mirror of
https://github.com/simple-login/app.git
synced 2024-09-27 20:31:30 +02:00
rename ScopeE to just Scope
This commit is contained in:
parent
b263886434
commit
9f3cba61ca
@ -12,7 +12,7 @@ from app import s3
|
||||
from app.config import URL, MAX_NB_EMAIL_FREE_PLAN, EMAIL_DOMAIN
|
||||
from app.extensions import db
|
||||
from app.log import LOG
|
||||
from app.oauth_models import ScopeE
|
||||
from app.oauth_models import Scope
|
||||
from app.utils import convert_to_id, random_string
|
||||
|
||||
|
||||
@ -248,9 +248,9 @@ class Client(db.Model, ModelMixin):
|
||||
def nb_user(self):
|
||||
return ClientUser.filter_by(client_id=self.id).count()
|
||||
|
||||
def get_scopes(self) -> [ScopeE]:
|
||||
def get_scopes(self) -> [Scope]:
|
||||
# todo: client can choose which scopes they want to have access
|
||||
return [ScopeE.NAME, ScopeE.EMAIL, ScopeE.AVATAR_URL]
|
||||
return [Scope.NAME, Scope.EMAIL, Scope.AVATAR_URL]
|
||||
|
||||
@classmethod
|
||||
def create_new(cls, name, user_id) -> "Client":
|
||||
@ -375,22 +375,22 @@ class ClientUser(db.Model, ModelMixin):
|
||||
res = {"id": self.id, "client": self.client.name, "email_verified": True}
|
||||
|
||||
for scope in self.client.get_scopes():
|
||||
if scope == ScopeE.NAME:
|
||||
res[ScopeE.NAME.value] = self.user.name
|
||||
elif scope == ScopeE.AVATAR_URL:
|
||||
if scope == Scope.NAME:
|
||||
res[Scope.NAME.value] = self.user.name
|
||||
elif scope == Scope.AVATAR_URL:
|
||||
if self.user.profile_picture_id:
|
||||
res[ScopeE.AVATAR_URL.value] = self.user.profile_picture.get_url()
|
||||
res[Scope.AVATAR_URL.value] = self.user.profile_picture.get_url()
|
||||
else:
|
||||
res[ScopeE.AVATAR_URL.value] = None
|
||||
elif scope == ScopeE.EMAIL:
|
||||
res[Scope.AVATAR_URL.value] = None
|
||||
elif scope == Scope.EMAIL:
|
||||
# Use generated email
|
||||
if self.gen_email_id:
|
||||
LOG.debug(
|
||||
"Use gen email for user %s, client %s", self.user, self.client
|
||||
)
|
||||
res[ScopeE.EMAIL.value] = self.gen_email.email
|
||||
res[Scope.EMAIL.value] = self.gen_email.email
|
||||
# Use user original email
|
||||
else:
|
||||
res[ScopeE.EMAIL.value] = self.user.email
|
||||
res[Scope.EMAIL.value] = self.user.email
|
||||
|
||||
return res
|
||||
|
@ -14,26 +14,27 @@
|
||||
You have already authorized <b>{{ client.name }}</b>.
