cwinfo/powerdns-admin
5
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2024-09-18 22:39:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated the OAuth login handlers to utilize uniform user naming variables.

Browse Source 
Updated the GitHub login process to split the user's full name based on spaces so that first and last name are filled in on PDA profile.
This commit is contained in:
Matt Scott 2023-04-08 18:14:40 -04:00
parent 9168dd99e0
commit ece9626212
No known key found for this signature in database
GPG Key ID: A9A0AFFC0E079001
1 changed files with 30 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
powerdnsadmin/routes/index.py
View File

@ -164,18 +164,18 @@ def login():
if 'google_token' in session: if 'google_token' in session:
user_data = json.loads(google.get('userinfo').text) user_data = json.loads(google.get('userinfo').text)
first_name = user_data['given_name'] google_first_name = user_data['given_name']
surname = user_data['family_name'] google_last_name = user_data['family_name']
email = user_data['email'] google_email = user_data['email']
user = User.query.filter_by(username=email).first() user = User.query.filter_by(username=google_email).first()
if user is None: if user is None:
user = User.query.filter_by(email=email).first() user = User.query.filter_by(email=google_email).first()
if not user: if not user:
user = User(username=email, user = User(username=google_email,
firstname=first_name, firstname=google_first_name,
lastname=surname, lastname=google_last_name,
plain_text_password=None, plain_text_password=None,
email=email) email=google_email)
result = user.create_local_user() result = user.create_local_user()
if not result['status']: if not result['status']:
@ -187,11 +187,11 @@ def login():
return authenticate_user(user, 'Google OAuth') return authenticate_user(user, 'Google OAuth')
if 'github_token' in session: if 'github_token' in session:
me = json.loads(github.get('user').text) user_data = json.loads(github.get('user').text)
github_username = me['login'] github_username = user_data['login']
github_first_name = me['name'] github_first_name = user_data['name']
github_last_name = '' github_last_name = ''
github_email = me['email'] github_email = user_data['email']
# If the user's full name from GitHub contains at least two words, use the first word as the first name and # If the user's full name from GitHub contains at least two words, use the first word as the first name and
# the rest as the last name. # the rest as the last name.
@ -222,7 +222,7 @@ def login():
if 'azure_token' in session: if 'azure_token' in session:
azure_info = azure.get('me?$select=displayName,givenName,id,mail,surname,userPrincipalName').text azure_info = azure.get('me?$select=displayName,givenName,id,mail,surname,userPrincipalName').text
current_app.logger.info('Azure login returned: ' + azure_info) current_app.logger.info('Azure login returned: ' + azure_info)
me = json.loads(azure_info) user_data = json.loads(azure_info)
azure_info = azure.post('me/getMemberGroups', azure_info = azure.post('me/getMemberGroups',
json={'securityEnabledOnly': False}).text json={'securityEnabledOnly': False}).text
@ -234,15 +234,15 @@ def login():
else: else:
mygroups = [] mygroups = []
azure_username = me["userPrincipalName"] azure_username = user_data["userPrincipalName"]
azure_first_name = me["givenName"] azure_first_name = user_data["givenName"]
azure_last_name = me["surname"] azure_last_name = user_data["surname"]
if "mail" in me: if "mail" in user_data:
azure_email = me["mail"] azure_email = user_data["mail"]
else: else:
azure_email = "" azure_email = ""
if not azure_email: if not azure_email:
azure_email = me["userPrincipalName"] azure_email = user_data["userPrincipalName"]
# Handle foreign principals such as guest users # Handle foreign principals such as guest users
azure_email = re.sub(r"#.*$", "", azure_email) azure_email = re.sub(r"#.*$", "", azure_email)
@ -392,11 +392,11 @@ def login():
return authenticate_user(user, 'Azure OAuth') return authenticate_user(user, 'Azure OAuth')
if 'oidc_token' in session: if 'oidc_token' in session:
me = json.loads(oidc.get('userinfo').text) user_data = json.loads(oidc.get('userinfo').text)
oidc_username = me[Setting().get('oidc_oauth_username')] oidc_username = user_data[Setting().get('oidc_oauth_username')]
oidc_first_name = me[Setting().get('oidc_oauth_firstname')] oidc_first_name = user_data[Setting().get('oidc_oauth_firstname')]
oidc_last_name = me[Setting().get('oidc_oauth_last_name')] oidc_last_name = user_data[Setting().get('oidc_oauth_last_name')]
oidc_email = me[Setting().get('oidc_oauth_email')] oidc_email = user_data[Setting().get('oidc_oauth_email')]
user = User.query.filter_by(username=oidc_username).first() user = User.query.filter_by(username=oidc_username).first()
if not user: if not user:
@ -426,10 +426,11 @@ def login():
desc_prop = Setting().get('oidc_oauth_account_description_property') desc_prop = Setting().get('oidc_oauth_account_description_property')
account_to_add = [] account_to_add = []
# If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP). # If the name_property and desc_property exist in me (A variable that contains all the userinfo from the
if name_prop in me and desc_prop in me: # IdP).
accounts_name_prop = [me[name_prop]] if type(me[name_prop]) is not list else me[name_prop] if name_prop in user_data and desc_prop in user_data:
accounts_desc_prop = [me[desc_prop]] if type(me[desc_prop]) is not list else me[desc_prop] accounts_name_prop = [user_data[name_prop]] if type(user_data[name_prop]) is not list else user_data[name_prop]
accounts_desc_prop = [user_data[desc_prop]] if type(user_data[desc_prop]) is not list else user_data[desc_prop]
# Run on all groups the user is in by the index num. # Run on all groups the user is in by the index num.
for i in range(len(accounts_name_prop)): for i in range(len(accounts_name_prop)):