powerdns-admin/powerdnsadmin/services/azure.py

from flask import request, session, redirect, url_for, current_app

from .base import authlib_oauth_client
from ..models.setting import Setting


def azure_oauth():
    if not Setting().get('azure_oauth_enabled'):
        return None

    def fetch_azure_token():
        return session.get('azure_token')

    def update_token(token):
        session['azure_token'] = token
        return token

    authlib_params = {
        'client_id': Setting().get('azure_oauth_key'),
        'client_secret': Setting().get('azure_oauth_secret'),
        'api_base_url': Setting().get('azure_oauth_api_url'),
        'request_token_url': None,
        'client_kwargs': {'scope': Setting().get('azure_oauth_scope')},
        'fetch_token': fetch_azure_token,
    }

    server_metadata_url = Setting().get('azure_oauth_metadata_url')

    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
        authlib_params['server_metadata_url'] = server_metadata_url
    else:
        authlib_params['access_token_url'] = Setting().get('azure_oauth_token_url')
        authlib_params['authorize_url'] = Setting().get('azure_oauth_authorize_url')

    azure = authlib_oauth_client.register(
        'azure',
        **authlib_params
    )

    @current_app.route('/azure/authorized')
    def azure_authorized():
        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
        params = {'_external': True}
        if isinstance(use_ssl, bool):
            params['_scheme'] = 'https' if use_ssl else 'http'
        session['azure_oauthredir'] = url_for('.azure_authorized', **params)
        token = azure.authorize_access_token()
        if token is None:
            return 'Access denied: reason=%s error=%s' % (
                request.args['error'], request.args['error_description'])
        session['azure_token'] = (token)
        return redirect(url_for('index.login', **params))

    return azure
Resolve the conflicts and add adjustment to #591 2019-12-06 07:27:35 +00:00			`from flask import request, session, redirect, url_for, current_app`

			`from .base import authlib_oauth_client`
			`from ..models.setting import Setting`


			`def azure_oauth():`
			`if not Setting().get('azure_oauth_enabled'):`
			`return None`

			`def fetch_azure_token():`
			`return session.get('azure_token')`

Corrections to Azure auth service definition after refactor 2020-03-04 04:34:01 +00:00			`def update_token(token):`
			`session['azure_token'] = token`
			`return token`

Completed the removal of the OAuth JWKS URL setting as well as the update of how the existing metadata URL settings are being used. For additional information, reference GitHub issue #1499. 2023-04-02 13:19:05 +00:00			`authlib_params = {`
			`'client_id': Setting().get('azure_oauth_key'),`
			`'client_secret': Setting().get('azure_oauth_secret'),`
			`'api_base_url': Setting().get('azure_oauth_api_url'),`
			`'request_token_url': None,`
			`'client_kwargs': {'scope': Setting().get('azure_oauth_scope')},`
			`'fetch_token': fetch_azure_token,`
			`}`

			`server_metadata_url = Setting().get('azure_oauth_metadata_url')`

			`if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:`
			`authlib_params['server_metadata_url'] = server_metadata_url`
Completed OAuth change to make the use of the metadata URL setting exclusive to the authorization and token URL settings. If the former is defined, it will be used in preference to the latter. 2023-04-08 21:14:55 +00:00			`else:`
			`authlib_params['access_token_url'] = Setting().get('azure_oauth_token_url')`
			`authlib_params['authorize_url'] = Setting().get('azure_oauth_authorize_url')`
Completed the removal of the OAuth JWKS URL setting as well as the update of how the existing metadata URL settings are being used. For additional information, reference GitHub issue #1499. 2023-04-02 13:19:05 +00:00
Resolve the conflicts and add adjustment to #591 2019-12-06 07:27:35 +00:00			`azure = authlib_oauth_client.register(`
			`'azure',`
Completed the removal of the OAuth JWKS URL setting as well as the update of how the existing metadata URL settings are being used. For additional information, reference GitHub issue #1499. 2023-04-02 13:19:05 +00:00			`**authlib_params`
Resolve the conflicts and add adjustment to #591 2019-12-06 07:27:35 +00:00			`)`

			`@current_app.route('/azure/authorized')`
			`def azure_authorized():`
Completed the implementation of the `SERVER_EXTERNAL_SSL` environment setting into the app config files. Completed the implementation of the aforementioned environment setting into the OAuth workflows. Documented the aforementioned setting in the Environment-variables.md wiki document. 2023-04-08 21:05:27 +00:00			`use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')`
			`params = {'_external': True}`
			`if isinstance(use_ssl, bool):`
			`params['_scheme'] = 'https' if use_ssl else 'http'`
			`session['azure_oauthredir'] = url_for('.azure_authorized', **params)`
Resolve the conflicts and add adjustment to #591 2019-12-06 07:27:35 +00:00			`token = azure.authorize_access_token()`
			`if token is None:`
			`return 'Access denied: reason=%s error=%s' % (`
			`request.args['error'], request.args['error_description'])`
			`session['azure_token'] = (token)`
Completed the implementation of the `SERVER_EXTERNAL_SSL` environment setting into the app config files. Completed the implementation of the aforementioned environment setting into the OAuth workflows. Documented the aforementioned setting in the Environment-variables.md wiki document. 2023-04-08 21:05:27 +00:00			`return redirect(url_for('index.login', **params))`
Resolve the conflicts and add adjustment to #591 2019-12-06 07:27:35 +00:00
			`return azure`