vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add config validator for OIDC logins

Browse source
This commit is contained in:
Joseph Schorr 2017-02-28 16:18:19 -05:00
parent a13359c10c
commit 157640e696
5 changed files with 74 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
oauth/oidc.py
View file

@ -34,12 +34,12 @@ class PublicKeyLoadException(Exception):
class OIDCLoginService(OAuthService):
""" Defines a generic service for all OpenID-connect compatible login services. """
def __init__(self, config, key_name):
def __init__(self, config, key_name, client=None):
super(OIDCLoginService, self).__init__(config, key_name)
self._public_key_cache = TTLCache(1, PUBLIC_KEY_CACHE_TTL, missing=self._load_public_key)
self._id = key_name[0:key_name.find('_')].lower()
self._http_client = config['HTTPCLIENT']
self._http_client = client or config['HTTPCLIENT']
self._mailing = config.get('FEATURE_MAILING', False)
def service_id(self):
@ -71,6 +71,9 @@ class OIDCLoginService(OAuthService):
def user_endpoint(self):
return self._oidc_config().get('userinfo_endpoint')
def validate(self):
return bool(self.user_endpoint())
def validate_client_id_and_secret(self, http_client, app_config):
# TODO: find a way to verify client secret too.
check_auth_url = http_client.get(self.get_auth_url())