = { "profile": { "firstName": "", "lastName": "", "email": "", "login": "", "mobilePhone": "" } } try: # Prepopulate choice for setup # Get Group group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_ADMIN) for i in group_get_response: setup_options["type_users"].append({"id": i["id"], "description": i["profile"]["description"]}) group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_REGULAR) for i in group_get_response: setup_options["type_users"].append({"id": i["id"], "description": i["profile"]["description"]}) group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_LOCATION_STARTSWITH) for i in group_get_response: setup_options["dealerships"].append({"id": i["id"], "description": i["profile"]["description"]}) # On a GET display the registration page with the defaults return render_template( "{0}/registration.html".format(get_app_vertical()), templatename=get_app_vertical(), config=session[SESSION_INSTANCE_SETTINGS_KEY], user_data=user_data, setup_options=setup_options, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) except Exception as e: return render_template( "{0}/registration.html".format(get_app_vertical()), templatename=get_app_vertical(), config=session[SESSION_INSTANCE_SETTINGS_KEY], error=e, user_data=user_data, setup_options=setup_options, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def b2b_requests_get(): logger.debug("b2bworkflow_requests_get()") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] if get_udp_ns_fieldname("access_requests") in user["profile"]: pendingRequest = user["profile"][get_udp_ns_fieldname( "access_requests")] else: pendingRequest = [] # On a GET display the registration page with the defaults applist = [] list_group_full = [] # Find the groups the user belongs to get_user_groups_response = okta_admin.get_user_groups(user_id=user_id) CONFIG_GROUP_B2B_STARTSWITH = get_udp_ns_fieldname("b2b") for item in get_user_groups_response: logging.debug(item) if item["profile"]["name"].startswith(CONFIG_GROUP_B2B_STARTSWITH): group_id = "{id}".format(id=item["id"]) applist.append(item["profile"]["name"].replace( CONFIG_GROUP_B2B_STARTSWITH, "")) logging.debug(applist) get_groups = okta_admin.get_groups_by_name(get_udp_ns_fieldname("")) for item in get_groups: if item["profile"]["name"].startswith(CONFIG_GROUP_B2B_STARTSWITH): if item["profile"]["name"].replace(CONFIG_GROUP_B2B_STARTSWITH, "") not in applist: logging.debug(item["profile"]["name"]) group_id = "{id}".format(id=item["id"]) list_group_full.append({ "id": item["id"], "name": item["profile"]["name"], "description": item["profile"]["description"], "status": "Pending" if group_id in pendingRequest else "Not Requested" }) return render_template( "{0}/workflow-requests.html".format(get_app_vertical()), templatename=get_app_vertical(), user_info=user_info, workflow_list=list_group_full, config=session[SESSION_INSTANCE_SETTINGS_KEY], _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def healthcare_add_schedule(): logger.debug("healthcare_add_schedule") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user_id = request.form.get('user_id') first_name = safe_get_dict(request.form, 'firstname') last_name = safe_get_dict(request.form, 'lastname') email = safe_get_dict(request.form, 'email') address = safe_get_dict(request.form, 'address') city = safe_get_dict(request.form, 'city') state = safe_get_dict(request.form, 'state') zip_code = safe_get_dict(request.form, 'zipCode') country = safe_get_dict(request.form, 'country') dob = safe_get_dict(request.form, 'dob') hasvisited = safe_get_dict(request.form, 'hasvisited') mobile_phone = safe_get_dict(request.form, 'mobilePhone') gender = safe_get_dict(request.form, 'gender') if request.form.get('datepicker'): session['appointment'] = "Appointment set for " + request.form.get( 'datepicker') + " between the hours of " + request.form.get( 'timepicker') user_data = { "profile": { "firstName": first_name, "lastName": last_name, "email": email, "mobilePhone": mobile_phone, "streetAddress": address, "city": city, "state": state, "zipCode": zip_code, "countryCode": country, get_udp_ns_fieldname("dob"): dob, get_udp_ns_fieldname("hasvisited"): hasvisited, get_udp_ns_fieldname("gender"): gender, } } user_update_response = okta_admin.update_user(user_id, user_data) if "error" in user_update_response: message = "Error During Update: " + user_update_response else: message = "Appointment is scheduled!" return redirect( url_for("healthcare_views_bp.healthcare_profile", _external="True", _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"], user_id=user_id, message=message))
