You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ponymail.apache.org by hu...@apache.org on 2020/09/07 21:04:46 UTC
[incubator-ponymail-foal] 02/05: prep for multiple oauth responders
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-ponymail-foal.git
commit f19627520bde3531bbeab6e81b6a4aa8e7809586
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Mon Sep 7 22:57:18 2020 +0200
prep for multiple oauth responders
---
server/endpoints/oauth.py | 63 +++++++++++++++++++++++++----------------------
1 file changed, 33 insertions(+), 30 deletions(-)
diff --git a/server/endpoints/oauth.py b/server/endpoints/oauth.py
index ec7a30c..19c0659 100644
--- a/server/endpoints/oauth.py
+++ b/server/endpoints/oauth.py
@@ -35,39 +35,42 @@ async def process(
code = indata.get("code")
oauth_token = indata.get("oauth_token")
+ rv = None
+
# Generic OAuth handler, only one we support for now. Works with ASF OAuth.
if state and code and oauth_token:
- rv: typing.Optional[dict] = plugins.oauthGeneric.process(indata, session)
- if rv:
- # Get UID, fall back to using email address
- uid = rv.get("uid")
- if not uid:
- uid = rv.get("email")
- if uid:
- cid = hashlib.shake_128(
- ("%s-%s" % (rv.get("oauth_domain", "generic"), uid)).encode(
- "ascii", "ignore"
- )
- ).hexdigest(16)
- cookie = await plugins.session.set_session(
- server,
- cid,
- uid=uid,
- name=rv.get("name") or rv.get("fullname"),
- email=rv.get("email"),
- # Authoritative if OAuth domain is in the authoritative oauth section in ponymail.yaml
- # Required for access to private emails
- authoritative=rv.get("oauth_domain", "generic")
- in server.config.oauth.authoritative_domains,
- oauth_provider=rv.get("oauth_domain", "generic"),
- oauth_data=rv,
- )
- # This could be improved upon, instead of a raw response return value
- return aiohttp.web.Response(
- headers={"set-cookie": cookie, "content-type": "application/json"},
- status=200,
- text='{"okay": true}',
+ rv: typing.Optional[dict] = await plugins.oauthGeneric.process(indata, session, server)
+
+ if rv:
+ # Get UID, fall back to using email address
+ uid = rv.get("uid")
+ if not uid:
+ uid = rv.get("email")
+ if uid:
+ cid = hashlib.shake_128(
+ ("%s-%s" % (rv.get("oauth_domain", "generic"), uid)).encode(
+ "ascii", "ignore"
)
+ ).hexdigest(16)
+ cookie = await plugins.session.set_session(
+ server,
+ cid,
+ uid=uid,
+ name=rv.get("name") or rv.get("fullname"),
+ email=rv.get("email"),
+ # Authoritative if OAuth domain is in the authoritative oauth section in ponymail.yaml
+ # Required for access to private emails
+ authoritative=rv.get("oauth_domain", "generic")
+ in server.config.oauth.authoritative_domains,
+ oauth_provider=rv.get("oauth_domain", "generic"),
+ oauth_data=rv,
+ )
+ # This could be improved upon, instead of a raw response return value
+ return aiohttp.web.Response(
+ headers={"set-cookie": cookie, "content-type": "application/json"},
+ status=200,
+ text='{"okay": true}',
+ )
def register(server: plugins.server.BaseServer):