canaille-globuzma/canaille/admin/clients.py

import datetime
import wtforms
import wtforms.fields.html5
from flask import Blueprint, render_template, request, flash, redirect, url_for
from flask_wtf import FlaskForm
from flask_babel import lazy_gettext as _
from werkzeug.security import gen_salt
from canaille.models import Client
from canaille.flaskutils import admin_needed


bp = Blueprint(__name__, "clients")


@bp.route("/")
@admin_needed()
def index():
    clients = Client.filter()
    return render_template("admin/client_list.html", clients=clients, menuitem="admin")


class ClientAdd(FlaskForm):
    oauthClientName = wtforms.StringField(
        _("Name"),
        validators=[wtforms.validators.DataRequired()],
        render_kw={"placeholder": "Client Name"},
    )
    oauthClientContact = wtforms.fields.html5.EmailField(
        _("Contact"),
        validators=[wtforms.validators.Optional()],
        render_kw={"placeholder": "admin@mydomain.tld"},
    )
    oauthClientURI = wtforms.fields.html5.URLField(
        _("URI"),
        validators=[wtforms.validators.DataRequired()],
        render_kw={"placeholder": "https://mydomain.tld"},
    )
    oauthRedirectURIs = wtforms.fields.html5.URLField(
        _("Redirect URIs"),
        validators=[wtforms.validators.DataRequired()],
        render_kw={"placeholder": "https://mydomain.tld/callback"},
    )
    oauthGrantType = wtforms.SelectMultipleField(
        _("Grant types"),
        validators=[wtforms.validators.DataRequired()],
        choices=[
            ("password", "password"),
            ("authorization_code", "authorization_code"),
            ("implicit", "implicit"),
            ("hybrid", "hybrid"),
            ("refresh_token", "refresh_token"),
        ],
        default=["authorization_code", "refresh_token"],
    )
    oauthScope = wtforms.StringField(
        _("Scope"),
        validators=[wtforms.validators.Optional()],
        default="openid profile email",
        render_kw={"placeholder": "openid profile"},
    )
    oauthResponseType = wtforms.SelectMultipleField(
        _("Response types"),
        validators=[wtforms.validators.DataRequired()],
        choices=[("code", "code"), ("token", "token"), ("id_token", "id_token")],
        default=["code"],
    )
    oauthTokenEndpointAuthMethod = wtforms.SelectField(
        _("Token Endpoint Auth Method"),
        validators=[wtforms.validators.DataRequired()],
        choices=[
            ("client_secret_basic", "client_secret_basic"),
            ("client_secret_post", "client_secret_post"),
            ("none", "none"),
        ],
        default="client_secret_basic",
    )
    oauthLogoURI = wtforms.fields.html5.URLField(
        _("Logo URI"),
        validators=[wtforms.validators.Optional()],
        render_kw={"placeholder": "https://mydomain.tld/logo.png"},
    )
    oauthTermsOfServiceURI = wtforms.fields.html5.URLField(
        _("Terms of service URI"),
        validators=[wtforms.validators.Optional()],
        render_kw={"placeholder": "https://mydomain.tld/tos.html"},
    )
    oauthPolicyURI = wtforms.fields.html5.URLField(
        _("Policy URI"),
        validators=[wtforms.validators.Optional()],
        render_kw={"placeholder": "https://mydomain.tld/policy.html"},
    )
    oauthSoftwareID = wtforms.StringField(
        _("Software ID"),
        validators=[wtforms.validators.Optional()],
        render_kw={"placeholder": "xyz"},
    )
    oauthSoftwareVersion = wtforms.StringField(
        _("Software Version"),
        validators=[wtforms.validators.Optional()],
        render_kw={"placeholder": "1.0"},
    )
    oauthJWK = wtforms.StringField(
        _("JWK"),
        validators=[wtforms.validators.Optional()],
        render_kw={"placeholder": ""},
    )
    oauthJWKURI = wtforms.fields.html5.URLField(
        _("JKW URI"),
        validators=[wtforms.validators.Optional()],
        render_kw={"placeholder": ""},
    )


