external/proxstar
1
0
Fork 0
mirror of https://github.com/ComputerScienceHouse/proxstar.git synced 2025-03-09 15:40:09 +00:00
Code Issues Releases Wiki Activity

Revert "Upgrading to pyoidc 3.7.0"

Browse source
This commit is contained in:
Devin Matte 2020-12-22 17:37:36 -05:00 committed by GitHub
parent a58a23cc52
commit 1f95c9196f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 28 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

48
proxstar/__init__.py
View file

@ -128,7 +128,7 @@ if 'cleanup_vnc' not in scheduler:
def add_rq_dashboard_auth(blueprint): def add_rq_dashboard_auth(blueprint):
@blueprint.before_request @blueprint.before_request
@auth.oidc_auth('sso') @auth.oidc_auth
def rq_dashboard_auth(*args, **kwargs): # pylint: disable=unused-argument,unused-variable def rq_dashboard_auth(*args, **kwargs): # pylint: disable=unused-argument,unused-variable
if 'rtp' not in session['userinfo']['groups']: if 'rtp' not in session['userinfo']['groups']:
abort(403) abort(403)
@ -153,7 +153,7 @@ def forbidden(e):
@app.route('/') @app.route('/')
@app.route('/user/<string:user_view>') @app.route('/user/<string:user_view>')
@auth.oidc_auth('sso') @auth.oidc_auth
def list_vms(user_view=None): def list_vms(user_view=None):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
rtp_view = False rtp_view = False
@ -190,7 +190,7 @@ def list_vms(user_view=None):
@app.route('/isos') @app.route('/isos')
@auth.oidc_auth('sso') @auth.oidc_auth
def isos(): def isos():
proxmox = connect_proxmox() proxmox = connect_proxmox()
stored_isos = get_isos(proxmox, app.config['PROXMOX_ISO_STORAGE']) stored_isos = get_isos(proxmox, app.config['PROXMOX_ISO_STORAGE'])
@ -198,7 +198,7 @@ def isos():
@app.route('/hostname/<string:name>') @app.route('/hostname/<string:name>')
@auth.oidc_auth('sso') @auth.oidc_auth
def hostname(name): def hostname(name):
valid, available = check_hostname(starrs, name) valid, available = check_hostname(starrs, name)
if not valid: if not valid:
@ -210,7 +210,7 @@ def hostname(name):
@app.route('/vm/<string:vmid>') @app.route('/vm/<string:vmid>')
@auth.oidc_auth('sso') @auth.oidc_auth
def vm_details(vmid): def vm_details(vmid):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -230,7 +230,7 @@ def vm_details(vmid):
@app.route('/vm/<string:vmid>/power/<string:action>', methods=['POST']) @app.route('/vm/<string:vmid>/power/<string:action>', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def vm_power(vmid, action): def vm_power(vmid, action):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -270,7 +270,7 @@ def vm_console_stop(vmid):
@app.route('/console/vm/<string:vmid>', methods=['POST']) @app.route('/console/vm/<string:vmid>', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def vm_console(vmid): def vm_console(vmid):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -290,7 +290,7 @@ def vm_console(vmid):
@app.route('/vm/<string:vmid>/cpu/<int:cores>', methods=['POST']) @app.route('/vm/<string:vmid>/cpu/<int:cores>', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def vm_cpu(vmid, cores): def vm_cpu(vmid, cores):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -311,7 +311,7 @@ def vm_cpu(vmid, cores):
@app.route('/vm/<string:vmid>/mem/<int:mem>', methods=['POST']) @app.route('/vm/<string:vmid>/mem/<int:mem>', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def vm_mem(vmid, mem): def vm_mem(vmid, mem):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -332,7 +332,7 @@ def vm_mem(vmid, mem):
@app.route('/vm/<string:vmid>/disk/<string:disk>/<int:size>', methods=['POST']) @app.route('/vm/<string:vmid>/disk/<string:disk>/<int:size>', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def vm_disk(vmid, disk, size): def vm_disk(vmid, disk, size):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -348,7 +348,7 @@ def vm_disk(vmid, disk, size):
@app.route('/vm/<string:vmid>/renew', methods=['POST']) @app.route('/vm/<string:vmid>/renew', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def vm_renew(vmid): def vm_renew(vmid):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -364,7 +364,7 @@ def vm_renew(vmid):
@app.route('/vm/<string:vmid>/eject', methods=['POST']) @app.route('/vm/<string:vmid>/eject', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def iso_eject(vmid): def iso_eject(vmid):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -377,7 +377,7 @@ def iso_eject(vmid):
@app.route('/vm/<string:vmid>/mount/<string:iso>', methods=['POST']) @app.route('/vm/<string:vmid>/mount/<string:iso>', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def iso_mount(vmid, iso): def iso_mount(vmid, iso):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -391,7 +391,7 @@ def iso_mount(vmid, iso):
@app.route('/vm/<string:vmid>/delete', methods=['POST']) @app.route('/vm/<string:vmid>/delete', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def delete(vmid): def delete(vmid):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -405,7 +405,7 @@ def delete(vmid):
@app.route('/vm/<string:vmid>/boot_order', methods=['POST']) @app.route('/vm/<string:vmid>/boot_order', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def get_boot_order(vmid): def get_boot_order(vmid):
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
connect_proxmox() connect_proxmox()
@ -421,7 +421,7 @@ def get_boot_order(vmid):
@app.route('/vm/create', methods=['GET', 'POST']) @app.route('/vm/create', methods=['GET', 'POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def create(): def create():
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
proxmox = connect_proxmox() proxmox = connect_proxmox()
@ -494,7 +494,7 @@ def create():
@app.route('/limits/<string:user>', methods=['POST']) @app.route('/limits/<string:user>', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def set_limits(user): def set_limits(user):
if 'rtp' in session['userinfo']['groups']: if 'rtp' in session['userinfo']['groups']:
cpu = request.form['cpu'] cpu = request.form['cpu']
@ -507,7 +507,7 @@ def set_limits(user):
@app.route('/user/<string:user>/delete', methods=['POST']) @app.route('/user/<string:user>/delete', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def delete_user(user): def delete_user(user):
if 'rtp' in session['userinfo']['groups']: if 'rtp' in session['userinfo']['groups']:
connect_proxmox() connect_proxmox()
@ -518,7 +518,7 @@ def delete_user(user):
@app.route('/settings') @app.route('/settings')
@auth.oidc_auth('sso') @auth.oidc_auth
def settings(): def settings():
user = User(session['userinfo']['preferred_username']) user = User(session['userinfo']['preferred_username'])
if user.rtp: if user.rtp:
@ -537,7 +537,7 @@ def settings():
@app.route('/pool/<string:pool>/ignore', methods=['POST', 'DELETE']) @app.route('/pool/<string:pool>/ignore', methods=['POST', 'DELETE'])
@auth.oidc_auth('sso') @auth.oidc_auth
def ignored_pools(pool): def ignored_pools(pool):
if 'rtp' in session['userinfo']['groups']: if 'rtp' in session['userinfo']['groups']:
if request.method == 'POST': if request.method == 'POST':
@ -550,7 +550,7 @@ def ignored_pools(pool):
@app.route('/user/<string:user>/allow', methods=['POST', 'DELETE']) @app.route('/user/<string:user>/allow', methods=['POST', 'DELETE'])
@auth.oidc_auth('sso') @auth.oidc_auth
def allowed_users(user): def allowed_users(user):
if 'rtp' in session['userinfo']['groups']: if 'rtp' in session['userinfo']['groups']:
if request.method == 'POST': if request.method == 'POST':
@ -591,7 +591,7 @@ def cleanup_vnc():
@app.route('/template/<string:template_id>/disk') @app.route('/template/<string:template_id>/disk')
@auth.oidc_auth('sso') @auth.oidc_auth
def template_disk(template_id): def template_disk(template_id):
if template_id == 'none': if template_id == 'none':
return '0' return '0'
@ -599,7 +599,7 @@ def template_disk(template_id):
@app.route('/template/<string:template_id>/edit', methods=['POST']) @app.route('/template/<string:template_id>/edit', methods=['POST'])
@auth.oidc_auth('sso') @auth.oidc_auth
def template_edit(template_id): def template_edit(template_id):
if 'rtp' in session['userinfo']['groups']: if 'rtp' in session['userinfo']['groups']:
name = request.form['name'] name = request.form['name']
@ -611,7 +611,7 @@ def template_edit(template_id):
@app.route('/logout') @app.route('/logout')
@auth.oidc_logout('sso') @auth.oidc_logout
def logout(): def logout():
return redirect(url_for('list_vms'), 302) return redirect(url_for('list_vms'), 302)

