From 5f2901d55896d9a191e58c7ca161c2304a684daa Mon Sep 17 00:00:00 2001 From: phil Date: Sun, 19 Jan 2025 16:45:21 +0100 Subject: [PATCH] Cleanup --- src/oidc_test/main.py | 41 +++++++++++------------------------------ 1 file changed, 11 insertions(+), 30 deletions(-) diff --git a/src/oidc_test/main.py b/src/oidc_test/main.py index 92cddf7..ed4c6a1 100644 --- a/src/oidc_test/main.py +++ b/src/oidc_test/main.py @@ -249,6 +249,8 @@ async def non_compliant_logout( oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)], ): """A page for non-compliant OAuth2 servers that we cannot log out.""" + # Clear the remain of the session + request.session.pop("oidc_provider_id", None) return templates.TemplateResponse( name="non_compliant_logout.html", request=request, @@ -268,7 +270,7 @@ async def get_resource( token: Annotated[OAuth2Token, Depends(get_token)], ) -> JSONResponse: """Generic path for testing a resource provided by a provider""" - assert user is not None + assert user is not None # Just to keep QA checks happy if oidc_provider is None: raise HTTPException( status.HTTP_406_NOT_ACCEPTABLE, detail="No such oidc provider" @@ -309,21 +311,21 @@ async def public() -> HTMLResponse: async def get_protected( user: Annotated[User, Depends(get_current_user)] ) -> HTMLResponse: - assert user is not None + assert user is not None # Just to keep QA checks happy return HTMLResponse("

Only authenticated users can see this

") @app.get("/protected-by-foorole") @hasrole("foorole") async def get_protected_by_foorole(request: Request) -> HTMLResponse: - assert request is not None + assert request is not None # Just to keep QA checks happy return HTMLResponse("

Only users with foorole can see this

") @app.get("/protected-by-barrole") @hasrole("barrole") async def get_protected_by_barrole(request: Request) -> HTMLResponse: - assert request is not None + assert request is not None # Just to keep QA checks happy return HTMLResponse("

Protected by barrole

") @@ -331,14 +333,14 @@ async def get_protected_by_barrole(request: Request) -> HTMLResponse: @hasrole("barrole") @hasrole("foorole") async def get_protected_by_foorole_and_barrole(request: Request) -> HTMLResponse: - assert request is not None + assert request is not None # Just to keep QA checks happy return HTMLResponse("

Only users with foorole and barrole can see this

") @app.get("/protected-by-foorole-or-barrole") @hasrole(["foorole", "barrole"]) async def get_protected_by_foorole_or_barrole(request: Request) -> HTMLResponse: - assert request is not None + assert request is not None # Just to keep QA checks happy return HTMLResponse("

Only users with foorole or barrole can see this

") @@ -348,7 +350,7 @@ async def get_introspect( oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)], token: Annotated[OAuth2Token, Depends(get_token)], ) -> JSONResponse: - assert request is not None + assert request is not None # Just to keep QA checks happy if ( response := await oidc_provider.post( oidc_provider.server_metadata["introspection_endpoint"], @@ -361,31 +363,10 @@ async def get_introspect( raise HTTPException(status_code=response.status_code, detail=response.text) -@app.get("/oauth2-forgejo-test") -async def get_forgejo_user_info( - request: Request, - user: Annotated[User, Depends(get_current_user)], - oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)], - token: Annotated[OAuth2Token, Depends(get_token)], -) -> HTMLResponse: - assert request is not None - if ( - response := await oidc_provider.get( - "/api/v1/user/repos", - # headers={"Authorization": f"token {token['access_token']}"}, - token=token, - ) - ).is_success: - repos = response.json() - names = [repo["name"] for repo in repos] - return HTMLResponse(f"{user.name} has {len(repos)} repos: {', '.join(names)}") - else: - raise HTTPException(status_code=response.status_code, detail=response.text) - - # Snippet for running standalone # Mostly useful for the --version option, -# as running with uvicorn is easy and provides flaxibility +# as running with uvicorn is easy and provides better flexibility, eg. +# uvicorn --host foo oidc_test.main:app --reload def main():