@bp.route("/add", methods=["GET", "POST"])
@admin_needed()
def add():
    form = ClientAdd(request.form or None)

    if not request.form:
        return render_template("admin/client_add.html", form=form, menuitem="admin")

    if not form.validate():
        flash(
            _("The client has not been added. Please check your information."),
            "error",
        )
        return render_template("admin/client_add.html", form=form, menuitem="admin")

    client_id = gen_salt(24)
    client_id_issued_at = datetime.datetime.now().strftime("%Y%m%d%H%M%SZ")
    client = Client(
        oauthClientID=client_id,
        oauthIssueDate=client_id_issued_at,
        oauthClientName=form["oauthClientName"].data,
        oauthClientContact=form["oauthClientContact"].data,
        oauthClientURI=form["oauthClientURI"].data,
        oauthGrantType=form["oauthGrantType"].data,
        oauthRedirectURIs=[form["oauthRedirectURIs"].data],
        oauthResponseType=form["oauthResponseType"].data,
        oauthScope=form["oauthScope"].data.split(" "),
        oauthTokenEndpointAuthMethod=form["oauthTokenEndpointAuthMethod"].data,
        oauthLogoURI=form["oauthLogoURI"].data,
        oauthTermsOfServiceURI=form["oauthTermsOfServiceURI"].data,
        oauthPolicyURI=form["oauthPolicyURI"].data,
        oauthSoftwareID=form["oauthSoftwareID"].data,
        oauthSoftwareVersion=form["oauthSoftwareVersion"].data,
        oauthJWK=form["oauthJWK"].data,
        oauthJWKURI=form["oauthJWKURI"].data,
        oauthClientSecret=""
        if form["oauthTokenEndpointAuthMethod"].data == "none"
        else gen_salt(48),
    )
    client.save()
    flash(
        _("The client has been created."),
        "success",
    )

    return redirect(url_for("canaille.admin.clients.edit", client_id=client_id))


@bp.route("/edit/<client_id>", methods=["GET", "POST"])
@admin_needed()
def edit(client_id):
    client = Client.get(client_id)
    data = dict(client)
    data["oauthScope"] = " ".join(data["oauthScope"])
    data["oauthRedirectURIs"] = data["oauthRedirectURIs"][0]
    form = ClientAdd(request.form or None, data=data, client=client)

    if not request.form:
        return render_template(
            "admin/client_edit.html", form=form, client=client, menuitem="admin"
        )

    if not form.validate():
        flash(
            _("The client has not been edited. Please check your information."),
            "error",
        )

    else:
        client.update(
            oauthClientName=form["oauthClientName"].data,
            oauthClientContact=form["oauthClientContact"].data,
            oauthClientURI=form["oauthClientURI"].data,
            oauthGrantType=form["oauthGrantType"].data,
            oauthRedirectURIs=[form["oauthRedirectURIs"].data],
            oauthResponseType=form["oauthResponseType"].data,
            oauthScope=form["oauthScope"].data.split(" "),
            oauthTokenEndpointAuthMethod=form["oauthTokenEndpointAuthMethod"].data,
            oauthLogoURI=form["oauthLogoURI"].data,
            oauthTermsOfServiceURI=form["oauthTermsOfServiceURI"].data,
            oauthPolicyURI=form["oauthPolicyURI"].data,
            oauthSoftwareID=form["oauthSoftwareID"].data,
            oauthSoftwareVersion=form["oauthSoftwareVersion"].data,
            oauthJWK=form["oauthJWK"].data,
            oauthJWKURI=form["oauthJWKURI"].data,
        )
        client.save()
        flash(
            _("The client has been edited."),
            "success",
        )

    return render_template(
        "admin/client_edit.html", form=form, client=client, menuitem="admin"
    )
Client forms 2020-08-17 13:49:48 +00:00			`import datetime`
			`import wtforms`
			`import wtforms.fields.html5`
			`from flask import Blueprint, render_template, request, flash, redirect, url_for`
			`from flask_wtf import FlaskForm`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`from flask_babel import lazy_gettext as _`
Client forms 2020-08-17 13:49:48 +00:00			`from werkzeug.security import gen_salt`
Renamed the project 'canaille' 2020-10-21 12:04:40 +00:00			`from canaille.models import Client`
			`from canaille.flaskutils import admin_needed`
Client forms 2020-08-17 13:49:48 +00:00

			`bp = Blueprint(__name__, "clients")`


			`@bp.route("/")`
Admin login 2020-08-19 14:20:57 +00:00			`@admin_needed()`
Client forms 2020-08-17 13:49:48 +00:00			`def index():`
			`clients = Client.filter()`
Menu items activity 2020-10-21 10:14:35 +00:00			`return render_template("admin/client_list.html", clients=clients, menuitem="admin")`
Client forms 2020-08-17 13:49:48 +00:00