def ecommerce_approvals_post(): logger.debug("workflow_approvals()") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] if request.form.get("action") == "reject": req = request.form.get("action_value") req = req.replace("\'", "\"") req = json.loads(req) user_id = req["user_id"] group_id = req["group_id"] user_wf = okta_admin.get_user(user_id) grps = user_wf["profile"][get_udp_ns_fieldname("access_requests")] grps.remove(group_id) # Remove user attribute organization ( as the request has been rejected) user_data = { "profile": { get_udp_ns_fieldname("access_requests"): grps } } okta_admin.update_user(user_id=user_id, user=user_data) if request.form.get("action") == "approve": req = request.form.get("action_value") req = req.replace("\'", "\"") req = json.loads(req) user_id = req["user_id"] group_id = req["group_id"] # Assign user to group okta_admin.assign_user_to_group(group_id, user_id) user_wf = okta_admin.get_user(user_id) grps = user_wf["profile"][get_udp_ns_fieldname("access_requests")] grps.remove(group_id) # Remove user attribute organization ( as the request has been rejected) user_data = { "profile": { get_udp_ns_fieldname("access_requests"): grps } } okta_admin.update_user(user_id=user_id, user=user_data) return redirect( url_for("ecommerce_views_bp.ecommerce_approvals_get", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]))
def gbac_idverification_updateidentity(): logger.debug("gbac_idverification_updateidentity") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) basicauth = OktaUtil.get_encoded_auth( "okta", "Ry4EZf8SyxKyStLK6BqxBBLXEW4SrIo6hc0m2rR3PoI") headers = { "Accept": "application/json", "Content-Type": "application/json", "Authorization": "Basic {0}".format(basicauth) } evident_id = user["profile"][get_udp_ns_fieldname("evident_id")] response = RestUtil.execute_get( "https://verify.api.demo.evidentid.com/api/v1/verify/requests/{0}". format(evident_id), headers=headers) now = datetime.datetime.now() # dd/mm/YY H:M:S verifydate = now.strftime("%d/%m/%Y %H:%M:%S") user_data = { "profile": { get_udp_ns_fieldname("last_verified_date"): str(verifydate) } } status = "" for item in response["attributes"]: status = item["status"] if status == "pending": break if item["type"] == "core.firstname": user_data["profile"]["firstName"] = item["values"][0] if item["type"] == "core.lastname": user_data["profile"]["lastName"] = item["values"][0] if item["type"] == "core.address.zipcode": user_data["profile"]["zipCode"] = item["values"][0] if item["type"] == "core.address.city": user_data["profile"]["city"] = item["values"][0] if item["type"] == "core.address.state": user_data["profile"]["state"] = item["values"][0] if status == "pending": return status else: logging.debug(user_data) okta_admin.update_user(user["id"], user_data) return response
def gbac_idverification_getverificationcode(): logger.debug("gbac_idverification_bp") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) evidenttoken = "" basicauth = OktaUtil.get_encoded_auth("okta", "Ry4EZf8SyxKyStLK6BqxBBLXEW4SrIo6hc0m2rR3PoI") headers = { "Accept": "application/json", "Content-Type": "application/json", "Authorization": "Basic {0}".format(basicauth) } my_str = user["profile"]["email"] idx = my_str.index("@") email = my_str[:idx] + str(time.time()) + my_str[idx:] body = { "email": email, "templateId": "1ce55f4e-7bb2-4907-9643-dc61f1f04f4d" } response = RestUtil.execute_post(" https://verify.api.demo.evidentid.com/api/v1/verify/requests", headers=headers, body=body) evidenttoken = response["userIdentityToken"] user_data = {"profile": {get_udp_ns_fieldname("evident_id"): response["id"]}} okta_admin.update_user(user["id"], user_data) return evidenttoken
def gbac_idverification_isverified(): logger.debug("gbac_idverification_isverified") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) verified_date = user["profile"][get_udp_ns_fieldname("last_verified_date")] return verified_date
