diff --git a/areas/auth/auth.py b/areas/auth/auth.py index 098ed0a..4334be4 100644 --- a/areas/auth/auth.py +++ b/areas/auth/auth.py @@ -27,8 +27,19 @@ def hydra_callback(): raise BadRequest("Missing code query param") token = HydraOauth.get_token(state, code) + user_info = HydraOauth.get_user_info() + access_token = create_access_token( identity=token, expires_delta=timedelta(days=365) ) - return jsonify({"access_token": access_token}) + return jsonify( + { + "accessToken": access_token, + "userInfo": { + "email": user_info["email"], + "name": user_info["name"], + "preferredUsername": user_info["preferred_username"], + }, + } + ) diff --git a/config.py b/config.py index 22a643f..b3abf02 100644 --- a/config.py +++ b/config.py @@ -5,4 +5,5 @@ KRATOS_URL = os.environ.get("KRATOS_URL") HYDRA_CLIENT_ID = os.environ.get("HYDRA_CLIENT_ID") HYDRA_CLIENT_SECRET = os.environ.get("HYDRA_CLIENT_SECRET") HYDRA_AUTHORIZATION_BASE_URL = os.environ.get("HYDRA_AUTHORIZATION_BASE_URL") +HYDRA_URL = os.environ.get("HYDRA_URL") TOKEN_URL = os.environ.get("TOKEN_URL") diff --git a/helpers/hydra_oauth.py b/helpers/hydra_oauth.py index 06fdc3d..f90b891 100644 --- a/helpers/hydra_oauth.py +++ b/helpers/hydra_oauth.py @@ -6,8 +6,6 @@ from helpers import HydraError class HydraOauth: - SESSION_KEY = "oauth_state" - @staticmethod def authorize(): try: @@ -16,9 +14,6 @@ class HydraOauth: HYDRA_AUTHORIZATION_BASE_URL ) - # State is used to prevent CSRF, keep this for later. - session[HydraOauth.SESSION_KEY] = state - return authorization_url except Exception as err: raise HydraError(str(err), 500) @@ -41,3 +36,15 @@ class HydraOauth: return token except Exception as err: raise HydraError(str(err), 500) + + @staticmethod + def get_user_info(): + try: + hydra = OAuth2Session( + client_id=HYDRA_CLIENT_ID, token=session["hydra_token"] + ) + user_info = hydra.get("{}/userinfo".format(HYDRA_URL)) + + return user_info.json() + except Exception as err: + raise HydraError(str(err), 500) diff --git a/run_app.sh b/run_app.sh index 651b674..babc1b7 100755 --- a/run_app.sh +++ b/run_app.sh @@ -24,6 +24,7 @@ export SECRET_KEY="e38hq!@0n64g@qe6)5csk41t=ljo2vllog(%k7njnm4b@kh42c" export KRATOS_URL="http://127.0.0.1:8000" export HYDRA_CLIENT_ID="dashboard-local" export HYDRA_CLIENT_SECRET="gDSEuakxzybHBHJocnmtDOLMwlWWEvPh" +export HYDRA_URL="https://sso.init.stackspin.net" export HYDRA_AUTHORIZATION_BASE_URL="https://sso.init.stackspin.net/oauth2/auth" export TOKEN_URL="https://sso.init.stackspin.net/oauth2/token" flask run