			`class ClientAdd(FlaskForm):`
Client unit tests 2020-08-26 13:37:15 +00:00			`oauthClientName = wtforms.StringField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Name"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.DataRequired()],`
			`render_kw={"placeholder": "Client Name"},`
			`)`
			`oauthClientContact = wtforms.fields.html5.EmailField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Contact"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
			`render_kw={"placeholder": "admin@mydomain.tld"},`
			`)`
			`oauthClientURI = wtforms.fields.html5.URLField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("URI"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.DataRequired()],`
			`render_kw={"placeholder": "https://mydomain.tld"},`
			`)`
Some authorization_code work 2020-08-17 15:49:49 +00:00			`oauthRedirectURIs = wtforms.fields.html5.URLField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Redirect URIs"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.DataRequired()],`
			`render_kw={"placeholder": "https://mydomain.tld/callback"},`
			`)`
			`oauthGrantType = wtforms.SelectMultipleField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Grant types"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.DataRequired()],`
			`choices=[`
			`("password", "password"),`
			`("authorization_code", "authorization_code"),`
Implicit flow test 2020-08-20 12:30:42 +00:00			`("implicit", "implicit"),`
			`("hybrid", "hybrid"),`
Implemented refresh grant 2020-08-24 08:52:21 +00:00			`("refresh_token", "refresh_token"),`
Client forms 2020-08-17 13:49:48 +00:00			`],`
Implemented refresh grant 2020-08-24 08:52:21 +00:00			`default=["authorization_code", "refresh_token"],`
Client forms 2020-08-17 13:49:48 +00:00			`)`
Client unit tests 2020-08-26 13:37:15 +00:00			`oauthScope = wtforms.StringField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Scope"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
Add mail in the default configuration 2020-09-23 15:15:25 +00:00			`default="openid profile email",`
Client forms 2020-08-17 13:49:48 +00:00			`render_kw={"placeholder": "openid profile"},`
			`)`
			`oauthResponseType = wtforms.SelectMultipleField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Response types"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.DataRequired()],`
Implicit flow test 2020-08-20 12:30:42 +00:00			`choices=[("code", "code"), ("token", "token"), ("id_token", "id_token")],`
Client forms 2020-08-17 13:49:48 +00:00			`default=["code"],`
			`)`
			`oauthTokenEndpointAuthMethod = wtforms.SelectField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Token Endpoint Auth Method"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.DataRequired()],`
			`choices=[`
			`("client_secret_basic", "client_secret_basic"),`
			`("client_secret_post", "client_secret_post"),`
			`("none", "none"),`
			`],`
			`default="client_secret_basic",`
			`)`
			`oauthLogoURI = wtforms.fields.html5.URLField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Logo URI"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
			`render_kw={"placeholder": "https://mydomain.tld/logo.png"},`
			`)`
			`oauthTermsOfServiceURI = wtforms.fields.html5.URLField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Terms of service URI"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
			`render_kw={"placeholder": "https://mydomain.tld/tos.html"},`
			`)`
			`oauthPolicyURI = wtforms.fields.html5.URLField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Policy URI"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
			`render_kw={"placeholder": "https://mydomain.tld/policy.html"},`
			`)`
Client unit tests 2020-08-26 13:37:15 +00:00			`oauthSoftwareID = wtforms.StringField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Software ID"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
			`render_kw={"placeholder": "xyz"},`
			`)`
Client unit tests 2020-08-26 13:37:15 +00:00			`oauthSoftwareVersion = wtforms.StringField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("Software Version"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
			`render_kw={"placeholder": "1.0"},`
			`)`
Client unit tests 2020-08-26 13:37:15 +00:00			`oauthJWK = wtforms.StringField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("JWK"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
			`render_kw={"placeholder": ""},`
			`)`
			`oauthJWKURI = wtforms.fields.html5.URLField(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("JKW URI"),`
Client forms 2020-08-17 13:49:48 +00:00			`validators=[wtforms.validators.Optional()],`
			`render_kw={"placeholder": ""},`
			`)`


			`@bp.route("/add", methods=["GET", "POST"])`
Admin login 2020-08-19 14:20:57 +00:00			`@admin_needed()`
Client forms 2020-08-17 13:49:48 +00:00			`def add():`
			`form = ClientAdd(request.form or None)`

