def create_app(): app = Flask(__name__) setup_db(app) oauth = OAuth(app) auth0 = oauth.register( 'auth0', client_id=CLIENT_ID, client_secret=CLIENT_SECRET, api_base_url=f'https://{DOMAIN}', access_token_url=f'https://{DOMAIN}/oauth/token', authorize_url=f'https://{DOMAIN}/authorize', client_kwargs={ 'scope': 'openid profile email', }, ) CORS(app, resources={r'/*': {'origins': '*'}}) @app.after_request def after_request(response): response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization,true') response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS,PATCH') return response from flaskr.actors.routes import actor from flaskr.movies.routes import movie from flaskr.main.routes import main from flaskr.errors.handlers import errors app.register_blueprint(actor) app.register_blueprint(movie) app.register_blueprint(main) app.register_blueprint(errors) def requires_auth(f): @wraps(f) def decorated(*args, **kwargs): if 'profile' not in session: # Redirect to Login page here return redirect('/') return f(*args, **kwargs) return decorated @app.route('/callback') def callback_handling(): # Handles response from token endpoint auth0.authorize_access_token() resp = auth0.get('userinfo') userinfo = resp.json() # Store the user information in flask session. session['jwt_payload'] = userinfo session['profile'] = { 'user_id': userinfo['sub'], 'name': userinfo['name'], } return redirect('/dashboard') @app.route('/login') def login(): global user user = True inject_user() return auth0.authorize_redirect(redirect_uri='http://127.0.0.1:5000/callback') @app.route('/logout') def logout(): global user # Clear session stored data session.clear() user = False inject_user() # Redirect user to logout endpoint params = {'returnTo': url_for('main.home', _external=True), 'client_id': 'c0XAJzf9A9M6rM5jB02V7SGGbc2PLknf'} return redirect(auth0.api_base_url + '/v2/logout?' + urlencode(params)) @app.route('/dashboard') @requires_auth def dashboard(): return render_template('pages/dashboard.html', userinfo=session['profile'], userinfo_pretty=json.dumps(session['jwt_payload'], indent=4)) @app.context_processor def inject_user(): return dict(user=user) return app
gateway = braintree.BraintreeGateway( braintree.Configuration(environment=braintree.Environment.Sandbox, merchant_id=app.config.get("BRAIN_MERCHANT_ID"), public_key=app.config.get("BRAIN_PUBLIC_KEY"), private_key=app.config.get("BRAIN_PRIVATE_KEY"))) oauth = OAuth() oauth.register('google', client_id=app.config.get("GOOGLE_CLIENT_ID"), client_secret=app.config.get("GOOGLE_CLIENT_SECRET"), access_token_url='https://accounts.google.com/o/oauth2/token', access_token_params=None, refresh_token_url=None, authorize_url='https://accounts.google.com/o/oauth2/auth', api_base_url='https://www.googleapis.com/oauth2/v1/', client_kwargs={ 'scope': 'https://www.googleapis.com/auth/userinfo.email', 'token_endpoint_auth_method': 'client_secret_basic', 'token_placement': 'header', 'prompt': 'consent' }) oauth.init_app(app) def upload_to_s3(file, acl="public-read"): try: s3.upload_fileobj(
app = Flask(__name__) Talisman(app, content_security_policy=None) # app.secrect_key = secret # app.secrect_key = os.getenv("APP_SECRET_KEY") app.config['SECRET_KEY'] = os.getenv("APP_SECRET_KEY") app.config['SESSION_COOKIE_NAME'] = 'google-login-session' app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(minutes=40) oauth = OAuth(app) google = oauth.register( name='google', client_id=os.getenv("GOOGLE_CLIENT_ID"), client_secret=os.getenv("GOOGLE_CLIENT_SECRET"), access_token_url='https://accounts.google.com/o/oauth2/token', access_token_params=None, authorize_url='https://accounts.google.com/o/oauth2/auth', authorize_params=None, api_base_url='https://www.googleapis.com/oauth2/v1/', userinfo_endpoint='https://openidconnect.googleapis.com/v1/userinfo', client_kwargs={'scope': 'openid email profile'}, ) @app.route("/") def index(): is_logged = bool(dict(session)) return render_template('index.html', is_logged=is_logged) @app.route('/login') def login():
login_manager.init_app(app) login_manager.user_loader(user_loader) reports_file_manager = FileManager() reports_file_manager.set_file_set('REPORTS') reports_file_manager.init_app(app) # avatars_file_manager = FileManager(app, 'AVATARS') oauth = OAuth(app) oauth.register( name='vk', client_id='7457845', client_secret=cfg.VK_CLIENT_SECRET, access_token_url='https://oauth.vk.com/access_token', access_token_params=None, authorize_url='https://oauth.vk.com/authorize', authorize_params=None, api_base_url='https://oauth.vk.com/', client_kwargs={ 'token_endpoint_auth_method': 'client_secret_post', 'scope': '4194304' # 4194304 == email }, ) oauth.register( name='google', client_id= '417947745249-rf88vah86hipt6cc7rfh6ehm3rfjhbi4.apps.googleusercontent.com', client_secret=cfg.GOOGLE_CLIENT_SECRET, access_token_url='https://www.googleapis.com/oauth2/v4/token', access_token_params=None, authorize_url=
from flask import redirect from flask import render_template from flask import session from flask import url_for from authlib.integrations.flask_client import OAuth from six.moves.urllib.parse import urlencode AUTH0_CALLBACK_URL = os.environ.get('AUTH0_CALLBACK_URL') AUTH0_CLIENT_ID = os.environ.get('AUTH0_CLIENT_ID') AUTH0_CLIENT_SECRET = os.environ.get('AUTH0_CLIENT_SECRET') AUTH0_DOMAIN = os.environ.get('AUTH0_DOMAIN') AUTH0_BASE_URL = os.environ.get('AUTH0_BASE_URL') AUTH0_AUDIENCE = os.environ.get('AUTH0_AUDIENCE') app = Flask(__name__) oauth = OAuth(app) auth0 = oauth.register( 'auth0', client_id='zeu5Q4B8xrU7BymT7dxwW7VTh6To2chH', client_secret=( 'L7c1jjyvy9nsdExxng77bd0Oahiin0aYOqWueqLE_WVxIHSeoPIliU-FQHk5sq8K'), api_base_url='https://fnsd-gmc.us.auth0.com', access_token_url='https://fnsd-gmc.us.auth0.com/oauth/token', authorize_url='https://fnsd-gmc.us.auth0.com/authorize', client_kwargs={ 'scope': 'openid profile email', }, )
