diff options
| author | Lars Wirzenius <liw@liw.fi> | 2018-08-05 13:13:03 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2018-08-05 13:13:03 +0300 |
| commit | 67585afaf4cb67877991ad41d5d85096d586cbf6 (patch) | |
| tree | 5589c6cea14e149887f2aa38d0c657df45a4b467 | |
| parent | a46a46858072db5f5ca5a5ae3df203de545c26d0 (diff) | |
| download | ickweb-67585afaf4cb67877991ad41d5d85096d586cbf6.tar.gz | |
Change: parameterise, work with current Qvisqve
| -rw-r--r-- | ickweb/app.py | 102 | ||||
| -rwxr-xr-x | run | 6 | ||||
| -rw-r--r-- | views/index.tpl | 1 | ||||
| -rw-r--r-- | views/login.tpl | 2 |
4 files changed, 91 insertions, 20 deletions
diff --git a/ickweb/app.py b/ickweb/app.py index 42504e3..f8e5acf 100644 --- a/ickweb/app.py +++ b/ickweb/app.py @@ -1,21 +1,19 @@ import json +import urllib import bottle import requests import yaml -API_URL = 'https://ci-prod-controller.vm.liw.fi' +client_id = 'facade' +client_secret = 'hunter2' -COOKIE = 'ickweb1' +COOKIE = 'ickweb-session' -TOKEN = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJpc3MiOiJodHRwczovL2NpLXByb2QtY29udHJvbGxlci52bS5saXcuZmkiLCJhdWQiOiJhZG1pbiIsInN1YiI6IiIsInNjb3BlIjoidWFwaV92ZXJzaW9uX2dldCB1YXBpX3N0YXR1c19nZXQgdWFwaV9wcm9qZWN0c19pZF9zdGF0dXNfZ2V0IHVhcGlfcHJvamVjdHNfaWRfc3RhdHVzX3B1dCB1YXBpX2Jsb2JzX2lkX2dldCB1YXBpX25vdGlmeV9wb3N0IHVhcGlfcHJvamVjdHNfZ2V0IHVhcGlfcHJvamVjdHNfcG9zdCB1YXBpX3Byb2plY3RzX2lkX2dldCB1YXBpX3Byb2plY3RzX2lkX3B1dCB1YXBpX3Byb2plY3RzX2lkX2RlbGV0ZSB1YXBpX3BpcGVsaW5lc19nZXQgdWFwaV9waXBlbGluZXNfcG9zdCB1YXBpX3BpcGVsaW5lc19pZF9nZXQgdWFwaV9waXBlbGluZXNfaWRfcHV0IHVhcGlfcGlwZWxpbmVzX2lkX2RlbGV0ZSB1YXBpX3dvcmtlcnNfZ2V0IHVhcGlfd29ya2Vyc19pZF9nZXQgdWFwaV9idWlsZHNfZ2V0IHVhcGlfYnVpbGRzX2lkX2dldCB1YXBpX2xvZ3NfZ2V0IHVhcGlfbG9nc19pZF9nZXQiLCJleHAiOjE1MzMyOTkzMTIuNTgxNDMxfQ.MNd3eP6zmet7vLLGE_XXnfDZ1_flRb7qRw87qdKtZdx496NK3j-Aco0DuA5lKAeSFcK1yx01pnIH9maUO1uU5CTkOaVk2jlq1rr9LyRBaqyF1VI1qrTiWQ5QfLLCUXsH4zl4PC2g33BhcgLY74ua22P7QA3Rwnkp1xLP32VA6zN_Y4nrJDJhTFpRJXQk1Lo59hyOeiXnc2s26wXDASWMmqqNFJHf9i6uTvJQDrxjhiLjI7w3s_DxtBINJ6eWaZqbVvkYvQYVGBjqbDd3N1VOg4thoi_XXsF12Jrwo9LORT8pNygxlR40Lb-n5gDN9olTj0fVWZ9UMP-G1DQVrxZPf3rlMhRiPSmEvfLJJn7IF9fqwSnsseZYwvzjh6DafdFctuL9cNrCQt_UrlH7l0KPHC65GR1P4ejCVM5E5FC0Lx3KWhh6eagcnd47LNtQCxCMvl5Ffig58VBlRer4J3vTtpECkEryIC6rVurwUETlOGqai1LTJO_KOM3h9eP_RbAy0fogj8sE_UjIiEbp9IuodEaRwp3hGlX_qBkLZwKDMMhlhtZGX3dOyb4CiEoDxKnYQm7sE3Hu0KAE88QrpS8Lwt36q1SeD9srI5yfo31YXW__vBQ2AYlXF9efSpm0XuYIWHEaGX-7DF1ANAV0vMmyDxYsf32K4MQUEsF5nQ_fvao' - - -def create_app(): +def create_app(our_url, controller): app = bottle.Bottle() - api = API(API_URL) - api.set_token(TOKEN) + api = API(controller) @app.route('/favicon.ico') def favicon(): @@ -23,13 +21,59 @@ def create_app(): @app.route('/') def root(): - if is_logged_in(): - return bottle.template('index') - else: + cookie = get_cookie() + if cookie is None: return bottle.template('login') - - def is_logged_in(): - return True # FIXME + api.set_token(cookie) + return front_page() + + def get_cookie(): + return bottle.request.get_cookie(COOKIE) + + def front_page(): + return