OIDC Callback :return:
()
| 23 | |
| 24 | @routes.route('/api/v1/auth/callback', methods = ['POST']) |
| 25 | def api_oidc_callback(): |
| 26 | """ |
| 27 | OIDC Callback |
| 28 | :return: |
| 29 | """ |
| 30 | oidc_spec_list = [ |
| 31 | {"code": { |
| 32 | 'kind': str |
| 33 | }}, |
| 34 | ] |
| 35 | |
| 36 | log, input, untrusted_input = regular_input.master( |
| 37 | request = request, |
| 38 | spec_list = oidc_spec_list) |
| 39 | code = None |
| 40 | if input: |
| 41 | code = input.get('code') |
| 42 | |
| 43 | if code is None: |
| 44 | code = request.args.get('code') |
| 45 | if code is None: |
| 46 | log['error']['code'] = 'Authorization code missing' |
| 47 | return jsonify(log), 400 |
| 48 | log = regular_log.default() |
| 49 | with sessionMaker.session_scope() as session: |
| 50 | oidc_provider = OAuth2Provider() |
| 51 | oidc_client = oidc_provider.get_client() |
| 52 | logger.info('OAuth2 Client Fetched') |
| 53 | access_token_data = oidc_client.get_access_token_with_code_grant(code = code) |
| 54 | |
| 55 | logger.info(f'OAuth2 access_token_data: {access_token_data}') |
| 56 | if not access_token_data: |
| 57 | log['error']['token'] = 'Failed to get access token. Please check authorization_code and client configuration.' |
| 58 | logger.error(log) |
| 59 | return jsonify(log), 400 |
| 60 | access_token = oidc_client.get_access_token_from_jwt(jwt_data = access_token_data) |
| 61 | logger.info(f'OAuth2 access_token: {access_token}') |
| 62 | logger.info(f'Keys: {access_token_data.keys()}') |
| 63 | user_data = oidc_client.get_user(access_token = access_token) |
| 64 | logger.info(f'OAuth2 user data: {user_data}') |
| 65 | if not user_data: |
| 66 | logger.error('Failed to fecth user data from oauth2 provider') |
| 67 | log['error']['userinfo'] = 'Failed to get userinfo. Please check access_token and client configuration.' |
| 68 | logger.error(log) |
| 69 | return jsonify(log), 400 |
| 70 | user_id = user_data.get('sub') |
| 71 | email = user_data.get('email') |
| 72 | diffgram_user = User.get_user_by_oauth2_id(session = session, |
| 73 | oidc_id = user_id) |
| 74 | logger.info(f'diffgram_user fetch by external id: {diffgram_user}') |
| 75 | if diffgram_user: |
| 76 | logger.info(f'login_and_return_access_token ') |
| 77 | return login_and_return_access_token( |
| 78 | session = session, |
| 79 | diffgram_user = diffgram_user, |
| 80 | user_data = user_data, |
| 81 | access_token_data = access_token_data, |
| 82 | log = log |
nothing calls this directly
no test coverage detected