philorg/oidc-fastapi-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

Display full token info
All checks were successful
/ build (push) Successful in 5s
Details
/ test (push) Successful in 5s
Details

Browse source
This commit is contained in:
phil 2025-02-08 01:55:36 +01:00
parent 3eb6dc3dcf
commit ff72f0cae5
5 changed files with 70 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/oidc_test/auth_utils.py
View file

@ -1,3 +1,4 @@
import re
from typing import Union, Annotated from typing import Union, Annotated
from functools import wraps from functools import wraps
import logging import logging
@ -133,9 +134,18 @@ async def get_current_user(request: Request) -> User:
return user return user
async def get_token_or_none(request: Request) -> OAuth2Token | None:
"""Return the auth token from the session or None.
Can be used in Depends()"""
try:
return await get_token(request)
except HTTPException:
return None
async def get_token(request: Request) -> OAuth2Token: async def get_token(request: Request) -> OAuth2Token:
"""Return the token from a request object, from the session. """Return the token from the session.
It can be used in Depends()""" Can be used in Depends()"""
try: try:
oidc_provider_settings = oidc_providers_settings[ oidc_provider_settings = oidc_providers_settings[
request.session.get("oidc_provider_id", "") request.session.get("oidc_provider_id", "")

41
src/oidc_test/main.py
View file

@ -34,6 +34,7 @@ from .auth_utils import (
get_current_user_or_none, get_current_user_or_none,
authlib_oauth, authlib_oauth,
get_providers_info, get_providers_info,
get_token_or_none,
) )
from .auth_misc import pretty_details from .auth_misc import pretty_details
from .database import TokenNotInDb, db from .database import TokenNotInDb, db
@ -76,6 +77,7 @@ async def home(
request: Request, request: Request,
user: Annotated[User, Depends(get_current_user_or_none)], user: Annotated[User, Depends(get_current_user_or_none)],
oidc_provider: Annotated[StarletteOAuth2App | None, Depends(get_oidc_provider_or_none)], oidc_provider: Annotated[StarletteOAuth2App | None, Depends(get_oidc_provider_or_none)],
token: Annotated[OAuth2Token | None, Depends(get_token_or_none)],
) -> HTMLResponse: ) -> HTMLResponse:
now = datetime.now() now = datetime.now()
if oidc_provider and ( if oidc_provider and (
@ -101,22 +103,29 @@ async def home(
logger.info("Invalid token") logger.info("Invalid token")
logger.exception(err) logger.exception(err)
return templates.TemplateResponse( context = {
name="home.html", "settings": settings.model_dump(),
request=request, "user": user,
context={ "access_token_scope": access_token_scope,
"settings": settings.model_dump(), "now": now,
"user": user, "oidc_provider": oidc_provider,
"access_token_scope": access_token_scope, "oidc_provider_settings": oidc_provider_settings,
"now": now, "resources": resources,
"oidc_provider": oidc_provider, }
"oidc_provider_settings": oidc_provider_settings, if token is None:
"resources": resources, context["id_token_parsed"] = None
"user_info_details": ( context["access_token_parsed"] = None
pretty_details(user, now) if user and settings.oidc.show_session_details else None context["refresh_token_parsed"] = None
), else:
}, assert oidc_provider is not None
) assert oidc_provider.name is not None
oidc_provider_settings = oidc_providers_settings[oidc_provider.name]
context["id_token_parsed"] = pretty_details(user, now)
context["access_token_parsed"] = oidc_provider_settings.decode(token["access_token"])
context["refresh_token_parsed"] = oidc_provider_settings.decode(
token["refresh_token"], verify_signature=False
)
return templates.TemplateResponse(name="home.html", request=request, context=context)
# Endpoints for the login / authorization process # Endpoints for the login / authorization process

1
src/oidc_test/settings.py
View file

@ -135,6 +135,7 @@ class Settings(BaseSettings):
insecure: Insecure = Insecure() insecure: Insecure = Insecure()
cors_origins: list[str] = [] cors_origins: list[str] = []
debug_token: bool = False debug_token: bool = False
show_token: bool = False
@classmethod @classmethod
def settings_customise_sources( def settings_customise_sources(

4
src/oidc_test/static/styles.css
View file

@ -73,7 +73,6 @@ hr {
} }
.debug-auth p { .debug-auth p {
border-bottom: 1px solid black; border-bottom: 1px solid black;
text-align: left;
} }
.debug-auth ul { .debug-auth ul {
padding: 0; padding: 0;
@ -185,8 +184,9 @@ hr {
font-family: monospace; font-family: monospace;
} }
.resourceResult { .resource {
padding: 0.5em; padding: 0.5em;
display: flex;
gap: 0.5em; gap: 0.5em;
flex-direction: column; flex-direction: column;
width: fit-content; width: fit-content;

41
src/oidc_test/templates/home.html
View file

@ -97,19 +97,38 @@
</div> </div>
{% endif %} {% endif %}
</div> </div>
{% if user_info_details %} {% if settings.show_token and id_token_parsed %}
<hr> <div class="token-info">
<div class="debug-auth"> <hr>
<p>User info</p> <div>
<ul> <h2>id token</h2>
{% for key, value in user_info_details.items() %} <div class="token">
<li> {% for key, value in id_token_parsed.items() %}
<span class="key">{{ key }}</span>: <span class="value">{{ value }}</span> <div>
</li> <div class="key">{{ key }}</div>
<div class="value">{{ value }}</div>
</div>
{% endfor %} {% endfor %}
</ul> </div>
<h2>access token</h2>
<div class="token">
{% for key, value in access_token_parsed.items() %}
<div>
<div class="key">{{ key }}</div>
<div class="value">{{ value }}</div>
</div>
{% endfor %}
</div>
<h2>refresh token</h2>
<div class="token">
{% for key, value in refresh_token_parsed.items() %}
<div>
<div class="key">{{ key }}</div>
<div class="value">{{ value }}</div>
</div>
{% endfor %}
</div>
</div> </div>
<div>Now is: {{ now.strftime("%T, %D") }} </div>
</div> </div>
{% endif %} {% endif %}
{% endblock %} {% endblock %}