2025-01-02 02:14:30 +01:00
|
|
|
<html>
|
|
|
|
|
<head>
|
|
|
|
|
<title>FastAPI OIDC test</title>
|
|
|
|
|
<style>
|
|
|
|
|
body {
|
|
|
|
|
font-family: Arial, Helvetica, sans-serif;
|
|
|
|
|
background-color: antiquewhite;
|
|
|
|
|
}
|
|
|
|
|
h1 {
|
|
|
|
|
text-align: center;
|
|
|
|
|
}
|
|
|
|
|
.content {
|
|
|
|
|
width: 100%;
|
|
|
|
|
display: flex;
|
|
|
|
|
flex-direction: column;
|
|
|
|
|
align-items: center;
|
|
|
|
|
justify-content: center;
|
|
|
|
|
}
|
|
|
|
|
.user-info {
|
|
|
|
|
padding: 1em;
|
|
|
|
|
margin: 1em 0;
|
|
|
|
|
display: flex;
|
|
|
|
|
gap: 0.5em;
|
|
|
|
|
flex-direction: column;
|
|
|
|
|
width: fit-content;
|
|
|
|
|
align-items: center;
|
2025-01-03 12:39:41 +01:00
|
|
|
margin: 5px auto;
|
2025-01-02 02:14:30 +01:00
|
|
|
box-shadow: 0px 0px 10px lightgreen;
|
|
|
|
|
background-color: lightgreen;
|
|
|
|
|
}
|
|
|
|
|
.user-info * {
|
|
|
|
|
flex: 2 1 auto;
|
|
|
|
|
margin: 0;
|
|
|
|
|
}
|
|
|
|
|
.user-info .picture {
|
|
|
|
|
max-width: 3em;
|
|
|
|
|
max-height: 3em
|
|
|
|
|
}
|
2025-01-03 12:39:41 +01:00
|
|
|
.user-info a.logout {
|
2025-01-03 13:36:22 +01:00
|
|
|
border: 2px solid darkkhaki;
|
2025-01-03 12:39:41 +01:00
|
|
|
padding: 3px 6px;
|
|
|
|
|
text-decoration: none;
|
|
|
|
|
text-align: center;
|
|
|
|
|
color: black;
|
|
|
|
|
}
|
|
|
|
|
.user-info a.logout:hover {
|
|
|
|
|
background-color: orange;
|
|
|
|
|
}
|
2025-01-02 02:14:30 +01:00
|
|
|
.login-box {
|
|
|
|
|
text-align: center;
|
|
|
|
|
}
|
2025-01-03 13:36:22 +01:00
|
|
|
.login-box p {
|
|
|
|
|
margin: 0;
|
|
|
|
|
}
|
2025-01-02 02:14:30 +01:00
|
|
|
.login-toolbox {
|
|
|
|
|
max-width: 20em;
|
|
|
|
|
margin: auto;
|
|
|
|
|
display: flex;
|
|
|
|
|
flex-direction: column;
|
|
|
|
|
padding: 0 1em;
|
|
|
|
|
gap: 5px;
|
|
|
|
|
}
|
|
|
|
|
.login-toolbox a {
|
|
|
|
|
background-color: lightblue;
|
|
|
|
|
padding: 3px 6px;
|
|
|
|
|
text-decoration: none;
|
|
|
|
|
text-align: center;
|
|
|
|
|
color: black;
|
|
|
|
|
flex: 1 1 auto;
|
|
|
|
|
}
|
|
|
|
|
.login-toolbox .error {
|
|
|
|
|
color: darkred;
|
|
|
|
|
padding: 3px 6px;
|
|
|
|
|
text-align: center;
|
|
|
|
|
font-weight: bold;
|
|
|
|
|
flex: 1 1 auto;
|
|
|
|
|
}
|
|
|
|
|
.login-toolbox a:hover {
|
|
|
|
|
background-color: lightgreen;
|
|
|
|
|
}
|
2025-01-02 03:09:16 +01:00
|
|
|
.debug-auth {
|
2025-01-02 02:14:30 +01:00
|
|
|
font-size: 90%;
|
2025-01-03 13:36:22 +01:00
|
|
|
background-color: #d8bebc75;
|
|
|
|
|
padding: 6px;
|
|
|
|
|
}
|
|
|
|
|
.debug-auth * {
|
|
|
|
|
margin: 0;
|
2025-01-02 02:14:30 +01:00
|
|
|
}
|
2025-01-03 13:36:22 +01:00
|
|
|
.debug-auth p {
|
|