def create_app(test_config=None): app = Flask(__name__) SECRET_KEY = os.urandom(32) app.config['SECRET_KEY'] = SECRET_KEY setup_db(app) migrate = Migrate(app, db) CORS(app) oauth = OAuth(app) @app.after_request def after_request(response): response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization,true') response.headers.add('Access-Control-Allow-Methods', 'GET,PATCH,PUT,POST,DELETE,OPTIONS') return response auth0 = oauth.register( 'auth0', client_id='zNzK3s62YQ9xAx0RqkTfOWm7NN5U7SCe', client_secret= '1EUaLZASC5yhg5mBABU19WeLwgEXtMt1CMNTHNd6dqbktVjHduPy5mpNXGVT4HQq', api_base_url='https://capstone-projects.auth0.com', access_token_url='https://capstone-projects.auth0.com/oauth/token', authorize_url='https://capstone-projects.auth0.com/authorize', client_kwargs={ 'scope': 'openid profile email', }, ) ''' Endpoints for login ''' @app.route('/login') def login(): return auth0.authorize_redirect( redirect_uri='http://*****:*****@app.route('/callback') def callback_handling(): # Handles response from token endpoint auth0.authorize_access_token() resp = auth0.get('userinfo') userinfo = resp.json() # Store the user information in flask session. session['jwt_payload'] = userinfo session['profile'] = { 'user_id': userinfo['sub'], 'name': userinfo['name'], 'picture': userinfo['picture'] } return redirect('/') ''' Endpoints for home page ''' @app.route('/') def index(): return render_template('home.html') ''' Endpoints for actors ''' # gets all actors and posts a new actor @app.route('/actors', methods=["GET"]) @requires_auth('get:actors') def actors(token): actors = Actor.query.all() actors = [actor.format() for actor in actors] return render_template('pages/actors.html', actors) @app.route('/actors', methods=["POST"]) @requires_auth('post:actors') def post_actor(token): try: name = request.form.get("name") age = request.form.get("age") gender = request.form.get("gender") new_actor = Actor(name=name, age=age, gender=gender) new_actor.insert() except: db.session.rollback() abort(422) finally: db.session.close() return render_template('pages/actors.html') # gets the form for posting a new actor profile: @app.route('/actors/create', methods=["GET"]) @requires_auth('post:actors') def create_actor(token): form = ActorForm() return render_template('forms/post_actor.html', form=form) # gets an actor's profile @app.route('/actors/<int:id>', methods=["GET"]) @requires_auth('get:actors') def show_actor(token, id): actor = Actor.query.filter_by(id=id).first() return render_template('pages/actor_profile.html', actor=actor.format()) # edits existing actor: @app.route('/actors/<int:id>/edit', methods=["PATCH"]) @requires_auth('patch:actor') def edit_actor(token, id): try: actor = Actor.query.filter_by(id=id).first() new_name = request.form.get("name", None) new_age = request.form.get("age", None) new_gender = request.form.get("gender", None) if new_name: actor.name = new_name if new_age: actor.age = new_age if new_gender: actor.gender = new_gender actor.update() except: db.session.rollback() abort(422) finally: db.session.close() return redirect(url_for('actors')) # deletes actor @app.route('/actors/<int:id>', methods=["DELETE"]) @requires_auth('delete:actor') def delete_actor(token, id): try: actor = Actor.query.filter(Actor.id == id).one_or_none() if actor is None: return jsonify({"message": "actor not found"}) actor.delete() except: db.session.rollback() return jsonify({"message": "there was an error deleting"}) finally: db.session.close() return redirect(url_for('actors')) # gets the form for editing an actor profile @app.route('/actors/<int:id>/edit', methods=["GET"]) def get_edit_actor(id): actor = Actor.query.filter_by(id=id).one() form = ActorForm() return render_template('forms/edit_actor.html', actor=actor.format(), form=form) #----------------------------------------------------------------------------# # Movies Endpoints #----------------------------------------------------------------------------# # get all movies and post a new movie @app.route('/movies', methods=["GET"]) @requires_auth('get:movies') def movies(token): movies = Movie.query.order_by(Movie.id).all() movies = [movie.format() for movie in movies] return render_template('pages/movies.html', movies) @app.route('/movies', methods=["POST"]) @requires_auth('post:movies') def create_movie(token): try: title = request.form.get("title") release_date = request.form.get("release_date") new_movie = Movie(title=title, release_date=release_date) new_movie.insert() except: db.session.rollback() abort(422) finally: db.session.close() return redirect(url_for('movies')) # delete a movie @app.route('/movies/<int:id>/delete', methods=["DELETE"]) @requires_auth('delete:movie') def delete_movie(token, id): try: movie = Movie.query.filter(Movie.id == id).one_or_none() if movie is None: return jsonify({"message": "movie not found"}) movie.delete() db.session.commit() except: db.session.rollback() return jsonify({"message": "there was an error deleting"}) finally: db.session.close() return redirect(url_for('movies')) @app.route('/movies/<int:id>/update', methods=["PATCH"]) @requires_auth('patch:movie') def update_movie(token, id): try: movie = Movie.query.filter_by(id=id).one_or_none() new_title = request.args.get("title", None) new_release_date = request.args.get("release_date", None) if new_title: movie.title = new_title if new_release_date: movie.release_date = new_release_date movie.update() except: db.session.rollback() abort(422) finally: db.session.close() return redirect(url_for('movies')) @app.route('/movies/create') def get_movie_create(): form = MovieForm() return render_template('forms/post_movie.html', form=form) @app.route('/movies/<int:id>', methods=["GET"]) def get_movie_profile(id): movie = Movie.query.filter_by(id=id).first() return render_template('pages/movie_profile.html', movie=movie.format()) @app.route('/movies/<int:id>/edit') def get_edit_movie(id): movie = Movie.query.filter_by(id=id).first() form = MovieForm() return render_template('pages/edit_movie.html', movie=movie.format(), form=form) return app
from flask import Flask, url_for, session from flask import render_template, redirect from authlib.integrations.flask_client import OAuth app = Flask(__name__) app.secret_key = '!secret' app.config.from_object('config') CONF_URL = 'https://accounts.google.com/.well-known/openid-configuration' oauth = OAuth(app) oauth.register(name='google', server_metadata_url=CONF_URL, client_kwargs={'scope': 'openid email profile'}) @app.route('/') def homepage(): user = session.get('user') return render_template('home.html', user=user) @app.route('/login') def login(): redirect_uri = url_for('auth', _external=True) return oauth.google.authorize_redirect(redirect_uri) @app.route('/auth') def auth(): token = oauth.google.authorize_access_token() user = oauth.google.parse_id_token(token)
def create_google_oauth_blueprint(app): oauth = OAuth(app) logger = logging.getLogger("google_oauth") blueprint = Blueprint("google_oauth", __name__) CONF_URL = "https://accounts.google.com/.well-known/openid-configuration" oauth = OAuth(app) oauth.register( name="google", server_metadata_url=CONF_URL, client_kwargs={"scope": "openid email profile"}, ) def get_user_profile(access_token): headers = {"Authorization": "OAuth {}".format(access_token)} response = requests.get( "https://www.googleapis.com/oauth2/v1/userinfo", headers=headers) if response.status_code == 401: logger.warning("Failed getting user profile (response code 401).") return None return response.json() @blueprint.route("/<org_slug>/oauth/google", endpoint="authorize_org") def org_login(org_slug): session["org_slug"] = current_org.slug return redirect( url_for(".authorize", next=request.args.get("next", None))) @blueprint.route("/oauth/google", endpoint="authorize") def login(): redirect_uri = url_for(".callback", _external=True) next_path = request.args.get( "next", url_for("redash.index", org_slug=session.get("org_slug"))) logger.debug("Callback url: %s", redirect_uri) logger.debug("Next is: %s", next_path) session["next_url"] = next_path return oauth.google.authorize_redirect(redirect_uri) @blueprint.route("/oauth/google_callback", endpoint="callback") def authorized(): logger.debug("Authorized user inbound") resp = oauth.google.authorize_access_token() user = resp.get("userinfo") if user: session["user"] = user access_token = resp["access_token"] if access_token is None: logger.warning("Access token missing in call back request.") flash("Validation error. Please retry.") return redirect(url_for("redash.login")) profile = get_user_profile(access_token) if profile is None: flash("Validation error. Please retry.") return redirect(url_for("redash.login")) if "org_slug" in session: org = models.Organization.get_by_slug(session.pop("org_slug")) else: org = current_org if not verify_profile(org, profile): logger.warning( "User tried to login with unauthorized domain name: %s (org: %s)", profile["email"], org, ) flash("Your Google Apps account ({}) isn't allowed.".format( profile["email"])) return redirect(url_for("redash.login", org_slug=org.slug)) picture_url = "%s?sz=40" % profile["picture"] user = create_and_login_user(org, profile["name"], profile["email"], picture_url) if user is None: return logout_and_redirect_to_index() unsafe_next_path = session.get("next_url") or url_for( "redash.index", org_slug=org.slug) next_path = get_next_path(unsafe_next_path) return redirect(next_path) return blueprint
CORS(app) return app app = create_app() oauth = OAuth(app) auth0 = oauth.register( 'auth0', client_id='fEDJSnB6Gb57nXJWzdTakt1x1N39x6EU', client_secret= 'gVDJ63B0mhFrQFXy4zMzqB65zuzh-58VcaDVBep_p7UVTlM6h-ghQ-Ul4SQg_Xnr', api_base_url='https://' + os.environ['AUTH0_DOMAIN'], access_token_url='https://' + os.environ['AUTH0_DOMAIN'] + '/oauth/token', authorize_url='https://' + os.environ['AUTH0_DOMAIN'] + '/authorize', client_kwargs={ 'scope': 'delete:movies get:movies get:actors post:actors post:movies get:comeouts post:comeouts', }, ) # TODO: implement any missing fields, as a database migration using Flask-Migrate # TODO Implement ComeOut and Actor models, and complete all model relationships and properties, as a database migration. #----------------------------------------------------------------------------# # Filters. #----------------------------------------------------------------------------#