def emailRegistration(self, recipient, token): logger.debug("emailRegistration()") CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN) app_title = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_name"] activation_link = url_for( "dealer_views_bp.dealer_registration_state_get", stateToken=token, _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) subject = "Welcome to the {app_title}".format(app_title=session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_name"]) # Send Activation Email to the user message = """ Welcome to the {app_title}! Click this link to activate your account <br /> <a href='{activation_link}'>{activation_link}</a>). """.format(app_title=app_title, activation_link=activation_link) Email.send_mail(subject=subject, message=message, recipients=[recipient]) # Send Activation Email to the Admin subject_admin = "Registration Activation request for user {user}".format(user=request.form.get('email')) message_admin = """ A new user has registered. His request is awaiting your approval. Click this link to log into your account <br /> <a href='{activation_link}'>{activation_link}</a> to review the request """.format( activation_link=url_for( "dealer_views_bp.workflow_approvals_get", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])) return self.emailAllMembersOfGroup(group_name=CONFIG_GROUP_ADMIN, subject=subject_admin, message=message_admin)
def dealer_myapps_get(): logger.debug("dealer_myapps_get()") CONFIG_GROUP_LOCATION_STARTSWITH = "{0}_".format(get_udp_ns_fieldname(CONFIG_LOCATION)) user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] location = "" # Find the groups the user belongs to and find the description of the _LOC_* group get_user_groups_response = okta_admin.get_user_groups(user_id=user_id) for item in get_user_groups_response: if item["profile"]["name"].startswith(CONFIG_GROUP_LOCATION_STARTSWITH): location = item["profile"]["description"] get_apps_response = okta_admin.get_applications_by_user_id(user_id) return render_template( "{0}/myapps.html".format(get_app_vertical()), templatename=get_app_vertical(), user_info=user_info, config=session[SESSION_INSTANCE_SETTINGS_KEY], location=location, apps=get_apps_response, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def ecommerce_accept_terms(): logger.debug("ecommerce_accept_terms()") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] now = datetime.datetime.now() # dd/mm/YY H:M:S consent = now.strftime("%d/%m/%Y %H:%M:%S") user_data = {"profile": {get_udp_ns_fieldname("consent"): consent}} user_update_response = okta_admin.update_user(user_id, user_data) if user_update_response: message = "Thank you for completing the Consent Form." else: message = "Error During consent" return redirect( url_for( "ecommerce_views_bp.ecommerce_profile", _external="True", _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"], user_id=user_id, message=message))
def streamingservice_device_complete(): logger.debug("streamingservice_device_complete()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"] user_id = request.args.get('user_id') if user_id is not None: user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id) devices = [] if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]: devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")] if devices is None: devices = [] else: devices = [] device_id = request.args.get('device_id') devices.append(device_id) user_data = { "profile": { get_udp_ns_fieldname("authorized_devices"): devices } } okta_admin.update_application_user_profile_by_clientid(user_id=user_id, app_user_profile=user_data, client_id=client_id) url = "https://sngfyrr4b2.execute-api.us-east-2.amazonaws.com/default/prd-zartan-devicetoken?device_code=" + request.args.get('device_code') headers = { "x-api-key": session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["aws_api_key"], } s3response = RestUtil.execute_get(url, headers=headers) del s3response['device_id'] del s3response['device_code'] return render_template( "streamingservice/device_complete.html", config=session[SESSION_INSTANCE_SETTINGS_KEY], deviceinfo=json.dumps(s3response, sort_keys=True, indent=4)) else: redirect_url = url_for( "streamingservice_views_bp.streamingservice_device_activate", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) return redirect(redirect_url)
