diff --git a/src/oidc_test/main.py b/src/oidc_test/main.py
index 92cddf7..ed4c6a1 100644
--- a/src/oidc_test/main.py
+++ b/src/oidc_test/main.py
@@ -249,6 +249,8 @@ async def non_compliant_logout(
oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)],
):
"""A page for non-compliant OAuth2 servers that we cannot log out."""
+ # Clear the remain of the session
+ request.session.pop("oidc_provider_id", None)
return templates.TemplateResponse(
name="non_compliant_logout.html",
request=request,
@@ -268,7 +270,7 @@ async def get_resource(
token: Annotated[OAuth2Token, Depends(get_token)],
) -> JSONResponse:
"""Generic path for testing a resource provided by a provider"""
- assert user is not None
+ assert user is not None # Just to keep QA checks happy
if oidc_provider is None:
raise HTTPException(
status.HTTP_406_NOT_ACCEPTABLE, detail="No such oidc provider"
@@ -309,21 +311,21 @@ async def public() -> HTMLResponse:
async def get_protected(
user: Annotated[User, Depends(get_current_user)]
) -> HTMLResponse:
- assert user is not None
+ assert user is not None # Just to keep QA checks happy
return HTMLResponse("Only authenticated users can see this
")
@app.get("/protected-by-foorole")
@hasrole("foorole")
async def get_protected_by_foorole(request: Request) -> HTMLResponse:
- assert request is not None
+ assert request is not None # Just to keep QA checks happy
return HTMLResponse("Only users with foorole can see this
")
@app.get("/protected-by-barrole")
@hasrole("barrole")
async def get_protected_by_barrole(request: Request) -> HTMLResponse:
- assert request is not None
+ assert request is not None # Just to keep QA checks happy
return HTMLResponse("Protected by barrole
")
@@ -331,14 +333,14 @@ async def get_protected_by_barrole(request: Request) -> HTMLResponse:
@hasrole("barrole")
@hasrole("foorole")
async def get_protected_by_foorole_and_barrole(request: Request) -> HTMLResponse:
- assert request is not None
+ assert request is not None # Just to keep QA checks happy
return HTMLResponse("Only users with foorole and barrole can see this
")
@app.get("/protected-by-foorole-or-barrole")
@hasrole(["foorole", "barrole"])
async def get_protected_by_foorole_or_barrole(request: Request) -> HTMLResponse:
- assert request is not None
+ assert request is not None # Just to keep QA checks happy
return HTMLResponse("Only users with foorole or barrole can see this
")
@@ -348,7 +350,7 @@ async def get_introspect(
oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)],
token: Annotated[OAuth2Token, Depends(get_token)],
) -> JSONResponse:
- assert request is not None
+ assert request is not None # Just to keep QA checks happy
if (
response := await oidc_provider.post(
oidc_provider.server_metadata["introspection_endpoint"],
@@ -361,31 +363,10 @@ async def get_introspect(
raise HTTPException(status_code=response.status_code, detail=response.text)
-@app.get("/oauth2-forgejo-test")
-async def get_forgejo_user_info(
- request: Request,
- user: Annotated[User, Depends(get_current_user)],
- oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)],
- token: Annotated[OAuth2Token, Depends(get_token)],
-) -> HTMLResponse:
- assert request is not None
- if (
- response := await oidc_provider.get(
- "/api/v1/user/repos",
- # headers={"Authorization": f"token {token['access_token']}"},
- token=token,
- )
- ).is_success:
- repos = response.json()
- names = [repo["name"] for repo in repos]
- return HTMLResponse(f"{user.name} has {len(repos)} repos: {', '.join(names)}")
- else:
- raise HTTPException(status_code=response.status_code, detail=response.text)
-
-
# Snippet for running standalone
# Mostly useful for the --version option,
-# as running with uvicorn is easy and provides flaxibility
+# as running with uvicorn is easy and provides better flexibility, eg.
+# uvicorn --host foo oidc_test.main:app --reload
def main():