base_uri_suffix = "/restapi" # Register the docusign OAuth remote app oauth = OAuth(app, update_token=update_token) oauth.register( name='docusign', client_id=ds_config.DS_CONFIG["ds_client_id"], client_secret=ds_config.DS_CONFIG["ds_client_secret"], access_token_url=ds_config.DS_CONFIG["authorization_server"] + "/oauth/token", access_token_params=None, authorize_url=ds_config.DS_CONFIG["authorization_server"] + "/oauth/auth", authorize_params=None, api_base_url=None, client_kwargs={ 'scope': 'signature', 'refresh_token_url': ds_config.DS_CONFIG["authorization_server"] + "/oauth/token" # "state": lambda: uuid.uuid4().hex.upper(), # 'code': "abcdef" }, ) # Create the remote app docusign = oauth.docusign def ds_token_ok(buffer_min=60):
PredefinedRoles, UserState, LoginType, ) bp = Blueprint("auth", __name__, url_prefix="/auth") db = DEFAULT_DATABASE.db log = logging.getLogger(__name__) MINIMAL_SCOPES = "openid email" FULL_SCOPES = MINIMAL_SCOPES + " profile" oauth = OAuth() # pylint: disable=invalid-name oauth.register( name="google", # nosec api_base_url="https://www.googleapis.com/", server_metadata_url="https://accounts.google.com/.well-known/openid-configuration", client_kwargs={"scope": MINIMAL_SCOPES}, ) @bp.route("/login", methods=["GET", "POST"]) @skip_authorization def login(): if is_authenticated(): return redirect("/") # Allow OAuth bypass on local dev environment. as_user = request.args.get("as_user", None, type=str) if current_app.config["IS_LOCAL"] and as_user != "OAuth": if as_user in current_app.config["APPLICATION_ADMINS"]: session["user_info"] = {
# Definition from flask import Flask, request, render_template, redirect, url_for, flash, session from __init__ import app,mysql from db_controller import * from response import * from authlib.integrations.flask_client import OAuth # Initialization for OAuth oauth = OAuth(app) google = oauth.register( name='google', client_id='877655369552-4nrhlafr6h9oe1s8fevdcv00b4hb6naq.apps.googleusercontent.com', client_secret='NMd1vfzJ0tl5vrZ___az9dLB', access_token_url='https://accounts.google.com/o/oauth2/token', acess_token_params=None, authorize_url='https://accounts.google.com/o/oauth2/auth', authorize_params=None, api_base_url='https://www.googleapis.com/oauth2/v1/', client_kwargs={'scope': 'openid profile email'} ) # Main code # API # API # API # API # API
def create_oauth_app(service_config, name): service_oauth = OAuth(app) service_app = service_oauth.register(name, **service_config) return service_app
from flask import Flask from config import Config from authlib.integrations.flask_client import OAuth app = Flask(__name__) app.config.from_object(Config) oauth = OAuth(app) oauth.register(name='github', client_kwargs={ 'scope': 'public_repo', }) from app import routes
from scheduler import schedule_task # use loginpass to make OAuth connection simpler app = Flask(__name__) cors = CORS(app) app.config['CORS_HEADERS'] = 'Content-Type' app.secret_key = "!secret" oauth = OAuth(app) oauth.register( name="minion-production", client_id="4289A8B8A67A243408F3166280BB7EC4AEE1090C6C867ECA38B531A6FA863DE0", client_secret="A556DD7D0AA6AF00B56EDC2C2AD46626B03EC94FDDEB364CCB2AE4384CC95965", access_token_url="https://api.home-connect.com/security/oauth/token", access_token_params=None, authorize_url="https://api.home-connect.com/security/oauth/authorize", authorize_params=None, api_base_url="https://api.github.com/", client_kwargs={ "scope": "CoffeeMaker-Control IdentifyAppliance CoffeeMaker-Monitor CoffeeMaker-Settings"}, ) homeConnect = oauth.create_client("minion-production") @app.route("/") def hello_world(): # for i in range(-13, 13): # i = 12-abs(i) # time.sleep(0.025) # changeStrangeLight("0",hex(i*21).lstrip("0x")) # changeLight("2",hex(i*21).lstrip("0x"))
from website import app require_oauth = ResourceProtector() oauth = OAuth(app) AUTHORIZE_URL = 'http://localhost:5000/oauth/authorize' AUTHORIZE_PARAMS = None ACCESS_TOKEN_URL = 'http://localhost:5000/oauth/token' ACCESS_TOKEN_PARAMS = None API_BASE_URL = 'http://localhost:5000' CLIENT_ID = 'hDihqlbEebpIbIjwSFrPkLo4' CLIENT_SECRET = 'Cm34ECZ8eIqY98TJ7gI95iw5pm3AfQ6nomHZNZ7Zj75IUO4L' CLIENT_KWARGS = {'scope': 'email profile'} # For automatic configurations # CONF_URL = 'https://accounts.google.com/.well-known/openid-configuration' oauth.register( name='local', # server_metadata_url=CONF_URL, access_token_url=ACCESS_TOKEN_URL, access_token_params=ACCESS_TOKEN_PARAMS, api_base_url=API_BASE_URL, authorize_url=AUTHORIZE_URL, authorize_params=AUTHORIZE_PARAMS, client_id=CLIENT_ID, client_secret=CLIENT_SECRET, client_kwargs=CLIENT_KWARGS, )
def test_create_client(self): app = Flask(__name__) oauth = OAuth(app) self.assertIsNone(oauth.create_client('dev')) oauth.register('dev', client_id='dev') self.assertIsNotNone(oauth.create_client('dev'))
) from whois.mikrotik import parse_mikrotik_data logging.basicConfig(level=logging.INFO) logger = logging.getLogger(__name__) app = Flask(__name__) app.config.from_object("whois.settings") login_manager = LoginManager() login_manager.init_app(app) if settings.oidc_enabled: oauth = OAuth(app) oauth.register( "sso", server_metadata_url= "http://sso.hsp.sh/auth/realms/hsp/.well-known/openid-configuration", client_kwargs={"scope": "openid profile email"}, ) cors = CORS(app, resources={r"/api/*": {"origins": "*"}}) common_vars_tpl = {"app": app.config.get_namespace('APP_')} @login_manager.user_loader def load_user(user_id): try: return User.get_by_id(user_id) except User.DoesNotExist as exc: app.logger.error("{}".format(exc)) return None