			`if not request.form:`
Menu items activity 2020-10-21 10:14:35 +00:00			`return render_template("admin/client_add.html", form=form, menuitem="admin")`
Client forms 2020-08-17 13:49:48 +00:00
			`if not form.validate():`
			`flash(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("The client has not been added. Please check your information."),`
Client forms 2020-08-17 13:49:48 +00:00			`"error",`
			`)`
Menu items activity 2020-10-21 10:14:35 +00:00			`return render_template("admin/client_add.html", form=form, menuitem="admin")`
Client forms 2020-08-17 13:49:48 +00:00
			`client_id = gen_salt(24)`
			`client_id_issued_at = datetime.datetime.now().strftime("%Y%m%d%H%M%SZ")`
			`client = Client(`
			`oauthClientID=client_id,`
			`oauthIssueDate=client_id_issued_at,`
			`oauthClientName=form["oauthClientName"].data,`
			`oauthClientContact=form["oauthClientContact"].data,`
			`oauthClientURI=form["oauthClientURI"].data,`
			`oauthGrantType=form["oauthGrantType"].data,`
Some authorization_code work 2020-08-17 15:49:49 +00:00			`oauthRedirectURIs=[form["oauthRedirectURIs"].data],`
Client forms 2020-08-17 13:49:48 +00:00			`oauthResponseType=form["oauthResponseType"].data,`
			`oauthScope=form["oauthScope"].data.split(" "),`
			`oauthTokenEndpointAuthMethod=form["oauthTokenEndpointAuthMethod"].data,`
			`oauthLogoURI=form["oauthLogoURI"].data,`
			`oauthTermsOfServiceURI=form["oauthTermsOfServiceURI"].data,`
			`oauthPolicyURI=form["oauthPolicyURI"].data,`
			`oauthSoftwareID=form["oauthSoftwareID"].data,`
			`oauthSoftwareVersion=form["oauthSoftwareVersion"].data,`
			`oauthJWK=form["oauthJWK"].data,`
			`oauthJWKURI=form["oauthJWKURI"].data,`
			`oauthClientSecret=""`
			`if form["oauthTokenEndpointAuthMethod"].data == "none"`
			`else gen_salt(48),`
			`)`
			`client.save()`
			`flash(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("The client has been created."),`
User token list view 2020-08-27 08:50:50 +00:00			`"success",`
Client forms 2020-08-17 13:49:48 +00:00			`)`

Renamed the project 'canaille' 2020-10-21 12:04:40 +00:00			`return redirect(url_for("canaille.admin.clients.edit", client_id=client_id))`
Client forms 2020-08-17 13:49:48 +00:00

			`@bp.route("/edit/<client_id>", methods=["GET", "POST"])`
Admin login 2020-08-19 14:20:57 +00:00			`@admin_needed()`
Client forms 2020-08-17 13:49:48 +00:00			`def edit(client_id):`
			`client = Client.get(client_id)`
			`data = dict(client)`
			`data["oauthScope"] = " ".join(data["oauthScope"])`
Some authorization_code work 2020-08-17 15:49:49 +00:00			`data["oauthRedirectURIs"] = data["oauthRedirectURIs"][0]`
Client forms 2020-08-17 13:49:48 +00:00			`form = ClientAdd(request.form or None, data=data, client=client)`

			`if not request.form:`
Menu items activity 2020-10-21 10:14:35 +00:00			`return render_template(`
			`"admin/client_edit.html", form=form, client=client, menuitem="admin"`
			`)`
Client forms 2020-08-17 13:49:48 +00:00
			`if not form.validate():`
			`flash(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("The client has not been edited. Please check your information."),`
Client forms 2020-08-17 13:49:48 +00:00			`"error",`
			`)`

			`else:`
			`client.update(`
			`oauthClientName=form["oauthClientName"].data,`
			`oauthClientContact=form["oauthClientContact"].data,`
			`oauthClientURI=form["oauthClientURI"].data,`
			`oauthGrantType=form["oauthGrantType"].data,`
Some authorization_code work 2020-08-17 15:49:49 +00:00			`oauthRedirectURIs=[form["oauthRedirectURIs"].data],`
Client forms 2020-08-17 13:49:48 +00:00			`oauthResponseType=form["oauthResponseType"].data,`
			`oauthScope=form["oauthScope"].data.split(" "),`
			`oauthTokenEndpointAuthMethod=form["oauthTokenEndpointAuthMethod"].data,`
			`oauthLogoURI=form["oauthLogoURI"].data,`
			`oauthTermsOfServiceURI=form["oauthTermsOfServiceURI"].data,`
			`oauthPolicyURI=form["oauthPolicyURI"].data,`
			`oauthSoftwareID=form["oauthSoftwareID"].data,`
			`oauthSoftwareVersion=form["oauthSoftwareVersion"].data,`
			`oauthJWK=form["oauthJWK"].data,`
			`oauthJWKURI=form["oauthJWKURI"].data,`
			`)`
			`client.save()`
			`flash(`
Fixed form translations. Closes #19 2020-10-28 14:49:14 +00:00			`_("The client has been edited."),`
User token list view 2020-08-27 08:50:50 +00:00			`"success",`
Client forms 2020-08-17 13:49:48 +00:00			`)`

Menu items activity 2020-10-21 10:14:35 +00:00			`return render_template(`
			`"admin/client_edit.html", form=form, client=client, menuitem="admin"`
			`)`