Accueil Explorer Aide
Connexion
tum
/
soc
Suivre 1
Voter 0
Fork 0
Code Tickets 0 Pull Requests 0 Commits 16 Publications 0 Wiki

Aucune description

Aborescence: 1028963fde
Branches Tags
soc
/
iris-web
/
source
/
app
/
iris_engine
/
access_control
/
oidc_handler...

oidc_handler.py 2.0KB
Historique Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 
  1. #  IRIS Source Code
    2. 

  2. #  contact@dfir-iris.org
    3. 

  3. #
    4. 

  4. #  This program is free software; you can redistribute it and/or
    5. 

  5. #  modify it under the terms of the GNU Lesser General Public
    6. 

  6. #  License as published by the Free Software Foundation; either
    7. 

  7. #  version 3 of the License, or (at your option) any later version.
    8. 

  8. #
    9. 

  9. #  This program is distributed in the hope that it will be useful,
    10. 

  10. #  but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11. #  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    12. 

  12. #  Lesser General Public License for more details.
    13. 

  13. #
    14. 

  14. #  You should have received a copy of the GNU Lesser General Public License
    15. 

  15. #  along with this program; if not, write to the Free Software Foundation,
    16. 

  16. #  Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
    17. 

  17. 

  18. # OIDC Configuration
    19. 

  19. from oic.oic import Client
    20. 

  20. from oic.utils.authn.client import CLIENT_AUTHN_METHOD
    21. 

  21. from oic.oic.message import RegistrationResponse
    22. 

  22. from oic.oic.message import ProviderConfigurationResponse
    23. 

  23. 

  24. 

  25. def get_oidc_client(app) -> Client:
    26. 

  26.     client = Client(client_authn_method=CLIENT_AUTHN_METHOD)
    27. 

  27. 

  28.     # retrieve provider configuration dynamically from metadata
    29. 

  29.     # or fall back to env vars
    30. 

  30.     try:
    31. 

  31.         client.provider_config(app.config.get("OIDC_ISSUER_URL"))
    32. 

  32.     except Exception as e:
    33. 

  33.         app.logger.warning(f"Could not read OIDC metadata, using environment variables - error {e}")
    34. 

  34.         op_info = ProviderConfigurationResponse(
    35. 

  35.             issuer=app.config.get("OIDC_ISSUER_URL"),
    36. 

  36.             authorization_endpoint=app.config.get("OIDC_AUTH_ENDPOINT"),
    37. 

  37.             token_endpoint=app.config.get("OIDC_TOKEN_ENDPOINT"),
    38. 

  38.             end_session_endpoint=app.config.get("OIDC_END_SESSION_ENDPOINT"),
    39. 

  39.         )
    40. 

  40. 

  41.         client.handle_provider_config(op_info, op_info['issuer'])
    42. 

  42. 

  43.     info = {
    44. 

  44.         "client_id": app.config.get("OIDC_CLIENT_ID"),
    45. 

  45.         "client_secret": app.config.get("OIDC_CLIENT_SECRET")
    46. 

  46.     }
    47. 

  47.     client_reg = RegistrationResponse(**info)
    48. 

  48.     client.store_registration_info(client_reg)
    49. 

  49. 

  50.     return client
    51.