powerdns-admin/powerdnsadmin/services/github.py

from flask import request, session, redirect, url_for, current_app

from .base import authlib_oauth_client
from ..models.setting import Setting


def github_oauth():
    if not Setting().get('github_oauth_enabled'):
        return None

    def fetch_github_token():
        return session.get('github_token')

    def update_token(token):
        session['github_token'] = token
        return token

    authlib_params = {
        'client_id': Setting().get('github_oauth_key'),
        'client_secret': Setting().get('github_oauth_secret'),
        'request_token_params': {'scope': Setting().get('github_oauth_scope')},
        'api_base_url': Setting().get('github_oauth_api_url'),
        'request_token_url': None,
        'access_token_url': Setting().get('github_oauth_token_url'),
        'authorize_url': Setting().get('github_oauth_authorize_url'),
        'client_kwargs': {'scope': Setting().get('github_oauth_scope')},
        'fetch_token': fetch_github_token,
        'update_token': update_token
    }

    server_metadata_url = Setting().get('github_oauth_metadata_url')

    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
        authlib_params['server_metadata_url'] = server_metadata_url

    github = authlib_oauth_client.register(
        'github',
        **authlib_params
    )

    @current_app.route('/github/authorized')
    def github_authorized():
        session['github_oauthredir'] = url_for('.github_authorized',
                                               _external=True)
        token = github.authorize_access_token()
        if token is None:
            return 'Access denied: reason=%s error=%s' % (
                request.args['error'], request.args['error_description'])
        session['github_token'] = (token)
        return redirect(url_for('index.login'))

    return github
Refactoring the code - Use Flask blueprint - Split model and views into smaller parts - Bug fixes - API adjustment 2019-12-02 03:32:03 +00:00			`from flask import request, session, redirect, url_for, current_app`

			`from .base import authlib_oauth_client`
			`from ..models.setting import Setting`


			`def github_oauth():`
			`if not Setting().get('github_oauth_enabled'):`
			`return None`

			`def fetch_github_token():`
			`return session.get('github_token')`

			`def update_token(token):`
Fix token name in session for OIDC and GitHub authentication 2020-03-05 16:07:13 +00:00			`session['github_token'] = token`
Refactoring the code - Use Flask blueprint - Split model and views into smaller parts - Bug fixes - API adjustment 2019-12-02 03:32:03 +00:00			`return token`

Completed the removal of the OAuth JWKS URL setting as well as the update of how the existing metadata URL settings are being used. For additional information, reference GitHub issue #1499. 2023-04-02 13:19:05 +00:00			`authlib_params = {`
			`'client_id': Setting().get('github_oauth_key'),`
			`'client_secret': Setting().get('github_oauth_secret'),`
			`'request_token_params': {'scope': Setting().get('github_oauth_scope')},`
			`'api_base_url': Setting().get('github_oauth_api_url'),`
			`'request_token_url': None,`
			`'access_token_url': Setting().get('github_oauth_token_url'),`
			`'authorize_url': Setting().get('github_oauth_authorize_url'),`
			`'client_kwargs': {'scope': Setting().get('github_oauth_scope')},`
			`'fetch_token': fetch_github_token,`
			`'update_token': update_token`
			`}`

			`server_metadata_url = Setting().get('github_oauth_metadata_url')`

			`if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:`
			`authlib_params['server_metadata_url'] = server_metadata_url`

Refactoring the code - Use Flask blueprint - Split model and views into smaller parts - Bug fixes - API adjustment 2019-12-02 03:32:03 +00:00			`github = authlib_oauth_client.register(`
			`'github',`
Completed the removal of the OAuth JWKS URL setting as well as the update of how the existing metadata URL settings are being used. For additional information, reference GitHub issue #1499. 2023-04-02 13:19:05 +00:00			`**authlib_params`
			`)`
Refactoring the code - Use Flask blueprint - Split model and views into smaller parts - Bug fixes - API adjustment 2019-12-02 03:32:03 +00:00
			`@current_app.route('/github/authorized')`
			`def github_authorized():`
			`session['github_oauthredir'] = url_for('.github_authorized',`
			`_external=True)`
			`token = github.authorize_access_token()`
			`if token is None:`
			`return 'Access denied: reason=%s error=%s' % (`
			`request.args['error'], request.args['error_description'])`
			`session['github_token'] = (token)`
			`return redirect(url_for('index.login'))`

			`return github`