app = Flask(__name__) app.config['SECRET_KEY'] = 'hi there hi' oauth = OAuth(app) # the following local.aquiferre.com is something in /etc/hosts # that redirect traffic to 127.0.0.1, it helps when there might # be session storage conflict between several flask web project # working on same machine/browser, e.g. oAuth server and client oauth.register( name='o2', client_id='eVBfyD7yNJwJJ5coC0LZU4BB', client_secret='84H2UADnpGBWIXxLuorx38CvgVbM3TcNFmUeAOt5fG9AdWAN', access_token_url='http://local.aquiferre.com:5000/oauth/token', access_token_params=None, authorize_url='http://local.aquiferre.com:5000/oauth/authorize', authorize_params=None, api_base_url='http://local.aquiferre.com:5000/api/me', client_kwargs={'scope': 'profile'}, ) # o2 = oauth.create_client('o2') @app.route('/') def index(): return 'hi there' @app.route('/login')
def create_app(test_config=None): # create and configure the app app = Flask(__name__) app.secret_key = 'super secret key' database_connection = 'postgres://*****:*****@ec2-54-234-28-165.compute-1.amazonaws.com:5432/d2o4v6jpea8g48' setup_db(app, database_connection) setup_auth(app) CORS(app) our_token = None oauth = OAuth(app) auth0 = oauth.register('auth0', client_id=AUTH0_CLIENT_ID, client_secret=AUTH0_CLIENT_SECRET, api_base_url=API_BASEURL, access_token_url=f'{API_BASEURL}/oauth/token', authorize_url=f'{API_BASEURL}/authorize') @app.after_request def after_request(response): response.headers.add('Access-Control-Allow-Headers', 'Content-Type, Authorization') response.headers.add('Access-Control-Allow-Methods', 'GET, POST, PATCH, DELETE, OPTIONS') return response def get_token(): return session.get('current_token') @app.route('/') def index(): return ("Hello worlds") @app.route('/show-token') def show_token(): return jsonify({'token': session.get('current_token')}) @app.route('/login') def login_redirect(): return auth0.authorize_redirect( redirect_uri= 'https://fsnd-capstone-elp.herokuapp.com/login/callback', audience='movie_producer', response_type='token') # webbrowser.open(f'https://{AUTH0_DOMAIN}/authorize?audience={AUTH0_AUDIENCE}&response_type=token&client_id={AUTH0_CLIENT_ID}&redirect_uri={AUTH0_CALLBACK}') # return("You are logged in!") @app.route('/login/callback') def login_callback(): #access_token = request.args.get('access_token') #access_token = auth0.get('access_token') app.logger.info(request.get_data()) # auth0.authorize_access_token() app.logger.info('successfully logged in!') # auth0.authorize_access_token() return render_template('login_callback.html') @app.route('/logout') def logout(): session.clear() #LOGOUT_LINK = 'http://dev-md-8ge9f.us.auth0.com/v2/logout?returnTo=http://localhost:5000&client_id=FxBGhksxly32jgz0V7A7KdiazMScOpSk' #params = {'returnTo': 'http://*****:*****@app.route('/login/get_access_token', methods=['POST']) def get_access_token(): token = str(request.get_data()) token = token.split('=')[1][:-1] app.logger.info(token) session['current_token'] = token our_token = token set_current_token(token) return redirect('/') @app.route('/actors', methods=['GET']) # @requires_auth('get:actors') def get_actors(): actors = Actor.query.all() setup_auth(app) formatted_actors = [actor.format() for actor in actors] return jsonify({'success': True, 'actors': formatted_actors}) @app.route('/movies', methods=['GET']) # @requires_auth('get:movies') def get_movies(): setup_auth(app) movies = Movie.query.all() formatted_movies = [movie.format() for movie in movies] return jsonify({'success': True, 'movies': formatted_movies}) @app.route('/actors', methods=['POST']) @requires_auth('post:actors') def post_actor(jwt): body = request.get_json() name = body['name'] age = body['age'] gender = body['gender'] if len(name) == 0: abort(404) actor = Actor(name=name, age=age, gender=gender) actor.insert() return jsonify({'success': True, 'actor': actor.format()}) @app.route('/movies', methods=['POST']) @requires_auth('post:movies') def post_movie(jwt): body = request.get_json() title = body['title'] release_date = body['release_date'] if len(title) == 0: abort(404) movie = Movie(title=title, release_date=release_date) movie.insert() return jsonify({'success': True, 'movie': movie.format()}) @app.route('/actors/<int:actor_id>', methods=['PATCH']) @requires_auth('patch:actors') def update_actor(jwt, actor_id): actor = Actor.query.get(actor_id) if actor is None: abort(404) body = request.get_json() actor.name = body['name'] actor.age = body['age'] actor.gender = body['gender'] actor.update() return jsonify({'success': True, 'actor': actor.format()}) @app.route('/movies/<int:movie_id>', methods=['PATCH']) @requires_auth('patch:movies') def update_movie(jwt, movie_id): movie = Movie.query.get(movie_id) if movie is None: abort(404) body = request.get_json() movie.title = body['title'] movie.release_date = body['release_date'] movie.update() return jsonify({'success': True, 'movie': movie.format()}) @app.route('/actors/<int:actor_id>', methods=['DELETE']) @requires_auth('delete:actors') def delete_actor(jwt, actor_id): app.logger.info("GOING TO DELETE") actor = Actor.query.get(actor_id) if actor is None: abort(404) actor.delete() return jsonify({'success': True, 'actor_id': actor_id}) @app.route('/movies/<int:movie_id>', methods=['DELETE']) @requires_auth('delete:movies') def delete_movie(jwt, movie_id): movie = Movie.query.get(movie_id) if movie is None: abort(404) movie.delete() return jsonify({'success': True, 'movie_id': movie_id}) @app.errorhandler(404) def not_found(err): return jsonify({ 'success': False, 'error': 404, 'message': 'Resource not found' }), 404 @app.errorhandler(422) def unprocessable(err): return jsonify({ 'success': False, 'error': 422, 'message': 'Unprocessable' }), 422 @app.errorhandler(AuthError) def auth_error(err): return jsonify({ 'success': False, 'error': err.status_code, 'message': err.error['code'] }), err.status_code return app