def workflow_approvals_get(): logger.debug("workflow_approvals()") CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN) workflow_list = [] user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] # On a GET display the registration page with the defaults admin_groups = okta_admin.get_user_groups(user_id) admin_group_id = "" # Must be an admin for item in admin_groups: if item["profile"]["name"] == CONFIG_GROUP_ADMIN: admin_group_id = item["id"] if admin_group_id: # access_requests attribute contains workflow request # 'profile.access_requests eq pr" user_get_response = okta_admin.get_user_list_by_search( 'profile.{0} pr '.format(get_udp_ns_fieldname("access_requests"))) for list in user_get_response: for grp in list["profile"][get_udp_ns_fieldname( "access_requests")]: group_get_response = okta_admin.get_group(id=grp) var = { "requestor": list["profile"]["login"], "request": group_get_response["profile"]["description"], "usr_grp": { "user_id": list["id"], "group_id": grp } } workflow_list.append(var) return render_template( "{0}/workflow-approvals.html".format(get_app_vertical()), templatename=get_app_vertical(), workflow_list=workflow_list, user_info=user_info, config=session[SESSION_INSTANCE_SETTINGS_KEY], _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) else: return "ERROR: Unauthorized", 401
def developer_api(): logger.debug("developer_api()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user_info = get_userinfo() user_info2 = okta_admin.get_user(user_info["sub"]) production = user_info2["profile"][get_udp_ns_fieldname("production")] return render_template("developer/api.html", user_info=user_info, user_info2=user_info2, production=production, config=session[SESSION_INSTANCE_SETTINGS_KEY])
def healthcare_schedule(): logger.debug("healthcare_schedule") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) dob = "" gender = "" if get_udp_ns_fieldname("dob") in user["profile"]: dob = user["profile"][get_udp_ns_fieldname("dob")] if get_udp_ns_fieldname("gender") in user["profile"]: gender = user["profile"][get_udp_ns_fieldname("gender")] return render_template( "healthcare/schedule.html", id_token=TokenUtil.get_id_token(request.cookies), access_token=TokenUtil.get_access_token(request.cookies), user_info=get_userinfo(), user_info2=user, config=session[SESSION_INSTANCE_SETTINGS_KEY], dob=dob, gender=gender)
def emailWorkFlowRequest(self): logger.debug("emailWorkFlowRequest()") CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN) activation_link = url_for("dealer_views_bp.workflow_approvals_get", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) # Send Activation Email to the Admin subject_admin = "A workflow request was received" message_admin = """ A new request for access was received. The request is awaiting your approval. Click this link to log into your account <br /> <a href='{activation_link}'>{activation_link}</a> to review the request" """.format(activation_link=activation_link) return self.emailAllMembersOfGroup(group_name=CONFIG_GROUP_ADMIN, subject=subject_admin, message=message_admin)
def healthcare_profile(): user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) if get_udp_ns_fieldname("consent") in user["profile"]: logging.debug(user) consent = user["profile"][get_udp_ns_fieldname("consent")] logging.debug(consent) if consent.strip() == "": consent = '' session['appointment'] = "No Appointments Currently Set." else: consent = '' logging.debug(consent) factors = get_enrolled_factors(user["id"]) id_token = TokenUtil.get_id_token(request.cookies) patientid = TokenUtil.get_single_claim_from_token(id_token, "extPatientId") is_evident_validated = "" if get_udp_ns_fieldname("is_evident_validated") in user["profile"]: is_evident_validated = user["profile"][get_udp_ns_fieldname( "is_evident_validated")] return render_template("healthcare/profile.html", id_token=TokenUtil.get_id_token(request.cookies), access_token=TokenUtil.get_access_token( request.cookies), user_info=get_userinfo(), user_info2=user, config=session[SESSION_INSTANCE_SETTINGS_KEY], consent=consent, factors=factors, patientid=patientid, is_evident_validated=is_evident_validated)
