2021-10-12 16:24:51 +00:00
|
|
|
import os
|
2021-10-13 08:12:44 +00:00
|
|
|
import smtplib
|
|
|
|
|
import socket
|
2023-06-15 16:29:12 +00:00
|
|
|
from collections.abc import Mapping
|
|
|
|
|
|
2024-03-15 18:58:06 +00:00
|
|
|
from flask import current_app
|
|
|
|
|
|
2023-07-10 17:47:00 +00:00
|
|
|
from canaille.app.mails import DEFAULT_SMTP_HOST
|
|
|
|
|
from canaille.app.mails import DEFAULT_SMTP_PORT
|
2021-12-20 22:57:27 +00:00
|
|
|
|
2021-10-28 13:24:34 +00:00
|
|
|
ROOT = os.path.dirname(os.path.abspath(__file__))
|
|
|
|
|
|
2021-10-12 16:24:51 +00:00
|
|
|
|
2021-10-13 08:12:44 +00:00
|
|
|
class ConfigurationException(Exception):
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
|
2023-06-15 16:29:12 +00:00
|
|
|
def parse_file_keys(config):
|
2023-12-28 17:31:57 +00:00
|
|
|
"""Replaces configuration entries with the '_FILE' suffix with the matching
|
|
|
|
|
file content."""
|
2023-06-15 16:29:12 +00:00
|
|
|
|
|
|
|
|
SUFFIX = "_FILE"
|
|
|
|
|
new_config = {}
|
|
|
|
|
for key, value in config.items():
|
|
|
|
|
if isinstance(value, Mapping):
|
|
|
|
|
new_config[key] = parse_file_keys(value)
|
|
|
|
|
|
|
|
|
|
elif isinstance(key, str) and key.endswith(SUFFIX) and isinstance(value, str):
|
|
|
|
|
with open(value) as f:
|
|
|
|
|
value = f.read().rstrip("\n")
|
|
|
|
|
|
|
|
|
|
root_key = key[: -len(SUFFIX)]
|
|
|
|
|
new_config[root_key] = value
|
|
|
|
|
|
|
|
|
|
else:
|
|
|
|
|
new_config[key] = value
|
|
|
|
|
|
|
|
|
|
return new_config
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def setup_config(app, config=None, validate_config=True):
|
|
|
|
|
from canaille.oidc.installation import install
|
|
|
|
|
|
2023-08-16 15:14:11 +00:00
|
|
|
try:
|
|
|
|
|
import toml
|
2023-09-01 08:46:56 +00:00
|
|
|
except ImportError:
|
2023-08-16 15:14:11 +00:00
|
|
|
toml = None
|
|
|
|
|
|
2023-06-15 16:29:12 +00:00
|
|
|
app.config.from_mapping(
|
|
|
|
|
{
|
|
|
|
|
"SESSION_COOKIE_NAME": "canaille",
|
|
|
|
|
"OAUTH2_REFRESH_TOKEN_GENERATOR": True,
|
|
|
|
|
"OAUTH2_ACCESS_TOKEN_GENERATOR": "canaille.oidc.oauth.generate_access_token",
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
if config:
|
|
|
|
|
app.config.from_mapping(parse_file_keys(config))
|
2023-12-14 15:04:46 +00:00
|
|
|
elif "CONFIG" in os.environ:
|
|
|
|
|
if not toml: # pragma: no cover
|
|
|
|
|
raise Exception("toml library not installed. Cannot load configuration.")
|
2023-06-15 16:29:12 +00:00
|
|
|
app.config.from_mapping(parse_file_keys(toml.load(os.environ.get("CONFIG"))))
|
|
|
|
|
else:
|
|
|
|
|
raise Exception(
|
|
|
|
|
"No configuration file found. "
|
|
|
|
|
"Either create conf/config.toml or set the 'CONFIG' variable environment."
