diff --git a/backend/src/appenlight/__init__.py b/backend/src/appenlight/__init__.py index e334325..fd46fff 100644 --- a/backend/src/appenlight/__init__.py +++ b/backend/src/appenlight/__init__.py @@ -29,8 +29,6 @@ from pkg_resources import iter_entry_points import appenlight.lib.jinja2_filters as jinja2_filters import appenlight.lib.encryption as encryption -from authomatic.providers import oauth2, oauth1 -from authomatic import Authomatic from pyramid.config import PHASE3_CONFIG from pyramid.authentication import AuthTktAuthenticationPolicy from pyramid.authorization import ACLAuthorizationPolicy @@ -125,6 +123,8 @@ def main(global_config, **settings): 'unsafe_json_body', reify=True) config.add_request_method('appenlight.lib.request.add_flash_to_headers', 'add_flash_to_headers') + config.add_request_method('appenlight.lib.request.get_authomatic', + 'authomatic', reify=True) config.include('pyramid_redis_sessions') config.include('pyramid_tm') @@ -181,49 +181,6 @@ def main(global_config, **settings): 'appenlight.scripts', 'appenlight.tests']) - # authomatic social auth - authomatic_conf = { - # callback http://yourapp.com/social_auth/twitter - 'twitter': { - 'class_': oauth1.Twitter, - 'consumer_key': settings.get('authomatic.pr.twitter.key', 'X'), - 'consumer_secret': settings.get('authomatic.pr.twitter.secret', - 'X'), - }, - # callback http://yourapp.com/social_auth/facebook - 'facebook': { - 'class_': oauth2.Facebook, - 'consumer_key': settings.get('authomatic.pr.facebook.app_id', 'X'), - 'consumer_secret': settings.get('authomatic.pr.facebook.secret', - 'X'), - 'scope': ['email'], - }, - # callback http://yourapp.com/social_auth/google - 'google': { - 'class_': oauth2.Google, - 'consumer_key': settings.get('authomatic.pr.google.key', 'X'), - 'consumer_secret': settings.get( - 'authomatic.pr.google.secret', 'X'), - 'scope': ['profile', 'email'], - }, - 'github': { - 'class_': oauth2.GitHub, - 'consumer_key': settings.get('authomatic.pr.github.key', 'X'), - 'consumer_secret': settings.get( - 'authomatic.pr.github.secret', 'X'), - 'scope': ['repo', 'public_repo', 'user:email'], - 'access_headers': {'User-Agent': 'AppEnlight'}, - }, - 'bitbucket': { - 'class_': oauth1.Bitbucket, - 'consumer_key': settings.get('authomatic.pr.bitbucket.key', 'X'), - 'consumer_secret': settings.get( - 'authomatic.pr.bitbucket.secret', 'X') - } - } - config.registry.authomatic = Authomatic( - config=authomatic_conf, secret=settings['authomatic.secret']) - # resource type information config.registry.resource_types = ['resource', 'application'] diff --git a/backend/src/appenlight/lib/request.py b/backend/src/appenlight/lib/request.py index cb91ea0..4884eb1 100644 --- a/backend/src/appenlight/lib/request.py +++ b/backend/src/appenlight/lib/request.py @@ -19,9 +19,14 @@ # services, and proprietary license terms, please see # https://rhodecode.com/licenses/ -import appenlight.lib.helpers as helpers import json + from pyramid.security import unauthenticated_userid + +import appenlight.lib.helpers as helpers + +from authomatic.providers import oauth2, oauth1 +from authomatic import Authomatic from appenlight.models.user import User @@ -87,3 +92,49 @@ def add_flash_to_headers(request, clear=True): flash_msgs = helpers.get_type_formatted_flash(request) request.response.headers['x-flash-messages'] = json.dumps(flash_msgs) helpers.clear_flash(request) + + +def get_authomatic(request): + settings = request.registry.settings + # authomatic social auth + authomatic_conf = { + # callback http://yourapp.com/social_auth/twitter + 'twitter': { + 'class_': oauth1.Twitter, + 'consumer_key': settings.get('authomatic.pr.twitter.key', ''), + 'consumer_secret': settings.get('authomatic.pr.twitter.secret', + ''), + }, + # callback http://yourapp.com/social_auth/facebook + 'facebook': { + 'class_': oauth2.Facebook, + 'consumer_key': settings.get('authomatic.pr.facebook.app_id', 'X'), + 'consumer_secret': settings.get('authomatic.pr.facebook.secret', + ''), + 'scope': ['email'], + }, + # callback http://yourapp.com/social_auth/google + 'google': { + 'class_': oauth2.Google, + 'consumer_key': settings.get('authomatic.pr.google.key', ''), + 'consumer_secret': settings.get( + 'authomatic.pr.google.secret', ''), + 'scope': ['profile', 'email'], + }, + 'github': { + 'class_': oauth2.GitHub, + 'consumer_key': settings.get('authomatic.pr.github.key', ''), + 'consumer_secret': settings.get( + 'authomatic.pr.github.secret', ''), + 'scope': ['repo', 'public_repo', 'user:email'], + 'access_headers': {'User-Agent': 'AppEnlight'}, + }, + 'bitbucket': { + 'class_': oauth1.Bitbucket, + 'consumer_key': settings.get('authomatic.pr.bitbucket.key', ''), + 'consumer_secret': settings.get( + 'authomatic.pr.bitbucket.secret', '') + } + } + return Authomatic( + config=authomatic_conf, secret=settings['authomatic.secret']) diff --git a/backend/src/appenlight/views/user.py b/backend/src/appenlight/views/user.py index f940ad9..e8a179e 100644 --- a/backend/src/appenlight/views/user.py +++ b/backend/src/appenlight/views/user.py @@ -512,7 +512,7 @@ def social_auth(request): # Start the login procedure. adapter = WebObAdapter(request, request.response) - result = request.registry.authomatic.login(adapter, provider_name) + result = request.authomatic.login(adapter, provider_name) if result: if result.error: return handle_auth_error(request, result)