|
||||
</div>
|
||||
|
||||
<div>
|
||||
<hr>
|
||||
|
||||
<div class="mb-4">
|
||||
<b>{{ client.name }}</b> has access to the following information:
|
||||
</div>
|
||||
|
||||
<ul>
|
||||
<div>
|
||||
{% for scope in client.get_scopes() %}
|
||||
<li style="margin-top: .4rem">
|
||||
{% if scope == ScopeE.AVATAR_URL %}
|
||||
<div>
|
||||
{% if scope == Scope.AVATAR_URL and user_info[scope.value] %}
|
||||
{{ scope.value }}: <img src="{{ user_info[scope.value] }}" class="avatar">
|
||||
{% elif scope == ScopeE.EMAIL %}
|
||||
{% elif scope == Scope.EMAIL %}
|
||||
{{ scope.value }}:
|
||||
<a href="mailto:{{ user_info[scope.value] }}">
|
||||
{{ user_info[scope.value] }}
|
||||
</a>
|
||||
{% elif scope == ScopeE.NAME %}
|
||||
{% elif scope == Scope.NAME %}
|
||||
{{ scope.value }}: <b>{{ user_info[scope.value] }}</b>
|
||||
{% endif %}
|
||||
</li>
|
||||
</div>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</div>
|
||||
{% else %}
|
||||
<div class="card-title">
|
||||
<b>{{ client.name }}</b> will receive your following information:
|
||||
|
@ -17,7 +17,7 @@ from app.models import (
|
||||
OauthToken,
|
||||
)
|
||||
from app.oauth.base import oauth_bp
|
||||
from app.oauth_models import get_response_types, ResponseType, ScopeE
|
||||
from app.oauth_models import get_response_types, ResponseType, Scope
|
||||
from app.utils import random_string, encode_url
|
||||
|
||||
|
||||
@ -77,7 +77,7 @@ def authorize():
|
||||
client=client,
|
||||
user_info=user_info,
|
||||
client_user=client_user,
|
||||
ScopeE=ScopeE,
|
||||
Scope=Scope,
|
||||
)
|
||||
else:
|
||||
# after user logs in, redirect user back to this page
|
||||
|
@ -6,7 +6,7 @@ from app.log import LOG
|
||||
from app.models import Client, AuthorizationCode, OauthToken, ClientUser
|
||||
from app.oauth.base import oauth_bp
|
||||
from app.oauth.views.authorize import generate_access_token
|
||||
from app.oauth_models import ScopeE
|
||||
from app.oauth_models import Scope
|
||||
|
||||
|
||||
@oauth_bp.route("/token", methods=["POST"])
|
||||
@ -82,7 +82,7 @@ def get_access_token():
|
||||
"user": user_data,
|
||||
}
|
||||
|
||||
if oauth_token.scope and ScopeE.OPENID.value in oauth_token.scope:
|
||||
if oauth_token.scope and Scope.OPENID.value in oauth_token.scope:
|
||||
res["id_token"] = make_id_token(client_user)
|
||||
|
||||
return jsonify(res)
|
||||
|
@ -4,9 +4,7 @@ from typing import Set, Union
|
||||
import flask
|
||||
|
||||
|
||||
class ScopeE(enum.Enum):
|
||||
"""ScopeE to distinguish with Scope model"""
|
||||
|
||||
class Scope(enum.Enum):
|
||||
EMAIL = "email"
|
||||
NAME = "name"
|
||||
OPENID = "openid"
|
||||
@ -19,10 +17,10 @@ class ResponseType(enum.Enum):
|
||||
ID_TOKEN = "id_token"
|
||||
|
||||
|
||||
def get_scopes(request: flask.Request) -> Set[ScopeE]:
|
||||
def get_scopes(request: flask.Request) -> Set[Scope]:
|
||||
scope_strs = _split_arg(request.args.getlist("scope"))
|
||||
|
||||
return set([ScopeE(scope_str) for scope_str in scope_strs])
|
||||
return set([Scope(scope_str) for scope_str in scope_strs])
|
||||
|
||||
|
||||
def get_response_types(request: flask.Request) -> Set[ResponseType]:
|
||||
|
@ -1,7 +1,7 @@
|
||||
import flask
|
||||
import pytest
|
||||
|
||||
from app.oauth_models import get_scopes, ScopeE, get_response_types, ResponseType
|
||||
from app.oauth_models import get_scopes, Scope, get_response_types, ResponseType
|
||||
|
||||
|
||||
def test_get_scopes(flask_app):
|
||||
@ -11,17 +11,17 @@ def test_get_scopes(flask_app):
|
||||
|
||||
with flask_app.test_request_context("/?scope=email&scope=name"):
|
||||
scopes = get_scopes(flask.request)
|
||||
assert scopes == {ScopeE.NAME, ScopeE.EMAIL}
|
||||
assert scopes == {Scope.NAME, Scope.EMAIL}
|
||||
|
||||
# a space between email and name
|
||||
with flask_app.test_request_context("/?scope=email%20name"):
|
||||
scopes = get_scopes(flask.request)
|
||||
assert scopes == {ScopeE.NAME, ScopeE.EMAIL}
|
||||
assert scopes == {Scope.NAME, Scope.EMAIL}
|
||||
|
||||
# a comma between email and name
|
||||
with flask_app.test_request_context("/?scope=email,name"):
|
||||
scopes = get_scopes(flask.request)
|
||||
assert scopes == {ScopeE.NAME, ScopeE.EMAIL}
|
||||
assert scopes == {Scope.NAME, Scope.EMAIL}
|
||||
|
||||
# non-existent scope: raise ValueError
|
||||
with flask_app.test_request_context("/?scope=abcd"):
|
||||
|
Loading…
Reference in New Issue
Block a user