|
|
|
text-align: center;
|
|
|
|
|
border-bottom: 1px solid black;
|
|
|
|
|
}
|
|
|
|
|
.debug-auth ul {
|
|
|
|
|
padding: 0;
|
|
|
|
|
list-style: none;
|
|
|
|
|
}
|
|
|
|
|
.debug-auth p, .debug-auth .key {
|
2025-01-02 02:14:30 +01:00
|
|
|
font-weight: bold;
|
|
|
|
|
}
|
2025-01-02 03:09:16 +01:00
|
|
|
.content {
|
|
|
|
|
text-align: left;
|
|
|
|
|
}
|
2025-01-03 13:36:22 +01:00
|
|
|
.content #links-to-check {
|
2025-01-03 12:39:41 +01:00
|
|
|
display: flex;
|
|
|
|
|
text-align: center;
|
|
|
|
|
}
|
2025-01-03 13:36:22 +01:00
|
|
|
.content #links-to-check a {
|
2025-01-03 12:39:41 +01:00
|
|
|
margin: 5px;
|
|
|
|
|
color: black;
|
2025-01-03 13:36:22 +01:00
|
|
|
padding: 3px 6px;
|
2025-01-03 12:39:41 +01:00
|
|
|
text-decoration: none;
|
|
|
|
|
}
|
|
|
|
|
.hasResponseStatus {
|
|
|
|
|
background-color: #88888840;
|
|
|
|
|
}
|
|
|
|
|
.hasResponseStatus.status-200 {
|
|
|
|
|
background-color: #00ff0040;
|
|
|
|
|
}
|
|
|
|
|
.hasResponseStatus.status-401 {
|
|
|
|
|
background-color: #ff000040;
|
|
|
|
|
}
|
2025-01-05 05:06:58 +01:00
|
|
|
.role {
|
|
|
|
|
padding: 3px 6px;
|
|
|
|
|
background-color: #44228840;
|
|
|
|
|
}
|
2025-01-02 02:14:30 +01:00
|
|
|
</style>
|
2025-01-03 12:39:41 +01:00
|
|
|
<script>
|
2025-01-03 13:36:22 +01:00
|
|
|
function checkHref(elem) {
|
|
|
|
|
var xmlHttp = new XMLHttpRequest()
|
2025-01-03 12:39:41 +01:00
|
|
|
xmlHttp.onreadystatechange = function() {
|
|
|
|
|
if (xmlHttp.readyState == 4) {
|
|
|
|
|
elem.classList.add("hasResponseStatus")
|
|
|
|
|
elem.classList.add("status-" + xmlHttp.status)
|
2025-01-03 13:36:22 +01:00
|
|
|
elem.title = "Response code: " + xmlHttp.status
|
2025-01-03 12:39:41 +01:00
|
|
|
}
|
|
|
|
|
}
|
2025-01-03 13:36:22 +01:00
|
|
|
xmlHttp.open("GET", elem.href, true) // true for asynchronous
|
|
|
|
|
xmlHttp.send(null)
|
2025-01-03 12:39:41 +01:00
|
|
|
}
|
2025-01-03 13:36:22 +01:00
|
|
|
function checkPerms(rootId) {
|
|
|
|
|
var rootElem = document.getElementById(rootId)
|
|
|
|
|
Array.from(rootElem.children).forEach(elem => checkHref(elem))
|
2025-01-03 12:39:41 +01:00
|
|
|
}
|
|
|
|
|
</script>
|
2025-01-02 02:14:30 +01:00
|
|
|
</head>
|
2025-01-03 13:36:22 +01:00
|
|
|
<body onload="checkPerms('links-to-check')">
|
|
|
|
|
<h1>FastAPI test app for OIDC</h1>
|
2025-01-03 12:39:41 +01:00
|
|
|
{% if not user %}
|
2025-01-02 02:14:30 +01:00
|
|
|
<div class="login-box">
|
2025-01-05 05:06:58 +01:00
|
|
|
<p>Log in with one of these authentication providers:</p>
|
2025-01-02 02:14:30 +01:00
|
|
|
<div class="login-toolbox">
|
|
|
|
|
{% for provider in settings.oidc.providers %}
|