app.config.from_object("config.Config") app.app_context().push() migrate = Migrate(app, db) db.init_app(app) oauth = OAuth(app) viarezo = oauth.register( "viarezo", client_id=app.config["VIAREZO_CLIENT_ID"], client_secret=app.config["VIAREZO_CLIENT_SECRET"], request_token_params={"scope": "default", "state": lambda: security.gen_salt(10)}, api_base_url=app.config["VIAREZO_BASE_URL"], access_token_method="POST", access_token_url=app.config["VIAREZO_TOKEN_URL"], authorize_url=app.config["VIAREZO_AUTH_URL"], ) socketio = SocketIO(app, cors_allowed_origins="*") # Register all the blueprints (AKA the routes) app.register_blueprint(base_blueprint) app.register_blueprint(auth_blueprint) app.register_blueprint(user_blueprint) app.register_blueprint(construct_oauth_blueprint(viarezo)) app.register_blueprint(jap_event_blueprint) app.register_blueprint(table_blueprint) app.register_blueprint(jap_place_blueprint) app.register_blueprint(command_blueprint)
#app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///fares.db' app.config['SQLALCHEMY_BINDS'] = { 'User': '******', 'fares': 'sqlite:///fares.db', 'userfares': 'sqlite:///userfares.db' } db = SQLAlchemy(app) app.secret_key = 'secretkey' oauth = OAuth(app) auth0 = oauth.register( 'auth0', client_id='0HQbdZewdUuIHCBfLqPxtHnk5JxVXmbl', client_secret= 'pKLSq8968hvDSgZN0MM_mZ-5PmjzEsdwzmnUpM4drLzbfz7DlmbCpLvLawQ-dw55', api_base_url='https://111uuuccciii.us.auth0.com', access_token_url='https://111uuuccciii.us.auth0.com/oauth/token', authorize_url='https://111uuuccciii.us.auth0.com/authorize', client_kwargs={ 'scope': 'openid profile email', }, ) class User(db.Model): __bind_key__ = 'User' id = db.Column(db.Integer, unique=True, primary_key=True) email = db.Column(db.String(30), unique=True, nullable=False) fname = db.Column(db.String(15), unique=False, nullable=False) lname = db.Column(db.String(15), unique=False, nullable=False) gender = db.Column(db.String(7), unique=False, nullable=False) dob = db.Column(db.String(10), unique=False, nullable=False)
def create_app(config_file): # create and configure the app app = Flask(__name__) app.config.from_object(config_file) setup_db(app) CORS(app) # configuring Auth0 # documentation https://github.com/auth0-samples/auth0-python-web-app oauth = OAuth(app) auth0 = oauth.register( 'auth0', client_id=AUTH0_CLIENT_ID, client_secret=AUTH0_CLIENT_SECRET, api_base_url=AUTH0_BASE_URL, access_token_url=AUTH0_BASE_URL + '/oauth/token', authorize_url=AUTH0_BASE_URL + '/authorize', client_kwargs={ 'scope': 'openid profile email', }, ) @app.after_request def after_request(response): response.headers.add('Access-Control-Allow-Headers', 'Content-Type, Authorization, True') response.headers.add('Access-Control-Allow-Methods', 'GET, PATCH, POST, DELETE') return response @app.route('/') def index(): return render_template('home.html') # Redirects to the Auth0 login page @app.route('/login') def login(): return auth0.authorize_redirect(redirect_uri=AUTH0_CALLBACK_URL, audience=AUTH0_AUDIENCE) # logout of Auth0 session. # This will clear the session and invalidate the access token @app.route('/logout') def logout(): session.clear() params = { 'returnTo': url_for('index', _external=True), 'client_id': AUTH0_CLIENT_ID } return redirect(auth0.api_base_url + '/v2/logout?' + urlencode(params)) ''' The callback url that Auth0 is configured with. Auth0 will callback to this url post authentication with the access token. The token can be used for authorizing API calls. ''' @app.route('/callback') def callback_handling(): # Handles response from token endpoint result = auth0.authorize_access_token() resp = auth0.get('userinfo') userinfo = resp.json() token = result.get('access_token') # Store the user information in flask session. session['jwt_token'] = token session['jwt_payload'] = userinfo session['profile'] = { 'user_id': userinfo['sub'], 'name': userinfo['name'], 'picture': userinfo['picture'] } return redirect('/dashboard') # The dashboard page with the access token post Auth0 authentication @app.route('/dashboard') @requires_authenticated_session def dashboard(): return render_template('dashboard.html', userinfo=session['profile'], userinfo_pretty=json.dumps( session['jwt_payload'], indent=4), token=session['jwt_token']) @app.route('/api/actors', methods=['POST']) @requires_auth('post:actors') def create_new_actor(payload): request_body = request.get_json() if not request_body: abort(400) name = request_body.get('name', None) gender = request_body.get('gender', None) date_of_birth = request_body.get('date_of_birth', None) if (name is None or gender is None or date_of_birth is None): abort(422) actor = Actor() actor.name = name actor.gender = gender actor.date_of_birth = datetime.strptime(date_of_birth, '%Y-%m-%d').date() actor.insert() return jsonify({'success': True, 'actor': actor.format()}), 201 @app.route('/api/actors', methods=['GET']) @requires_auth('get:actors') def list_all_actors(payload): actors = Actor.query.all() if actors is None or len(actors) == 0: abort(404) return jsonify({ 'success': True, 'actors': [actor.format() for actor in actors] }), 200 @app.route('/api/actors/<int:actor_id>', methods=['GET']) @requires_auth('get:actors') def get_actor_by_id(payload, actor_id): actor = Actor.query.get(actor_id) if actor is None: abort(404) return jsonify({'success': True, 'actor': actor.format()}), 200 @app.route('/api/actors/<int:actor_id>', methods=['DELETE']) @requires_auth('delete:actor') def delete_actor(payload, actor_id): actor = Actor.query.get(actor_id) if actor is None: abort(404) actor.delete() return jsonify({'success': True, 'deleted': actor.id}), 200 @app.route('/api/actors/<int:actor_id>', methods=['PATCH']) @requires_auth('patch:actor') def update_actor(payload, actor_id): actor = Actor.query.get(actor_id) if actor is None: abort(404) request_body = request.get_json() if not request_body: abort(400) name = request_body.get('name', None) gender = request_body.get('gender', None) date_of_birth = request_body.get('date_of_birth', None) if name: actor.name = name if gender: actor.gender = gender if date_of_birth: actor.date_of_birth = datetime.strptime(date_of_birth, '%Y-%m-%d').date() actor.update() return jsonify({'success': True, 'actor': actor.format()}), 200 @app.route('/api/movies', methods=['POST']) @requires_auth('post:movies') def create_movie(payload): request_body = request.get_json() if not request_body: abort(400) title = request_body.get('title', None) release_date = request_body.get('release_date', None) if title is None or release_date is None: abort(422) movie = Movie() movie.title = title movie.release_date = datetime.strptime(release_date, '%Y-%m-%d').date() movie.insert() return jsonify({'success': True, 'movie': movie.format()}), 201 @app.route('/api/movies', methods=['GET']) @requires_auth('get:movies') def get_movies(payload): movies = Movie.query.all() if movies is None or len(movies) == 0: abort(404) return jsonify({ 'success': True, 'movies': [movie.format() for movie in movies] }), 200 @app.route('/api/movies/<int:movie_id>', methods=['GET']) @requires_auth('get:movies') def get_movie_by_id(payload, movie_id): movie = Movie.query.get(movie_id) if movie is None: abort(404) return jsonify({'success': True, 'movies': movie.format()}), 200 @app.route('/api/movies/<int:movie_id>', methods=['DELETE']) @requires_auth('delete:movie') def delete_movie(payload, movie_id): movie = Movie.query.get(movie_id) if movie is None: abort(404) movie.delete() return jsonify({'success': True, 'deleted': movie.id}), 200 @app.route('/api/movies/<int:movie_id>', methods=['PATCH']) @requires_auth('patch:movie') def update_movie(payload, movie_id): movie = Movie.query.get(movie_id) if movie is None: abort(404) request_body = request.get_json() if not request_body: abort(400) title = request_body.get('title', None) release_date = request_body.get('release_date', None) if title: movie.title = title if release_date: movie.release_date = release_date movie.update() return jsonify({'success': True, 'movie': movie.format()}), 200 @app.errorhandler(422) def unprocessable_error(error): return jsonify({ 'success': False, 'error': 422, 'message': 'unprocessable error' }), 422 @app.errorhandler(404) def not_found_error(error): return jsonify({ 'success': False, 'error': 404, 'message': 'Resource not Found' }), 404 @app.errorhandler(400) def bad_request(error): return jsonify({ 'success': False, 'error': 400, 'message': 'Bad Request' }), 400 return app
import os from authlib.integrations.flask_client import OAuth from flask import redirect, session, url_for, current_app from six.moves.urllib.parse import urlencode from functools import wraps oauth = OAuth(current_app) auth0 = oauth.register( 'auth0', client_id=os.environ['AUTH0_CLIENT_ID'], client_secret=os.environ['AUTH0_CLIENT_SECRET'], api_base_url=os.environ['AUTH0_API_BASE_URL'], access_token_url=os.environ['AUTH0_ACCESS_TOKEN_URL'], authorize_url=os.environ['AUTH0_AUTHORIZE_URL'], client_kwargs={ 'scope': 'openid profile email', } ) @current_app.route('/login') def login(): return auth0.authorize_redirect(redirect_uri=url_for('callback', _external=True)) @current_app.route('/callback') def callback(): auth0.authorize_access_token() resp = auth0.get('userinfo')
# # 'REMOTE_AUTHORIZE_URL': 'http://127.0.0.1:5000/oauth/authorize', # # 'REMOTE_ACCESS_TOKEN_URL': 'http://127.0.0.1:5000/oauth/token' # }) def fetch_token(name): return OAuth2Token(params=session['token']) oauth = OAuth(app, fetch_token=fetch_token) oauth.register( name='remote', client_id=CLIENT_ID, client_secret=CLIENT_SECRET, request_token_url=None, access_token_url='http://127.0.0.1:5000/oauth/token', access_token_params=None, authorize_url='http://127.0.0.1:5000/oauth/authorize', authorize_params=None, api_base_url='http://127.0.0.1:5000/api/', # 资源服务器url client_kwargs={'scope': 'profile'}, ) home = """ {% if user %} <pre> {{ user|tojson }} </pre> <a href="/logout">logout</a> {% else %} <a href="/login">login</a> {% endif %}
def create_app(test_config=None): app = Flask(__name__, instance_relative_config=True, static_folder="./static", template_folder="./templates") oauth = OAuth(app) google = oauth.register( name='google', client_id= "241207606130-seji6525kc1i7dvfr7mt68flgm0r70fo.apps.googleusercontent.com", client_secret="bpcYF5II8ACFmIpK4gMW_0oW", access_token_url='https://accounts.google.com/o/oauth2/token', access_token_params=None, authorize_url='https://accounts.google.com/o/oauth2/auth', authorize_params=None, api_base_url='https://www.googleapis.com/oauth2/v1/', userinfo_endpoint='https://openidconnect.googleapis.com/v1/userinfo', client_kwargs={'scope': 'openid email profile'}, ) app.config.from_mapping( SECRET_KEY='mysecret', DATABASE='0.0.0.0:27017/tourney-site', ) if test_config is None: app.config.from_pyfile('config.py', silent=True) else: app.config.from_mapping(test_config) try: os.makedirs(app.instance_path) except OSError: pass from tourney_site import db db.init_app(app) with app.app_context(): db.init_db() app.json_encoder = MongoJSONEncoder app.url_map.converters['objectid'] = ObjectIdConverter from tourney_site.views import auth app.register_blueprint(auth.bp) from tourney_site.views import home app.register_blueprint(home.bp) logging.getLogger('urllib3.connectionpool').setLevel(logging.CRITICAL) @app.after_request def add_header(r): r.headers["Cache-Control"] = "no-cache, no-store, must-revalidate" r.headers["Pragma"] = "no-cache" r.headers["Expires"] = "0" r.headers['Cache-Control'] = 'public, max-age=0' return r @app.route('/', defaults={'path': ''}, methods=["GET", "POST"]) @app.route('/<path:path>') def index(path): if request.method == "POST": if "username" in session: return jsonify({"auth": True}) elif "profile" in dict(session): return jsonify({"auth": True}) else: return jsonify({"auth": False}) return render_template("index.html") @app.route('/login') def login_google(): google = oauth.create_client('google') redirect_uri = url_for('authorize', _external=True) return google.authorize_redirect(redirect_uri) @app.route('/authorize') def authorize(): google = oauth.create_client('google') token = google.authorize_access_token() resp = google.get('userinfo') user_info = resp.json() user = oauth.google.userinfo() session['profile'] = user_info session.permanent = True return redirect('/') return app
from flask import Flask, render_template, request, send_from_directory, redirect, url_for, session from authlib.integrations.flask_client import OAuth app = Flask(__name__) app.secret_key = "APP_SECRET_KEY" # oAuth Setup oauth = OAuth(app) google = oauth.register( name='google', client_id= "967323801663-l27svq4heurlacnt0p4679nnd8oc92ji.apps.googleusercontent.com", client_secret="0-2EE8CfSUro5wURZEFUa64d", access_token_url='https://accounts.google.com/o/oauth2/token', access_token_params=None, authorize_url='https://accounts.google.com/o/oauth2/auth', authorize_params=None, api_base_url='https://www.googleapis.com/oauth2/v1/', client_kwargs={'scope': 'openid email profile'}, ) APP_ROOT = os.path.dirname(os.path.abspath(__file__)) @app.route('/') def index(): return render_template("upload.html") @app.route('/upload', methods=['POST'])
# Configuring the flask instance app = Flask(__name__) app.register_error_handler(404, error_pages) app.register_error_handler(500, error_pages) app.secret_key = config["APP-SECRET-KEY"] app.config["SESSION_COOKIE_NAME"] = config["SESSION-COOKIE-NAME"] # Configuring oauth oauth = OAuth(app) google = oauth.register( name='google', client_id=config["GOOGLE-OAUTH2-CLIENT-ID"], client_secret=config["GOOGLE-OAUTH2-CLIENT-SECRET"], access_token_url='https://accounts.google.com/o/oauth2/token', access_token_params=None, authorize_url='https://accounts.google.com/o/oauth2/auth', authorize_params=None, api_base_url='https://www.googleapis.com/oauth2/v1/', userinfo_endpoint='https://openidconnect.googleapis.com/v1/userinfo', # This is only needed if using openId to fetch user info client_kwargs={'scope': 'openid email profile'}, ) """FLASK ROUTES & PARTIAL LOGIC FOR NON USER WEATHER""" # Route for the user to input their postcode @app.route("/") def postcode_entry(): # Returning the postcodeselect.html page without modification return render_template("postcodeselect.html")
AUTH0_CALLBACK_URL = getenv("AUTH0_CALLBACK_URL") AUTH0_CLIENT_ID = getenv("AUTH0_CLIENT_ID") AUTH0_CLIENT_SECRET = getenv("AUTH0_CLIENT_SECRET") AUTH0_DOMAIN = getenv("AUTH0_DOMAIN") AUTH0_BASE_URL = 'https://' + AUTH0_DOMAIN AUTH0_AUDIENCE = getenv("AUTH0_AUDIENCE") oauth = OAuth(app) auth0 = oauth.register( 'auth0', client_id=AUTH0_CLIENT_ID, client_secret=AUTH0_CLIENT_SECRET, api_base_url=AUTH0_BASE_URL, access_token_url=AUTH0_BASE_URL + '/oauth/token', authorize_url=AUTH0_BASE_URL + '/authorize', client_kwargs={ 'scope': 'openid profile email', }, ) @app.route('/') def main(): resp = make_response(render_template('main.html', login = g.user)) resp.headers['Access-Control-Allow-Origin'] = "https://sheltered-reaches-07912.herokuapp.com" return resp @app.route('/sender/register', methods=["GET"]) def register():
@wraps(f) def decorated(*args, **kwargs): if 'profile' not in session: # Redirect to Login page here return redirect('/') return f(*args, **kwargs) return decorated auth0 = oauth.register( 'auth0', client_id=os.environ.get('client_id'), client_secret=os.environ.get('client_secret'), api_base_url=os.environ.get('api_base_url'), access_token_url=os.environ.get('access_token_url'), authorize_url=os.environ.get('authorize_url'), client_kwargs={ 'scope': 'openid profile email', }, ) @server.route('/login') def login(): return redirect(os.environ.get('REDIRECT_URL')) @server.route('/callback') def callback_handling(): # Handles response from token endpoint