|
|
|
|
|
)
|
|
|
|
|
|
2023-09-01 08:46:56 +00:00
|
|
|
if app.debug:
|
2023-07-01 16:46:11 +00:00
|
|
|
install(app.config, debug=True)
|
2023-06-15 16:29:12 +00:00
|
|
|
|
|
|
|
|
if validate_config:
|
|
|
|
|
validate(app.config)
|
|
|
|
|
|
|
|
|
|
|
2021-10-12 16:24:51 +00:00
|
|
|
def validate(config, validate_remote=False):
|
2021-10-28 13:24:34 +00:00
|
|
|
validate_keypair(config)
|
|
|
|
|
validate_theme(config)
|
|
|
|
|
|
|
|
|
|
if not validate_remote:
|
|
|
|
|
return
|
|
|
|
|
|
2023-06-05 16:10:37 +00:00
|
|
|
from canaille.backends import BaseBackend
|
2022-01-11 16:57:58 +00:00
|
|
|
|
2023-06-05 16:10:37 +00:00
|
|
|
BaseBackend.get().validate(config)
|
2021-10-28 13:24:34 +00:00
|
|
|
validate_smtp_configuration(config)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def validate_keypair(config):
|
2023-04-10 14:24:43 +00:00
|
|
|
if (
|
2023-12-19 17:22:31 +00:00
|
|
|
config.get("OIDC")
|
|
|
|
|
and config["OIDC"].get("JWT")
|
2023-07-01 16:46:11 +00:00
|
|
|
and not config["OIDC"]["JWT"].get("PUBLIC_KEY")
|
|
|
|
|
and not current_app.debug
|
2023-04-10 14:24:43 +00:00
|
|
|
):
|
2023-07-01 16:46:11 +00:00
|
|
|
raise ConfigurationException("No public key has been set")
|
2021-10-12 16:24:51 +00:00
|
|
|
|
2023-04-10 14:24:43 +00:00
|
|
|
if (
|
2023-12-19 17:22:31 +00:00
|
|
|
config.get("OIDC")
|
|
|
|
|
and config["OIDC"].get("JWT")
|
2023-07-01 16:46:11 +00:00
|
|
|
and not config["OIDC"]["JWT"].get("PRIVATE_KEY")
|
|
|
|
|
and not current_app.debug
|
2023-04-10 14:24:43 +00:00
|
|
|
):
|
2023-07-01 16:46:11 +00:00
|
|
|
raise ConfigurationException("No private key has been set")
|
2021-10-12 16:24:51 +00:00
|
|
|
|
2021-10-13 08:12:44 +00:00
|
|
|
|
|
|
|
|
def validate_smtp_configuration(config):
|
2023-07-10 17:47:00 +00:00
|
|
|
host = config["SMTP"].get("HOST", DEFAULT_SMTP_HOST)
|
|
|
|
|
port = config["SMTP"].get("PORT", DEFAULT_SMTP_PORT)
|
2021-10-13 08:12:44 +00:00
|
|
|
try:
|
2023-07-10 17:47:00 +00:00
|
|
|
with smtplib.SMTP(host=host, port=port) as smtp:
|
2021-10-13 08:12:44 +00:00
|
|
|
if config["SMTP"].get("TLS"):
|
|
|
|
|
smtp.starttls()
|
|
|
|
|
|
|
|
|
|
if config["SMTP"].get("LOGIN"):
|
|
|
|
|
smtp.login(
|
|
|
|
|
user=config["SMTP"]["LOGIN"],
|
|
|
|
|
password=config["SMTP"].get("PASSWORD"),
|
|
|
|
|
)
|
|
|
|
|
except (socket.gaierror, ConnectionRefusedError) as exc:
|
|
|
|
|
raise ConfigurationException(
|
2023-07-10 17:47:00 +00:00
|
|
|
f"Could not connect to the SMTP server '{host}' on port '{port}'"
|
2021-10-13 08:12:44 +00:00
|
|
|
) from exc
|
|
|
|
|
|
|
|
|
|
except smtplib.SMTPAuthenticationError as exc:
|
|
|
|
|
raise ConfigurationException(
|
|
|
|
|
f'SMTP authentication failed with user \'{config["SMTP"]["LOGIN"]}\''
|
|
|
|
|
) from exc
|
2021-10-12 18:36:31 +00:00
|
|
|
|
2022-12-27 17:48:55 +00:00
|
|
|
except smtplib.SMTPNotSupportedError as exc:
|
|
|
|
|
raise ConfigurationException(exc) from exc
|
|
|
|
|
|
2021-10-12 16:24:51 +00:00
|
|
|
|
2021-10-28 13:24:34 +00:00
|
|
|
def validate_theme(config):
|
|
|
|
|
if not config.get("THEME"):
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
if not os.path.exists(config["THEME"]) and not os.path.exists(
|
|
|
|
|
os.path.join(ROOT, "themes", config["THEME"])
|
|
|
|
|
):
|
|
|
|
|
raise ConfigurationException(f'Cannot find theme \'{config["THEME"]}\'')
|