11
proxstar/auth.py
View file

@ -1,17 +1,12 @@
from flask_pyoidc.flask_pyoidc import OIDCAuthentication from flask_pyoidc.flask_pyoidc import OIDCAuthentication
from flask_pyoidc.provider_configuration import ProviderConfiguration, ClientMetadata
from tenacity import retry from tenacity import retry
@retry @retry
def get_auth(app): def get_auth(app):
sso_config = ProviderConfiguration( auth = OIDCAuthentication(
app,
issuer=app.config['OIDC_ISSUER'], issuer=app.config['OIDC_ISSUER'],
client_metadata=ClientMetadata( client_registration_info=app.config['OIDC_CLIENT_CONFIG'],
app.config['OIDC_CLIENT_CONFIG']['client_id'],
app.config['OIDC_CLIENT_CONFIG']['client_secret'],
),
) )
auth = OIDCAuthentication({'sso': sso_config}, app)
return auth return auth

2
requirements.txt
View file

@ -1,7 +1,7 @@
black~=20.8b1 black~=20.8b1
csh-ldap~=2.2.0 csh-ldap~=2.2.0
flask==1.1.2 flask==1.1.2
flask-pyoidc==3.7.0 flask-pyoidc==1.3.0
gunicorn==20.0.4 gunicorn==20.0.4
paramiko==2.7.2 paramiko==2.7.2
proxmoxer==1.1.1 proxmoxer==1.1.1