2020-08-17 13:49:48 +00:00
|
|
|
import ldap
|
|
|
|
|
import os
|
|
|
|
|
import toml
|
2020-08-26 14:27:08 +00:00
|
|
|
from . import routes, clients, oauth, tokens, authorizations
|
2020-08-17 13:49:48 +00:00
|
|
|
|
2020-08-19 14:20:57 +00:00
|
|
|
from flask import Flask, g, request, render_template
|
2020-08-17 13:49:48 +00:00
|
|
|
from flask_babel import Babel
|
|
|
|
|
|
2020-08-19 14:20:57 +00:00
|
|
|
from .flaskutils import current_user
|
2020-08-18 15:39:34 +00:00
|
|
|
from .ldaputils import LDAPObjectHelper
|
2020-08-19 14:20:57 +00:00
|
|
|
from .oauth2utils import config_oauth
|
2020-08-17 13:49:48 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def create_app(config=None):
|
|
|
|
|
app = Flask(__name__)
|
|
|
|
|
|
2020-08-26 07:41:53 +00:00
|
|
|
app.config.from_mapping(
|
|
|
|
|
{
|
|
|
|
|
"SESSION_COOKIE_NAME": "oidc-ldap-bridge",
|
|
|
|
|
"OAUTH2_REFRESH_TOKEN_GENERATOR": True,
|
|
|
|
|
}
|
|
|
|
|
)
|
2020-08-18 15:39:34 +00:00
|
|
|
if config:
|
|
|
|
|
app.config.from_mapping(config)
|
|
|
|
|
elif "CONFIG" in os.environ:
|
|
|
|
|
app.config.from_mapping(toml.load(os.environ.get("CONFIG")))
|
|
|
|
|
elif os.path.exists("config.toml"):
|
|
|
|
|
app.config.from_mapping(toml.load("config.toml"))
|
2020-08-17 13:49:48 +00:00
|
|
|
|
|
|
|
|
setup_app(app)
|
|
|
|
|
return app
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def setup_app(app):
|
2020-08-18 15:39:34 +00:00
|
|
|
app.url_map.strict_slashes = False
|
|
|
|
|
|
|
|
|
|
config_oauth(app)
|
|
|
|
|
app.register_blueprint(routes.bp)
|
|
|
|
|
app.register_blueprint(oauth.bp, url_prefix="/oauth")
|
|
|
|
|
app.register_blueprint(clients.bp, url_prefix="/client")
|
2020-08-26 14:27:08 +00:00
|
|
|
app.register_blueprint(tokens.bp, url_prefix="/token")
|
|
|
|
|
app.register_blueprint(authorizations.bp, url_prefix="/authorization")
|
2020-08-18 15:39:34 +00:00
|
|
|
|
|
|
|
|
babel = Babel(app)
|
|
|
|
|
|
2020-08-17 13:49:48 +00:00
|
|
|
@app.before_request
|
|
|
|
|
def before_request():
|
2020-08-18 15:39:34 +00:00
|
|
|
LDAPObjectHelper.root_dn = app.config["LDAP"]["ROOT_DN"]
|
2020-08-17 13:49:48 +00:00
|
|
|
g.ldap = ldap.initialize(app.config["LDAP"]["URI"])
|
|
|
|
|
g.ldap.simple_bind_s(
|
2020-08-18 15:39:34 +00:00
|
|
|
app.config["LDAP"]["BIND_DN"], app.config["LDAP"]["BIND_PW"]
|
2020-08-17 13:49:48 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
@app.after_request
|
|
|
|
|
def after_request(response):
|
|
|
|
|
if "ldap" in g:
|
|
|
|
|
g.ldap.unbind_s()
|
|
|
|
|
return response
|
|
|
|
|
|
|
|
|
|
@app.context_processor
|
|
|
|
|
def global_processor():
|
|
|
|
|
return {
|
|
|
|
|
"logo_url": app.config.get("LOGO"),
|
|
|
|
|
"website_name": app.config.get("NAME"),
|
2020-08-19 14:20:57 +00:00
|
|
|
"user": current_user(),
|
2020-08-20 09:32:33 +00:00
|
|
|
"menu": True,
|
2020-08-17 13:49:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@babel.localeselector
|
|
|
|
|
def get_locale():
|
|
|
|
|
user = getattr(g, "user", None)
|
|
|
|
|
if user is not None:
|
|
|
|
|
return user.locale
|
|
|
|
|
|
|
|
|
|
if app.config.get("LANGUAGE"):
|
|
|
|
|
return app.config.get("LANGUAGE")
|
|
|
|
|
|
|
|
|
|
return request.accept_languages.best_match(["fr", "en"])
|
|
|
|
|
|
|
|
|
|
@babel.timezoneselector
|
|
|
|
|
def get_timezone():
|
|
|
|
|
user = getattr(g, "user", None)
|
|
|
|
|
if user is not None:
|
|
|
|
|
return user.timezone
|
2020-08-19 14:20:57 +00:00
|
|
|
|
|
|
|
|
@app.errorhandler(403)
|
|
|
|
|
def unauthorized(e):
|
|
|
|
|
return render_template("error.html", error=403), 403
|
|
|
|
|
|
|
|
|
|
@app.errorhandler(404)
|
|
|
|
|
def page_not_found(e):
|
|
|
|
|
return render_template("error.html", error=404), 404
|
|
|
|
|
|
|
|
|
|
@app.errorhandler(500)
|
|
|
|
|
def server_error(e):
|
|
|
|
|
return render_template("error.html", error=500), 500
|
