Update cps/admin.py, cps/oauth_bb.py, cps/templates/config_edit.html, cps/ub.py

2022-07-12 05:40:32 +00:00 · 2022-07-12 05:40:32 +00:00 · 826f362abb
commit 826f362abb
parent d0e90de500
4 changed files with 12 additions and 3 deletions
--- a/cps/admin.py
+++ b/cps/admin.py
@ -1120,6 +1120,7 @@ def _configuration_oauth_helper(to_save):
             "oauth_base_url": to_save["config_" + str(element['id']) + "_oauth_base_url"],
             "oauth_auth_url": to_save["config_" + str(element['id']) + "_oauth_auth_url"],
             "oauth_token_url": to_save["config_" + str(element['id']) + "_oauth_token_url"],
+             "oauth_userinfo_url": to_save["config_" + str(element['id']) + "oauth_userinfo_url"],
             "username_mapper": to_save["config_" + str(element['id']) + "_username_mapper"],
             "email_mapper": to_save["config_" + str(element['id']) + "_email_mapper"],
             "login_button": to_save["config_" + str(element['id']) + "_login_button"],
--- a/cps/oauth_bb.py
+++ b/cps/oauth_bb.py
@ -243,6 +243,7 @@ def generate_oauth_blueprints():
                oauth_base_url=oauth_ids[2].oauth_base_url,
                oauth_auth_url=oauth_ids[2].oauth_auth_url,
                oauth_token_url=oauth_ids[2].oauth_token_url,
+                oauth_userinfo_url=oauth_ids[2].oauth_userinfo_url,
                username_mapper=oauth_ids[2].username_mapper,
                email_mapper=oauth_ids[2].email_mapper,
                login_button=oauth_ids[2].login_button)
@ -337,7 +338,7 @@ if ub.oauth_support:
            log.error("Failed to log in with generic OAuth2 provider")
            return False
        
-        resp = blueprint.session.get(blueprint.base_url + "/application/o/userinfo")
+        resp = blueprint.session.get(blueprint.base_url + oauth_ids[2].get('oauth_userinfo_url'))
        if not resp.ok:
            flash(_(u"Failed to fetch user info from generic OAuth2 provider."), category="error")
            log.error("Failed to fetch user info from generic OAuth2 provider")
@ -475,7 +476,7 @@ def generic_login():
    if not generic.session.authorized:
        return redirect(url_for("generic.login"))
    try:
-        resp = generic.session.get(generic.base_url + "/application/o/userinfo/")
+        resp = generic.session.get(generic.base_url + oauth_ids[2].get('oauth_userinfo_url'))
        if resp.ok:
            account_info_json = resp.json()

--- a/cps/templates/config_edit.html
+++ b/cps/templates/config_edit.html
@ -331,6 +331,12 @@
              <input type="text" class="form-control" id="config_{{ prov['id'] }}_oauth_token_url" name="config_{{ prov['id'] }}_oauth_token_url" value="{% if prov['oauth_token_url']%}{{ prov['oauth_token_url'] }}{% endif %}" autocomplete="off">
            </div>
          {% endif %}
+          {% if 'oauth_userid_url' in prov %}
+            <div class="form-group">
+              <label for="config_{{ prov['id'] }}_oauth_userid_url">{{_('%(provider)s OAuth UserID URL (relative)', provider=prov['provider_name'])}}</label>
+              <input type="text" class="form-control" id="config_{{ prov['id'] }}_oauth_userid_url" name="config_{{ prov['id'] }}_oauth_userid_url" value="{% if prov['oauth_userid_url']%}{{ prov['oauth_userid_url'] }}{% endif %}" autocomplete="off">
+            </div>
+          {% endif %}
          {% if 'username_mapper' in prov %}
            <div class="form-group">
              <label for="config_{{ prov['id'] }}_username_mapper">{{_('%(provider)s OAuth Username mapper', provider=prov['provider_name'])}}</label>
--- a/cps/ub.py
+++ b/cps/ub.py
@ -263,6 +263,7 @@ class OAuthProvider(Base):
    oauth_base_url = Column(String)
    oauth_auth_url = Column(String, default="/protocol/openid-connect/auth")
    oauth_token_url = Column(String, default="/protocol/openid-connect/token")
+    oauth_userid_url = Column(String, default="/application/o/userinfo/")
    scope = Column(String, default="openid profile email")
    username_mapper = Column(String, default="preferred_username")
    email_mapper = Column(String, default="email")