def streamingservice_removedevice(): logger.debug("streamingservice_removedevice()") user_info = get_userinfo() user_id = user_info["sub"] device_id = request.args.get('device_id') okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["app_deviceflow_clientid"] user_app_profile = okta_admin.get_user_application_by_client_id(user_id=user_id, client_id=client_id) devices = [] if get_udp_ns_fieldname("authorized_devices") in user_app_profile["profile"]: devices = user_app_profile["profile"][get_udp_ns_fieldname("authorized_devices")] if devices is None: devices = [] else: devices.remove(device_id) else: devices = [] user_data = { "profile": { get_udp_ns_fieldname("authorized_devices"): devices } } okta_admin.update_application_user_profile_by_clientid(user_id=user_id, app_user_profile=user_data, client_id=client_id) redirect_url = url_for( "streamingservice_views_bp.streamingservice_mydevices", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) return redirect(redirect_url)
def healthcare_accept_terms(): logger.debug("healthcare_accept_terms()") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] now = datetime.datetime.now() # dd/mm/YY H:M:S consent = now.strftime("%d/%m/%Y %H:%M:%S") user_data = {"profile": {get_udp_ns_fieldname("consent"): consent}} user_update_response = okta_admin.update_user(user_id, user_data) logger.debug(user_update_response) return redirect( url_for("healthcare_views_bp.healthcare_profile", _external="True", _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"], user_id=user_id))
def ecommerce_clear_consent(userid): logger.debug("ecommerce_clear_consent") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user_data = {"profile": { get_udp_ns_fieldname("consent"): "", }} user_update_response = okta_admin.update_user(userid, user_data) if "error" in user_update_response: message = "Error During Update: " + user_update_response else: message = "" return redirect( url_for( "ecommerce_views_bp.ecommerce_profile", _external="True", _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"], user_id=userid, message=message))
def ecommerce_user_update(): logger.debug("ecommerce_user_update") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user_id = request.form.get('user_id') logging.debug(request.form.to_dict()) first_name = safe_get_dict(request.form, 'firstname') last_name = safe_get_dict(request.form, 'lastname') email = safe_get_dict(request.form, 'email') mobile_phone = safe_get_dict(request.form, 'mobilePhone') consent = safe_get_dict(request.form, 'nconsent') user_data = { "profile": { "firstName": first_name, "lastName": last_name, "email": email, "mobilePhone": mobile_phone, get_udp_ns_fieldname("consent"): consent, } } logging.debug(user_data) user_update_response = okta_admin.update_user(user_id, user_data) logging.debug(user_update_response) if "error" in user_update_response: message = "Error During Update: " + user_update_response else: message = "User Updated!" return redirect( url_for("ecommerce_views_bp.ecommerce_profile", _external="True", _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"], user_id=user_id, message=message))
def ecommerce_requests_get(): logger.debug("workflow_requests_get()") user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] if get_udp_ns_fieldname("access_requests") in user["profile"]: pendingRequest = user["profile"][get_udp_ns_fieldname( "access_requests")] else: pendingRequest = [] workflow_list = [] # On a GET display the registration page with the defaults list_group_user = [] list_group_full = [] # Find the groups the user belongs to get_user_groups_response = okta_admin.get_user_groups(user_id=user_id) CONFIG_GROUP_EMPLOYEE_STARTSWITH = get_udp_ns_fieldname("employee") CONFIG_GROUP_BUYER_STARTSWITH = get_udp_ns_fieldname("buyer") print(CONFIG_GROUP_BUYER_STARTSWITH) companylist = [] buyerlist = [] for item in get_user_groups_response: if item["profile"]["name"].startswith( CONFIG_GROUP_EMPLOYEE_STARTSWITH): group_id = "{id}".format(id=item["id"]) companylist.append(item["profile"]["name"].replace( CONFIG_GROUP_EMPLOYEE_STARTSWITH, "")) for