Skip to content

Adding Flask_pyoidc and Updating to Python 3.6 #169

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Mar 6, 2018
Merged

Adding Flask_pyoidc and Updating to Python 3.6 #169

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
d214bdf
Adding flask_pyoidc
devinmatte Mar 3, 2018
13d2fb6
Style Fixes
devinmatte Mar 3, 2018
4a84fd2
Updating for Python 3.6
devinmatte Mar 3, 2018
30118bd
Adding Account to Wrapper and README Updated
devinmatte Mar 4, 2018
da9a8fe
Fixing Requirements
devinmatte Mar 5, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
language: python
python:
- "3.3"
- "3.6"

install:
- "pip install -r requirements.txt"
Expand Down
16 changes: 16 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,24 @@ Then, install the pipeline and frontend dependencies:
npm install
```

### Config

You must create `config.py` in the top-level directory with the appropriate credentials for the application to run. See `config.sample.py` for an example.

#### Add OIDC Config
Reach out to an RTP to get OIDC credentials that will allow you to develop locally behind OIDC auth
```
# OIDC Config
OIDC_ISSUER = "https://sso.csh.rit.edu/auth/realms/csh"
OIDC_CLIENT_CONFIG = {
'client_id': '',
'client_secret': '',
'post_logout_redirect_uris': ['http://0.0.0.0:6969/logout']
}
```

### Run

Once you have all of the dependencies installed, simply run:

```
Expand Down
67 changes: 43 additions & 24 deletions conditional/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
import os
import subprocess
from datetime import datetime
from flask import Flask, redirect, request, render_template, g
from flask_sqlalchemy import SQLAlchemy
from flask_migrate import Migrate

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move to the style fixes commit.

Also why is this being reordered (and some lines being deleted)?

Copy link
Member Author

@devinmatte devinmatte Mar 3, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Based on: https://www.python.org/dev/peps/pep-0008/#imports
The lines being deleted are unused imports

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then that should be a separate commit from adding pyoidc support.

import structlog
from csh_ldap import CSHLDAP
from raven import fetch_git_sha
from flask import Flask, redirect, render_template, g
from flask_migrate import Migrate
from flask_pyoidc.flask_pyoidc import OIDCAuthentication
from flask_sqlalchemy import SQLAlchemy
from raven.contrib.flask import Sentry
from raven.exceptions import InvalidGitRepository
import structlog

app = Flask(__name__)

Expand All @@ -22,7 +22,6 @@
'--short',
'HEAD']).decode('utf-8').rstrip()


db = SQLAlchemy(app)
migrate = Migrate(app, db)
sentry = Sentry(app)
Expand All @@ -31,17 +30,24 @@
app.config['LDAP_BIND_PW'],
ro=app.config['LDAP_RO'])

auth = OIDCAuthentication(app, issuer=app.config["OIDC_ISSUER"],
client_registration_info=app.config["OIDC_CLIENT_CONFIG"])

app.secret_key = app.config["SECRET_KEY"]

def start_of_year():
start = datetime(datetime.today().year, 6, 1)
if datetime.today() < start:
start = datetime(datetime.today().year-1, 6, 1)
start = datetime(datetime.today().year - 1, 6, 1)
return start


# pylint: disable=C0413
from conditional.models.models import UserLog


Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move to style fixes commit.

# Configure Logging
def request_processor(logger, log_method, event_dict): # pylint: disable=unused-argument, redefined-outer-name
def request_processor(logger, log_method, event_dict): # pylint: disable=unused-argument, redefined-outer-name
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move to style fixes commit.

if 'request' in event_dict:
flask_request = event_dict['request']
event_dict['user'] = flask_request.headers.get("x-webauth-user")
Expand All @@ -52,7 +58,7 @@ def request_processor(logger, log_method, event_dict): # pylint: disable=unused-
return event_dict


def database_processor(logger, log_method, event_dict): # pylint: disable=unused-argument, redefined-outer-name
def database_processor(logger, log_method, event_dict): # pylint: disable=unused-argument, redefined-outer-name
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move to style fixes commit.

if 'request' in event_dict:
if event_dict['method'] != 'GET':
log = UserLog(
Expand All @@ -62,23 +68,25 @@ def database_processor(logger, log_method, event_dict): # pylint: disable=unused
blueprint=event_dict['blueprint'],
path=event_dict['path'],
description=event_dict['event']
)
)
db.session.add(log)
db.session.flush()
db.session.commit()
del event_dict['request']
return event_dict


structlog.configure(processors=[
request_processor,
database_processor,
structlog.processors.KeyValueRenderer()
])
])

logger = structlog.get_logger()

from conditional.util.auth import get_user

from conditional.blueprints.dashboard import dashboard_bp # pylint: disable=ungrouped-imports
from conditional.blueprints.dashboard import dashboard_bp # pylint: disable=ungrouped-imports
from conditional.blueprints.attendance import attendance_bp
from conditional.blueprints.major_project_submission import major_project_bp
from conditional.blueprints.intro_evals import intro_evals_bp
Expand Down Expand Up @@ -108,27 +116,36 @@ def database_processor(logger, log_method, event_dict): # pylint: disable=unused

from conditional.util.ldap import ldap_get_member


@app.route('/<path:path>')
def static_proxy(path):
# send_static_file will guess the correct MIME type
return app.send_static_file(path)


@app.route('/')
@auth.oidc_auth
def default_route():
return redirect('/dashboard')


@app.route("/logout")
@auth.oidc_logout
def logout():
return redirect("/", 302)


@app.errorhandler(404)
@app.errorhandler(500)
def route_errors(error):
@auth.oidc_auth
@get_user
def route_errors(error, user_dict=None):
data = dict()
username = request.headers.get('x-webauth-user')

# Handle the case where the header isn't present
if username is not None:
member = ldap_get_member(username)
data['username'] = member.uid
data['name'] = member.cn
if user_dict['username'] is not None:
data['username'] = user_dict['account'].uid
data['name'] = user_dict['account'].cn
else:
data['username'] = "unknown"
data['name'] = "Unknown"
Expand All @@ -149,15 +166,17 @@ def route_errors(error):
error_desc = type(error).__name__

return render_template('errors.html',
error=error_desc,
error_code=code,
event_id=g.sentry_event_id,
public_dsn=sentry.client.get_public_dsn('https'),
**data), int(code)
error=error_desc,
error_code=code,
event_id=g.sentry_event_id,
public_dsn=sentry.client.get_public_dsn('https'),
**data), int(code)


@app.cli.command()
def zoo():
from conditional.models.migrate import free_the_zoo
free_the_zoo(app.config['ZOO_DATABASE_URI'])


logger.info('conditional started')
Loading