Mirror/app-MAIL-temp
1
0
Fork 0
mirror of https://github.com/simple-login/app.git synced 2024-11-16 00:48:32 +01:00
Code Issues Projects Releases Packages Wiki Activity

rename ScopeE to just Scope

Browse source
This commit is contained in:
Son NK 2019-07-03 12:13:28 +02:00 committed by Son NK
parent b263886434
commit 9f3cba61ca
6 changed files with 32 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
app/models.py
View file

@ -12,7 +12,7 @@ from app import s3
from app.config import URL, MAX_NB_EMAIL_FREE_PLAN, EMAIL_DOMAIN from app.config import URL, MAX_NB_EMAIL_FREE_PLAN, EMAIL_DOMAIN
from app.extensions import db from app.extensions import db
from app.log import LOG from app.log import LOG
from app.oauth_models import ScopeE from app.oauth_models import Scope
from app.utils import convert_to_id, random_string from app.utils import convert_to_id, random_string
@ -248,9 +248,9 @@ class Client(db.Model, ModelMixin):
def nb_user(self): def nb_user(self):
return ClientUser.filter_by(client_id=self.id).count() return ClientUser.filter_by(client_id=self.id).count()
def get_scopes(self) -> [ScopeE]: def get_scopes(self) -> [Scope]:
# todo: client can choose which scopes they want to have access # todo: client can choose which scopes they want to have access
return [ScopeE.NAME, ScopeE.EMAIL, ScopeE.AVATAR_URL] return [Scope.NAME, Scope.EMAIL, Scope.AVATAR_URL]
@classmethod @classmethod
def create_new(cls, name, user_id) -> "Client": def create_new(cls, name, user_id) -> "Client":
@ -375,22 +375,22 @@ class ClientUser(db.Model, ModelMixin):
res = {"id": self.id, "client": self.client.name, "email_verified": True} res = {"id": self.id, "client": self.client.name, "email_verified": True}
for scope in self.client.get_scopes(): for scope in self.client.get_scopes():
if scope == ScopeE.NAME: if scope == Scope.NAME:
res[ScopeE.NAME.value] = self.user.name res[Scope.NAME.value] = self.user.name
elif scope == ScopeE.AVATAR_URL: elif scope == Scope.AVATAR_URL:
if self.user.profile_picture_id: if self.user.profile_picture_id:
res[ScopeE.AVATAR_URL.value] = self.user.profile_picture.get_url() res[Scope.AVATAR_URL.value] = self.user.profile_picture.get_url()
else: else:
res[ScopeE.AVATAR_URL.value] = None res[Scope.AVATAR_URL.value] = None
elif scope == ScopeE.EMAIL: elif scope == Scope.EMAIL:
# Use generated email # Use generated email
if self.gen_email_id: if self.gen_email_id:
LOG.debug( LOG.debug(
"Use gen email for user %s, client %s", self.user, self.client "Use gen email for user %s, client %s", self.user, self.client
) )
res[ScopeE.EMAIL.value] = self.gen_email.email res[Scope.EMAIL.value] = self.gen_email.email
# Use user original email # Use user original email
else: else:
res[ScopeE.EMAIL.value] = self.user.email res[Scope.EMAIL.value] = self.user.email
return res return res

19
app/oauth/templates/oauth/authorize.html
View file

@ -14,26 +14,27 @@
You have already authorized <b>{{ client.name }}</b>. You have already authorized <b>{{ client.name }}</b>.
</div> </div>
<div> <hr>
<div class="mb-4">
<b>{{ client.name }}</b> has access to the following information: <b>{{ client.name }}</b> has access to the following information:
</div> </div>
<div>
<ul>
{% for scope in client.get_scopes() %} {% for scope in client.get_scopes() %}
<li style="margin-top: .4rem"> <div>
{% if scope == ScopeE.AVATAR_URL %} {% if scope == Scope.AVATAR_URL and user_info[scope.value] %}
{{ scope.value }}: <img src="{{ user_info[scope.value] }}" class="avatar"> {{ scope.value }}: <img src="{{ user_info[scope.value] }}" class="avatar">
{% elif scope == ScopeE.EMAIL %} {% elif scope == Scope.EMAIL %}
{{ scope.value }}: {{ scope.value }}:
<a href="mailto:{{ user_info[scope.value] }}"> <a href="mailto:{{ user_info[scope.value] }}">
{{ user_info[scope.value] }} {{ user_info[scope.value] }}
</a> </a>
{% elif scope == ScopeE.NAME %} {% elif scope == Scope.NAME %}
{{ scope.value }}: <b>{{ user_info[scope.value] }}</b> {{ scope.value }}: <b>{{ user_info[scope.value] }}</b>
{% endif %} {% endif %}
</li> </div>
{% endfor %} {% endfor %}
</ul> </div>
{% else %} {% else %}
<div class="card-title"> <div class="card-title">
<b>{{ client.name }}</b> will receive your following information: <b>{{ client.name }}</b> will receive your following information:

4
app/oauth/views/authorize.py
View file

@ -17,7 +17,7 @@ from app.models import (
OauthToken, OauthToken,
) )
from app.oauth.base import oauth_bp from app.oauth.base import oauth_bp
from app.oauth_models import get_response_types, ResponseType, ScopeE from app.oauth_models import get_response_types, ResponseType, Scope
from app.utils import random_string, encode_url from app.utils import random_string, encode_url
@ -77,7 +77,7 @@ def authorize():
client=client, client=client,
user_info=user_info, user_info=user_info,
client_user=client_user, client_user=client_user,
ScopeE=ScopeE, Scope=Scope,
) )
else: else:
# after user logs in, redirect user back to this page # after user logs in, redirect user back to this page

4
app/oauth/views/token.py
View file

@ -6,7 +6,7 @@ from app.log import LOG
from app.models import Client, AuthorizationCode, OauthToken, ClientUser from app.models import Client, AuthorizationCode, OauthToken, ClientUser
from app.oauth.base import oauth_bp from app.oauth.base import oauth_bp
from app.oauth.views.authorize import generate_access_token from app.oauth.views.authorize import generate_access_token
from app.oauth_models import ScopeE from app.oauth_models import Scope
@oauth_bp.route("/token", methods=["POST"]) @oauth_bp.route("/token", methods=["POST"])
@ -82,7 +82,7 @@ def get_access_token():
"user": user_data, "user": user_data,
} }
if oauth_token.scope and ScopeE.OPENID.value in oauth_token.scope: if oauth_token.scope and Scope.OPENID.value in oauth_token.scope:
res["id_token"] = make_id_token(client_user) res["id_token"] = make_id_token(client_user)
return jsonify(res) return jsonify(res)

8
app/oauth_models.py
View file

@ -4,9 +4,7 @@ from typing import Set, Union
import flask import flask
class ScopeE(enum.Enum): class Scope(enum.Enum):
"""ScopeE to distinguish with Scope model"""
EMAIL = "email" EMAIL = "email"
NAME = "name" NAME = "name"
OPENID = "openid" OPENID = "openid"
@ -19,10 +17,10 @@ class ResponseType(enum.Enum):
ID_TOKEN = "id_token" ID_TOKEN = "id_token"
def get_scopes(request: flask.Request) -> Set[ScopeE]: def get_scopes(request: flask.Request) -> Set[Scope]:
scope_strs = _split_arg(request.args.getlist("scope")) scope_strs = _split_arg(request.args.getlist("scope"))
return set([ScopeE(scope_str) for scope_str in scope_strs]) return set([Scope(scope_str) for scope_str in scope_strs])
def get_response_types(request: flask.Request) -> Set[ResponseType]: def get_response_types(request: flask.Request) -> Set[ResponseType]:

8
tests/test_oauth_models.py
View file

@ -1,7 +1,7 @@
import flask import flask
import pytest import pytest
from app.oauth_models import get_scopes, ScopeE, get_response_types, ResponseType from app.oauth_models import get_scopes, Scope, get_response_types, ResponseType
def test_get_scopes(flask_app): def test_get_scopes(flask_app):
@ -11,17 +11,17 @@ def test_get_scopes(flask_app):
with flask_app.test_request_context("/?scope=email&scope=name"): with flask_app.test_request_context("/?scope=email&scope=name"):
scopes = get_scopes(flask.request) scopes = get_scopes(flask.request)
assert scopes == {ScopeE.NAME, ScopeE.EMAIL} assert scopes == {Scope.NAME, Scope.EMAIL}
# a space between email and name # a space between email and name
with flask_app.test_request_context("/?scope=email%20name"): with flask_app.test_request_context("/?scope=email%20name"):
scopes = get_scopes(flask.request) scopes = get_scopes(flask.request)
assert scopes == {ScopeE.NAME, ScopeE.EMAIL} assert scopes == {Scope.NAME, Scope.EMAIL}
# a comma between email and name # a comma between email and name
with flask_app.test_request_context("/?scope=email,name"): with flask_app.test_request_context("/?scope=email,name"):
scopes = get_scopes(flask.request) scopes = get_scopes(flask.request)
assert scopes == {ScopeE.NAME, ScopeE.EMAIL} assert scopes == {Scope.NAME, Scope.EMAIL}
# non-existent scope: raise ValueError # non-existent scope: raise ValueError
with flask_app.test_request_context("/?scope=abcd"): with flask_app.test_request_context("/?scope=abcd"):