item in get_user_groups_response: if item["profile"]["name"].startswith(CONFIG_GROUP_BUYER_STARTSWITH): group_id = "{id}".format(id=item["id"]) buyerlist.append(item["profile"]["name"].replace( CONFIG_GROUP_BUYER_STARTSWITH, "")) get_groups = okta_admin.get_groups_by_name(get_udp_ns_fieldname("")) for item in get_groups: if item["profile"]["name"].replace(CONFIG_GROUP_BUYER_STARTSWITH, "") in companylist: if item["profile"]["name"].replace(CONFIG_GROUP_BUYER_STARTSWITH, "") not in buyerlist: group_id = "{id}".format(id=item["id"]) list_group_full.append({ "id": item["id"], "name": item["profile"]["name"], "description": item["profile"]["description"], "status": "Pending" if group_id in pendingRequest else "Not Requested" }) # Populate the workflow list with groups that the user is absent in set_list1 = set(tuple(sorted(d.items())) for d in list_group_full) set_list2 = set(tuple(sorted(d.items())) for d in list_group_user) set_difference = set_list1 - set_list2 for tuple_element in set_difference: workflow_list = list_group_full return render_template( "{0}/workflow-requests.html".format(get_app_vertical()), templatename=get_app_vertical(), user_info=user_info, workflow_list=workflow_list, config=session[SESSION_INSTANCE_SETTINGS_KEY], _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def dealer_registration_post(): logger.debug("dealer_registration()") okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) setup_options = { "type_users": [], "dealerships": [], "type_user_selected": request.form.get('role'), "dealership_selected": request.form.get('location') } # Prepopulate user_data = { "profile": { "firstName": request.form.get('firstname'), "lastName": request.form.get('lastname'), "email": request.form.get('email'), "login": request.form.get('email'), "mobilePhone": request.form.get('phonenumber'), get_udp_ns_fieldname("access_requests"): ['{id}'.format(id=request.form.get('location'))] }, "credentials": { "password": {"value": request.form.get('password')} }, "groupIds": [] } user_data["groupIds"].append(setup_options["type_user_selected"]) user_create_response = okta_admin.create_user(user_data, activate_user=False) if "errorCode" in user_create_response: CONFIG_GROUP_REGULAR = get_udp_ns_fieldname(CONFIG_REGULAR) CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN) CONFIG_GROUP_LOCATION_STARTSWITH = get_udp_ns_fieldname(CONFIG_LOCATION) # Prepopulate choice for setup # Get Group group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_ADMIN) for i in group_get_response: setup_options["type_users"].append({"id": i["id"], "description": i["profile"]["description"]}) group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_REGULAR) for i in group_get_response: setup_options["type_users"].append({"id": i["id"], "description": i["profile"]["description"]}) group_get_response = okta_admin.get_groups_by_name(CONFIG_GROUP_LOCATION_STARTSWITH) for i in group_get_response: setup_options["dealerships"].append({"id": i["id"], "description": i["profile"]["description"]}) return render_template( "{0}/registration.html".format(get_app_vertical()), templatename=get_app_vertical(), config=session[SESSION_INSTANCE_SETTINGS_KEY], error=user_create_response, user_data=user_data, setup_options=setup_options) # Send Activation Email to the user EmailServices().emailRegistration( recipient={"address": request.form.get('email')}, token=user_create_response["id"]) return render_template( "{0}/registration-completion.html".format(get_app_vertical()), templatename=get_app_vertical(), config=session[SESSION_INSTANCE_SETTINGS_KEY], email=request.form.get('email'), _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def workflow_requests_get(): logger.debug("workflow_requests_get()") CONFIG_GROUP_LOCATION_STARTSWITH = get_udp_ns_fieldname(CONFIG_LOCATION) user_info = get_userinfo() okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) user = okta_admin.get_user(user_info["sub"]) user_id = user["id"] if get_udp_ns_fieldname("access_requests") in user["profile"]: pendingRequest = user["profile"][get_udp_ns_fieldname("access_requests")] else: pendingRequest = [] workflow_list = [] # On