def after_login(resp):
try:
root = Macaroon.deserialize(flask.session.pop("macaroon_root"))
except KeyError:
return (
flask.render_template("templates/_error_login.html", ),
400,
)
bound = root.prepare_for_request(
Macaroon.deserialize(resp.extensions["macaroon"].discharge))
flask.session["authentication_token"] = binary_serialize_macaroons(
[root, bound]).decode("utf-8")
if not resp.nickname:
return flask.redirect(flask.current_app.config["CANONICAL_LOGIN_URL"])
flask.session["openid"] = {
"identity_url": resp.identity_url,
"nickname": resp.nickname,
"fullname": resp.fullname,
"image": resp.image,
"email": resp.email,
}
return flask.redirect(open_id.get_next_url())
def _prepare_request(method, path, data=None, session=None):
request = Request(method=method, url=f"{API_URL}{path}")
if session:
root = Macaroon.deserialize(session["macaroon_root"])
discharge = Macaroon.deserialize(session["macaroon_discharge"])
bound = root.prepare_for_request(discharge)
token = binary_serialize_macaroons([root, bound]).decode("utf-8")
request.headers["Authorization"] = f"Macaroon {token}"
if data is not None:
request.json = data
return request.prepare()