2025-01-05 05:06:58 +01:00
|
|
|
<a href="login?provider={{ provider.name }}">{{ provider.name }}</a>
|
2025-01-02 02:14:30 +01:00
|
|
|
{% else %}
|
|
|
|
|
<span class="error">Cannot login: no oidc prodiver in settings.yaml</span>
|
|
|
|
|
{% endfor %}
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
2025-01-03 12:39:41 +01:00
|
|
|
{% endif %}
|
2025-01-02 02:14:30 +01:00
|
|
|
{% if user %}
|
|
|
|
|
<div class="user-info">
|
2025-01-03 12:39:41 +01:00
|
|
|
<p>Hey, {{ user.name }}</p>
|
|
|
|
|
{% if user.picture %}
|
|
|
|
|
<img src="{{ user.picture }}" class="picture"></img>
|
|
|
|
|
{% endif %}
|
2025-01-05 05:06:58 +01:00
|
|
|
<div>{{ user.email }}</div>
|
|
|
|
|
{% if user.roles %}
|
|
|
|
|
<div>
|
|
|
|
|
<span>Roles:</span>
|
|
|
|
|
{% for role in user.roles %}
|
|
|
|
|
<span class="role">{{ role.name }}</span>
|
|
|
|
|
{% endfor %}
|
|
|
|
|
</div>
|
|
|
|
|
{% endif %}
|
|
|
|
|
<div>
|
|
|
|
|
<span>Provider:</span>
|
|
|
|
|
{{ user.oidc_provider.name }}
|
|
|
|
|
</div>
|
2025-01-03 12:39:41 +01:00
|
|
|
<a href="logout" class="logout">Logout</a>
|
|
|
|
|
</div>
|
2025-01-02 02:14:30 +01:00
|
|
|
{% endif %}
|
2025-01-03 12:39:41 +01:00
|
|
|
<div class="content">
|
2025-01-03 13:36:22 +01:00
|
|
|
<p>
|
|
|
|
|
These links should get different response codes depending on the authorization:
|
|
|
|
|
</p>
|
|
|
|
|
<div id="links-to-check">
|
|
|
|
|
<a href="public">Public</a>
|
2025-01-03 17:00:38 +01:00
|
|
|
<a href="protected">Auth protected content</a>
|
|
|
|
|
<a href="protected-by-foorole">Auth + foorole protected content</a>
|
|
|
|
|
<a href="protected-by-barrole">Auth + barrole protected content</a>
|
|
|
|
|
<a href="protected-by-foorole-and-barrole">Auth + foorole and barrole protected content</a>
|
|
|
|
|
<a href="protected-by-foorole-or-barrole">Auth + foorole or barrole protected content</a>
|
2025-01-03 13:36:22 +01:00
|
|
|
<a href="other">Other</a>
|
2025-01-03 12:39:41 +01:00
|
|
|
</div>
|
2025-01-02 02:14:30 +01:00
|
|
|
{% if user and settings.oidc.show_session_details %}
|
2025-01-02 03:09:16 +01:00
|
|
|
<div class="debug-auth">
|
2025-01-03 13:36:22 +01:00
|
|
|
<p>Session details</p>
|
2025-01-02 02:14:30 +01:00
|
|
|
<ul>
|
2025-01-05 05:06:58 +01:00
|
|
|
{% for key, value in user.userinfo.items() %}
|
2025-01-02 02:14:30 +01:00
|
|
|
<li>
|
|
|
|
|
<span class="key">{{ key }}</span>: {{ value }}
|
|
|
|
|
</li>
|
|
|
|
|
{% endfor %}
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
{% endif %}
|
2025-01-02 03:09:16 +01:00
|
|
|
<div class="content">
|
|
|
|
|
</div>
|
2025-01-02 02:14:30 +01:00
|
|
|
</body>
|
|
|
|
|
</html>
|
