Add user self-care link & setting for supporting providers

2025-01-26 19:08:49 +01:00 · 2025-01-26 19:08:49 +01:00 · dc93c7c05b
commit dc93c7c05b
parent 7ab715da5a
4 changed files with 33 additions and 5 deletions
--- a/src/oidc_test/main.py
+++ b/src/oidc_test/main.py
@ -94,15 +94,16 @@ async def home(
    now = datetime.now()
    if oidc_provider and (
        (
-            provider := providers_settings.get(
+            oidc_provider_settings := providers_settings.get(
                request.session.get("oidc_provider_id", "")
            )
        )
        is not None
    ):
-        resources = provider.resources
+        resources = oidc_provider_settings.resources
    else:
        resources = []
+        oidc_provider_settings = None
    return templates.TemplateResponse(
        name="home.html",
        request=request,
@ -110,6 +111,7 @@ async def home(
            "settings": settings.model_dump(),
            "user": user,
            "now": now,
+            "oidc_provider_settings": oidc_provider_settings,
            "resources": resources,
            "user_info_details": (
                pretty_details(user, now)
@ -212,6 +214,20 @@ async def auth(request: Request, oidc_provider_id: str) -> RedirectResponse:
        )


+@app.get("/account")
+async def account(
+    request: Request,
+    oidc_provider: Annotated[StarletteOAuth2App, Depends(get_oidc_provider)],
+) -> RedirectResponse:
+    if (
+        provider := providers_settings.get(request.session.get("oidc_provider_id", ""))
+    ) is None:
+        raise HTTPException(
+            status.HTTP_406_NOT_ACCEPTABLE, detail="No oidc provider setting"
+        )
+    return RedirectResponse(f"{provider.url}/account")
+
+
@app.get("/logout")
 async def logout(
    request: Request,
--- a/src/oidc_test/settings.py
+++ b/src/oidc_test/settings.py
@ -32,6 +32,7 @@ class OIDCProvider(BaseModel):
    code_challenge_method: str | None = None
    hint: str = "No hint"
    resources: list[Resource] = []
+    account_url_suffix: str | None = None

    @computed_field
    @property
@ -43,6 +44,14 @@ class OIDCProvider(BaseModel):
    def token_url(self) -> str:
        return "auth/" + self.id

+    @computed_field
+    @property
+    def account_url(self) -> str | None:
+        if self.account_url_suffix:
+            return self.url + self.account_url_suffix
+        else:
+            return None
+

 class ResourceProvider(BaseModel):
    id: str
--- a/src/oidc_test/templates/base.html
+++ b/src/oidc_test/templates/base.html
@ -1,6 +1,6 @@
 <html>
  <head>
-    <title>FastAPI OIDC test</title>
+    <title>OIDC (FastAPI) test</title>
    <link href="{{ url_for('static', path='/styles.css') }}" rel="stylesheet">
    <script src="{{ url_for('static', path='/utils.js') }}"></script>
  </head>
--- a/src/oidc_test/templates/home.html
+++ b/src/oidc_test/templates/home.html
@ -42,7 +42,10 @@
        <span>Provider:</span>
        {{ user.oidc_provider.name }} 
      </div>
-      <a href="logout" class="logout">Logout</a>
+      {% if oidc_provider_settings.account_url %}
+        <button onclick="location.href='{{ oidc_provider_settings.account_url }}'" class="logout">Account</button>
+      {% endif %}
+      <button onclick="location.href='{{ request.url_for("logout") }}'" class="logout">Logout</button>
    </div>
  {% endif %}
  <hr>
@ -66,7 +69,7 @@
      </p>
      <div class="links-to-check">
        {% for resource in resources %}
-          <a href="{{ request.url_for("get_resource", id=resource.id) }}">{{ resource.name }}</a>
+          <a href="{{ request.url_for('get_resource', id=resource.id) }}">{{ resource.name }}</a>
        {% endfor %}
      </div>
    {% endif %}