44e4e4eb42
introduce admin area first poc for connecting the authentik api Co-authored-by: Philipp Rothmann <philipprothmann@posteo.de> Reviewed-on: #2
51 lines
1.5 KiB
Python
51 lines
1.5 KiB
Python
from flask import request, session
|
|
from requests_oauthlib import OAuth2Session
|
|
|
|
from config import *
|
|
from helpers import HydraError
|
|
|
|
|
|
class LITOauth:
|
|
@staticmethod
|
|
def authorize():
|
|
try:
|
|
scopes = ["openid", "email", "profile", "goauthentik.io/api"]
|
|
oauth = OAuth2Session(HYDRA_CLIENT_ID, redirect_uri=REDIRECT_URL, scope=scopes)
|
|
authorization_url, state = oauth.authorization_url(
|
|
HYDRA_AUTHORIZATION_BASE_URL
|
|
)
|
|
return authorization_url
|
|
except Exception as err:
|
|
raise HydraError(str(err), 500)
|
|
|
|
@staticmethod
|
|
def get_token(state, code):
|
|
try:
|
|
oauth = OAuth2Session(
|
|
client_id=HYDRA_CLIENT_ID,
|
|
state=state,
|
|
)
|
|
token = oauth.fetch_token(
|
|
token_url=TOKEN_URL,
|
|
code=code,
|
|
client_secret=HYDRA_CLIENT_SECRET,
|
|
include_client_id=True,
|
|
)
|
|
|
|
session["oauth_token"] = token
|
|
|
|
return token
|
|
except Exception as err:
|
|
raise HydraError(str(err), 500)
|
|
|
|
@staticmethod
|
|
def get_user_info():
|
|
try:
|
|
hydra = OAuth2Session(
|
|
client_id=HYDRA_CLIENT_ID, token=session["oauth_token"]
|
|
)
|
|
user_info = hydra.get("{}/userinfo".format(HYDRA_PUBLIC_URL))
|
|
|
|
return user_info.json()
|
|
except Exception as err:
|
|
raise HydraError(str(err), 500)
|