philorg/oidc-fastapi-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages2 Wiki Activity Actions

Fix account url, use template for settings

Browse source
This commit is contained in:
phil 2025-01-26 23:37:56 +01:00
parent dc93c7c05b
commit 5b6c6f1aac
3 changed files with 30 additions and 14 deletions
src/oidc_test
main.pysettings.py
templates
base.html

19
src/oidc_test/main.py
View file

@ -59,7 +59,7 @@ app.add_middleware(
# Add oidc providers to authlib from the settings
# fastapi_providers: dict[str, OpenIdConnect] = {}
providers_settings: dict[str, OIDCProvider] = {}
oidc_providers_settings: dict[str, OIDCProvider] = {}
for provider in settings.oidc.providers:
authlib_oauth.register(
@ -80,7 +80,7 @@ for provider in settings.oidc.providers:
# fastapi_providers[provider.id] = OpenIdConnect(
# openIdConnectUrl=provider.openid_configuration
# )
providers_settings[provider.id] = provider
oidc_providers_settings[provider.id] = provider
@app.get("/")
@ -94,7 +94,7 @@ async def home(
now = datetime.now()
if oidc_provider and (
(
oidc_provider_settings := providers_settings.get(
oidc_provider_settings := oidc_providers_settings.get(
request.session.get("oidc_provider_id", "")
)
)
@ -111,6 +111,7 @@ async def home(
"settings": settings.model_dump(),
"user": user,
"now": now,
"oidc_provider": oidc_provider,
"oidc_provider_settings": oidc_provider_settings,
"resources": resources,
"user_info_details": (
@ -137,7 +138,7 @@ async def login(request: Request, oidc_provider_id: str) -> RedirectResponse:
except AttributeError:
raise HTTPException(status.HTTP_401_UNAUTHORIZED, "No such provider")
# if (
# code_challenge_method := providers_settings[
# code_challenge_method := oidc_providers_settings[
# oidc_provider_id
# ].code_challenge_method
# ) is not None:
@ -220,12 +221,14 @@ async def account(
oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)],
) -> RedirectResponse:
if (
provider := providers_settings.get(request.session.get("oidc_provider_id", ""))
provider := oidc_providers_settings.get(
request.session.get("oidc_provider_id", "")
)
) is None:
raise HTTPException(
status.HTTP_406_NOT_ACCEPTABLE, detail="No oidc provider setting"
)
return RedirectResponse(f"{provider.url}/account")
return RedirectResponse(f"{provider.account_url}")
@app.get("/logout")
@ -292,7 +295,9 @@ async def get_resource(
status.HTTP_406_NOT_ACCEPTABLE, detail="No such oidc provider"
)
if (
provider := providers_settings.get(request.session.get("oidc_provider_id", ""))
provider := oidc_providers_settings.get(
request.session.get("oidc_provider_id", "")
)
) is None:
raise HTTPException(
status.HTTP_406_NOT_ACCEPTABLE, detail="No oidc provider setting"

23
src/oidc_test/settings.py
View file

@ -11,6 +11,9 @@ from pydantic_settings import (
PydanticBaseSettingsSource,
YamlConfigSettingsSource,
)
from starlette.requests import Request
from .models import User
class Resource(BaseModel):
@ -32,7 +35,7 @@ class OIDCProvider(BaseModel):
code_challenge_method: str | None = None
hint: str = "No hint"
resources: list[Resource] = []
account_url_suffix: str | None = None
account_url_template: str | None = None
@computed_field
@property
@ -44,11 +47,19 @@ class OIDCProvider(BaseModel):
def token_url(self) -> str:
return "auth/" + self.id
@computed_field
@property
def account_url(self) -> str | None:
if self.account_url_suffix:
return self.url + self.account_url_suffix
def get_account_url(self, request: Request, user: User) -> str | None:
if self.account_url_template:
if not (
self.url.endswith("/") or self.account_url_template.startswith("/")
):
sep = "/"
else:
sep = ""
return (
self.url
+ sep
+ self.account_url_template.format(request=request, user=user)
)
else:
return None

2
src/oidc_test/templates/base.html
View file

@ -5,7 +5,7 @@
<script src="{{ url_for('static', path='/utils.js') }}"></script>
</head>
<body onload="checkPerms('links-to-check')">
<h1>OIDC-test</h1>
<h1>OIDC-test - FastAPI client</h1>
{% block content %}
{% endblock %}
</body>