Skip to content

Commit

Permalink
wip: groups handler
Browse files Browse the repository at this point in the history
 * DB integration for groups handler
 * Roles integration for groups handler
 * added dummy handler for groups
 * closes inveniosoftware/invenio-app-rdm#2186
  • Loading branch information
TLGINO committed May 6, 2023
1 parent f900a60 commit 3c55612
Show file tree
Hide file tree
Showing 5 changed files with 59 additions and 1 deletion.
25 changes: 25 additions & 0 deletions invenio_oauthclient/contrib/keycloak/handlers.py
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,31 @@ def info_handler(remote, resp):
return handlers["info_serializer"](resp, token_user_info, user_info)


def groups_serializer_handler(remote, resp, user, groups, **kwargs):
"""."""
return [
{
"id": "my-id",
"name": "Group name #1",
"description": "Group description",
}
]


def groups_handler(remote, resp, user):
"""."""
groups = [
{
"id": "my-id",
"name": "Group name",
"description": "Group description",
}
]
handlers = current_oauthclient.signup_handlers[remote.name]
# `remote` param automatically injected via `make_handler` helper
return handlers["groups_serializer"](resp, user, groups)


def setup_handler(remote, token, resp):
"""Perform additional setup after the user has been logged in."""
token_user_info, _ = get_user_info(remote, resp)
Expand Down
4 changes: 4 additions & 0 deletions invenio_oauthclient/contrib/keycloak/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,8 @@ def __init__(
signup_handler=dict(
info="invenio_oauthclient.contrib.keycloak.handlers:info_handler",
info_serializer="invenio_oauthclient.contrib.keycloak.handlers:info_serializer_handler",
groups="invenio_oauthclient.contrib.keycloak.handlers:groups_handler",
groups_serializer="invenio_oauthclient.contrib.keycloak.handlers:groups_serializer_handler",
setup="invenio_oauthclient.contrib.keycloak.handlers:setup_handler",
view="invenio_oauthclient.handlers:signup_handler",
),
Expand All @@ -84,6 +86,8 @@ def __init__(
signup_handler=dict(
info="invenio_oauthclient.contrib.keycloak.handlers:info_handler",
info_serializer="invenio_oauthclient.contrib.keycloak.handlers:info_serializer_handler",
groups="invenio_oauthclient.contrib.keycloak.handlers:groups_handler",
groups_serializer="invenio_oauthclient.contrib.keycloak.handlers:groups_serializer_handler",
setup="invenio_oauthclient.contrib.keycloak.handlers:setup_handler",
view="invenio_oauthclient.handlers.rest:signup_handler",
),
Expand Down
2 changes: 2 additions & 0 deletions invenio_oauthclient/contrib/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,8 @@ def get_handlers(self):
signup_handler=dict(
info='path_to_method_account_info',
info_serializer='path_to_method_account_info_serializer',
groups="path_to_method_account_groups_handler",
groups_serializer="path_to_method_account_groups_serializer_handler",
setup='path_to_method_account_setup',
view='path_to_method_signup_form_handler',
)
Expand Down
10 changes: 10 additions & 0 deletions invenio_oauthclient/ext.py
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,14 @@ def dummy_handler(remote, *args, **kargs):
remote,
with_response=False,
)
account_groups_handler = handlers.make_handler(
signup_handler.get("groups", dummy_handler), remote, with_response=False
)
account_groups_serializer_handler = handlers.make_handler(
signup_handler.get("groups_serializer", dummy_handler),
remote,
with_response=False,
)
account_setup_handler = handlers.make_handler(
signup_handler.get("setup", dummy_handler), remote, with_response=False
)
Expand All @@ -122,6 +130,8 @@ def dummy_handler(remote, *args, **kargs):
self.signup_handlers[remote_app] = dict(
info=account_info_handler,
info_serializer=account_info_serializer_handler,
groups=account_groups_handler,
groups_serializer=account_groups_serializer_handler,
setup=account_setup_handler,
view=account_view_handler,
)
Expand Down
19 changes: 18 additions & 1 deletion invenio_oauthclient/handlers/base.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,10 @@

"""Handlers for customizing oauthclient endpoints."""

from flask import current_app, session
from flask import current_app, g, session
from flask_login import current_user
from flask_principal import RoleNeed, UserNeed
from invenio_accounts.models import Role
from invenio_db import db
from pkg_resources import require

Expand Down Expand Up @@ -104,6 +106,21 @@ def base_authorized_signup_handler(resp, remote, *args, **kwargs):
raise OAuthClientMustRedirectSignup()

# Authenticate user
account_groups = handlers["groups"](resp, user)

provides = set(UserNeed(account_info["user"]["email"]))
for group in account_groups:
role = Role(
id=group["id"], name=group["name"], description=group["description"]
)
db.session.merge(
role
) # Creates a new role if it doesn't exist, else update it (change FK value for example)
provides.add(RoleNeed(role.id))
g.identity.provides |= provides

db.session.commit()

if not oauth_authenticate(
remote.consumer_key, user, require_existing_link=False
):
Expand Down

0 comments on commit 3c55612

Please sign in to comment.