a GET display the registration page with the defaults list_group_user = [] list_group_full = [] is_user_dealership = False # Find the groups the user belongs to get_user_groups_response = okta_admin.get_user_groups(user_id=user_id) for item in get_user_groups_response: if item["profile"]["name"].startswith(CONFIG_GROUP_LOCATION_STARTSWITH): is_user_dealership = True if item["profile"]["name"] != "Everyone": # Ignore the Everyone group group_id = "{id}".format(id=item["id"]) list_group_user.append({"id": item["id"], "name": item["profile"]["name"], "description": item["profile"]["description"], "status": "Pending" if group_id in pendingRequest else "Not Requested"}) # If not a user of a dealership, cannot request access to applications if is_user_dealership: # Find the groups for this portal that start with name "DEALER_" get_groups = okta_admin.get_groups_by_name(get_udp_ns_fieldname("")) for item in get_groups: group_id = "{id}".format(id=item["id"]) list_group_full.append({"id": item["id"], "name": item["profile"]["name"], "description": item["profile"]["description"], "status": "Pending" if group_id in pendingRequest else "Not Requested"}) # Populate the workflow list with groups that the user is absent in set_list1 = set(tuple(sorted(d.items())) for d in list_group_full) set_list2 = set(tuple(sorted(d.items())) for d in list_group_user) set_difference = set_list1 - set_list2 for tuple_element in set_difference: workflow_list.append(dict((x, y) for x, y in tuple_element)) return render_template( "{0}/workflow-requests.html".format(get_app_vertical()), templatename=get_app_vertical(), user_info=user_info, workflow_list=workflow_list, config=session[SESSION_INSTANCE_SETTINGS_KEY], _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]) else: # If not a user of a dealership, cannot request access to applications return render_template( "{0}/workflow-requests.html".format(get_app_vertical()), templatename=get_app_vertical(), user_info=user_info, error="You have not been assigned to a dealership. Only users of a dealership can request access to applications", config=session[SESSION_INSTANCE_SETTINGS_KEY], _scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def streamingservice_token_check(): logger.debug("streamingservice_token_check()") access_token = request.form['access_token'] id_token = request.form['id_token'] refresh_token = request.form['refresh_token'] device_id = request.form['device_id'] client_id = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][ "app_deviceflow_clientid"] client_secret = session[SESSION_INSTANCE_SETTINGS_KEY]["settings"][ "app_deviceflow_clientsecret"] okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY]) okta_auth = OktaAuth(session[SESSION_INSTANCE_SETTINGS_KEY]) isactiveID = okta_auth.introspect_with_clientid( id_token, client_id=client_id, client_secret=client_secret, token_type_hint="idtoken") if isactiveID["active"]: id_token_info = TokenUtil.get_claims_from_token(id_token) user_app_profile = okta_admin.get_user_application_by_client_id( user_id=id_token_info["sub"], client_id=client_id) if get_udp_ns_fieldname( "authorized_devices") in user_app_profile["profile"]: devices = user_app_profile["profile"][get_udp_ns_fieldname( "authorized_devices")] if device_id in devices: isactiveAT = okta_auth.introspect_with_clientid( access_token, client_id=client_id, client_secret=client_secret, token_type_hint="access_token") if isactiveAT["active"]: response = "true" else: isactiveRT = okta_auth.introspect_with_clientid( refresh_token, client_id=client_id, client_secret=client_secret, token_type_hint="refresh_token") if isactiveRT['active']: logging.debug("get new AT") responseurl = url_for( "streamingservice_views_bp.streamingservice_devicepage", _external=True, _scheme=session[SESSION_INSTANCE_SETTINGS_KEY] ["app_scheme"]) tokens = okta_auth.get_oauth_token_from_refresh_token( headers=None, refresh_token=refresh_token, client_id=client_id, client_secret=client_secret, grant_type="refresh_token", redirect_uri=responseurl, scopes="openid profile email offline_access") response = tokens else: response = "false" else: response = "false" else: response = "false" else: response = "false" return response