bottle.template('index', token=api.get_token()) + + @app.route('/login') + def login(): + scopes = [ + 'openid', + 'uapi_version_get', + 'uapi_projects_get', + 'uapi_status_get', + 'uapi_projects_post', + 'uapi_projects_id_get', + 'uapi_projects_id_put', + 'uapi_projects_id_delete', + 'uapi_pipelines_get', + 'uapi_pipelines_id_get', + 'uapi_pipelines_id_delete', + 'uapi_projects_id_status_get', + 'uapi_projects_id_status_put', + 'uapi_pipelines_post', + 'uapi_pipelines_id_put', + 'uapi_builds_get', + 'uapi_builds_id_get', + 'uapi_builds_id_delete', + 'uapi_logs_get', + 'uapi_logs_id_get', + 'uapi_blobs_id_get', + 'uapi_workers_get', + 'uapi_workers_id_get', + 'uapi_notify_post', + ] + params = { + 'response_type': 'code', + 'scope': ' '.join(scopes), + 'client_id': client_id, + 'state': 'FIXME', + 'redirect_uri': '{}/callback'.format(our_url), + } + url = '{}/auth?{}'.format(controller, urllib.parse.urlencode(params)) + headers = { + 'Location': url, + } + print('/login: redirect to', url) + return bottle.HTTPResponse(status=302, headers=headers) @app.route('/projects') def projects(): @@ -57,11 +101,22 @@ def create_app(): @app.route('/callback') def callback(): - assert 0 print('/callback called') - print('URL args:', dict(bottle.request.query)) - - bottle.response.set_cookie(ICKWEB, 'yes') + code = bottle.request.query['code'] + print('code:', repr(code)) + path = '/token' + params = { + 'grant_type': 'authorization_code', + 'code': code, + } + auth = (client_id, client_secret) + print('requesting token') + r = api.POST(path, params, auth) + print('r:', repr(r)) + obj = r.json() + token = obj['access_token'] + print('token:', token) + bottle.response.set_cookie(COOKIE, token) bottle.redirect('/') return app @@ -93,6 +148,17 @@ class API: def get_token(self): return self._token + def POST(self, path, params, auth): + url = self.url(path) + headers = {} + token = self.get_token() + if token is not None: + headers['Authorization'] = 'Bearer {}'.format(self.get_token()) + r = requests.post(url, headers=headers, data=params, auth=auth) + if not r.ok: + raise bottle.HTTPError(status=r.status_code) + return r + def get_projects(self): url = self.url('/projects') headers = { @@ -1,5 +1,9 @@ #!/usr/bin/env python3 +import sys + import ickweb -ickweb.create_app().run(host='localhost', port=8080) +controller = sys.argv[1] +our_url = 'http://localhost:8080' +ickweb.create_app(our_url, controller).run(host='localhost', port=8080) diff --git a/views/index.tpl b/views/index.tpl index 01868ec..e78bcd6 100644 --- a/views/index.tpl +++ b/views/index.tpl @@ -8,6 +8,7 @@ </head> <body> <p>You ARE logged in. Well done!</p> + <p>Token is <code>{{ token }}</code></p> <p><a href="/projects">Projects</p> <p><a href="/builds">Builds</p> </body> diff --git a/views/login.tpl b/views/login.tpl index 66cc02e..f45302b 100644 --- a/views/login.tpl +++ b/views/login.tpl @@ -8,6 +8,6 @@ </head> <body> <p>You are NOT logged in.</p> - <p><a href="https://ci-prod-controller.vm.liw.fi/login">Login</a></p> + <p><a href="/login">Login</a></p> </body> </html> |