public inbox for [email protected]help / color / mirror / Atom feed
Feature #7325 - Support for Azure AD OAUTH2 authentication 3+ messages / 2 participants [nested] [flat]
* Feature #7325 - Support for Azure AD OAUTH2 authentication @ 2022-04-21 05:42 Yogesh Mahajan <[email protected]> 0 siblings, 1 reply; 3+ messages in thread From: Yogesh Mahajan @ 2022-04-21 05:42 UTC (permalink / raw) To: pgadmin-hackers Hi, Please find the attached patch which adds support for Azure AD authentication method. Thanks, Yogesh Mahajan EnterpriseDB Attachments: [application/octet-stream] RM_7325_v1.patch (2.4K, 3-RM_7325_v1.patch) download | inline diff: diff --git a/web/pgadmin/authenticate/oauth2.py b/web/pgadmin/authenticate/oauth2.py index 935d110a7..7134f3ea2 100644 --- a/web/pgadmin/authenticate/oauth2.py +++ b/web/pgadmin/authenticate/oauth2.py @@ -119,7 +119,14 @@ class OAuth2Authentication(BaseAuthentication): def login(self, form): profile = self.get_user_profile() - if 'email' not in profile or not profile['email']: + email = None + if 'email' in profile or 'mail' in profile: + if profile['email']: + email = profile['email'] + else: + email = profile['mail'] + + if not email or email == '': current_app.logger.exception( "An email id is required to login into pgAdmin. " "Please update your Oauth2 profile." @@ -128,10 +135,10 @@ class OAuth2Authentication(BaseAuthentication): "An email id is required to login into pgAdmin. " "Please update your Oauth2 profile.") - user, msg = self.__auto_create_user(profile) + user, msg = self.__auto_create_user(email) if user: user = db.session.query(User).filter_by( - username=profile['email'], auth_source=OAUTH2).first() + username=email, auth_source=OAUTH2).first() current_app.login_manager.logout_view = \ OAuth2Authentication.LOGOUT_VIEW return login_user(user), None @@ -161,17 +168,17 @@ class OAuth2Authentication(BaseAuthentication): return False, self.oauth2_clients[ self.oauth2_current_client].authorize_redirect(redirect_url) - def __auto_create_user(self, resp): + def __auto_create_user(self, email): if config.OAUTH2_AUTO_CREATE_USER: - user = User.query.filter_by(username=resp['email'], + user = User.query.filter_by(username=email, auth_source=OAUTH2).first() if not user: return create_user({ - 'username': resp['email'], - 'email': resp['email'], + 'username': email, + 'email': email, 'role': 2, 'active': True, 'auth_source': OAUTH2 }) - return True, {'username': resp['email']} + return True, {'username': email} ^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: Feature #7325 - Support for Azure AD OAUTH2 authentication @ 2022-04-21 06:19 Yogesh Mahajan <[email protected]> parent: Yogesh Mahajan <[email protected]> 0 siblings, 1 reply; 3+ messages in thread From: Yogesh Mahajan @ 2022-04-21 06:19 UTC (permalink / raw) To: pgadmin-hackers Hi, Please ignore the previous patch. Here is the updated one. Thanks, Yogesh Mahajan EnterpriseDB On Thu, Apr 21, 2022 at 11:12 AM Yogesh Mahajan < [email protected]> wrote: > Hi, > > Please find the attached patch which adds support for Azure AD > authentication method. > > Thanks, > Yogesh Mahajan > EnterpriseDB > Attachments: [application/octet-stream] RM_7325_v2.patch (2.6K, 3-RM_7325_v2.patch) download | inline diff: diff --git a/web/pgadmin/authenticate/oauth2.py b/web/pgadmin/authenticate/oauth2.py index 935d110a7..07d398380 100644 --- a/web/pgadmin/authenticate/oauth2.py +++ b/web/pgadmin/authenticate/oauth2.py @@ -88,6 +88,7 @@ class OAuth2Authentication(BaseAuthentication): oauth_obj = OAuth(Flask(__name__)) oauth2_clients = {} oauth2_config = {} + email_keys = ['mail', 'email'] def __init__(self): for oauth2_config in config.OAUTH2_CONFIG: @@ -119,7 +120,11 @@ class OAuth2Authentication(BaseAuthentication): def login(self, form): profile = self.get_user_profile() - if 'email' not in profile or not profile['email']: + email_key = \ + [value for value in self.email_keys if value in profile.keys()] + email = profile[email_key[0]] if (len(email_key) > 0) else None + + if not email or email == '': current_app.logger.exception( "An email id is required to login into pgAdmin. " "Please update your Oauth2 profile." @@ -128,10 +133,10 @@ class OAuth2Authentication(BaseAuthentication): "An email id is required to login into pgAdmin. " "Please update your Oauth2 profile.") - user, msg = self.__auto_create_user(profile) + user, msg = self.__auto_create_user(email) if user: user = db.session.query(User).filter_by( - username=profile['email'], auth_source=OAUTH2).first() + username=email, auth_source=OAUTH2).first() current_app.login_manager.logout_view = \ OAuth2Authentication.LOGOUT_VIEW return login_user(user), None @@ -161,17 +166,17 @@ class OAuth2Authentication(BaseAuthentication): return False, self.oauth2_clients[ self.oauth2_current_client].authorize_redirect(redirect_url) - def __auto_create_user(self, resp): + def __auto_create_user(self, email): if config.OAUTH2_AUTO_CREATE_USER: - user = User.query.filter_by(username=resp['email'], + user = User.query.filter_by(username=email, auth_source=OAUTH2).first() if not user: return create_user({ - 'username': resp['email'], - 'email': resp['email'], + 'username': email, + 'email': email, 'role': 2, 'active': True, 'auth_source': OAUTH2 }) - return True, {'username': resp['email']} + return True, {'username': email} ^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: Feature #7325 - Support for Azure AD OAUTH2 authentication @ 2022-04-21 07:19 Akshay Joshi <[email protected]> parent: Yogesh Mahajan <[email protected]> 0 siblings, 0 replies; 3+ messages in thread From: Akshay Joshi @ 2022-04-21 07:19 UTC (permalink / raw) To: Yogesh Mahajan <[email protected]>; +Cc: pgadmin-hackers Thanks, the patch applied. On Thu, Apr 21, 2022 at 11:50 AM Yogesh Mahajan < [email protected]> wrote: > Hi, > > Please ignore the previous patch. Here is the updated one. > > Thanks, > Yogesh Mahajan > EnterpriseDB > > > On Thu, Apr 21, 2022 at 11:12 AM Yogesh Mahajan < > [email protected]> wrote: > >> Hi, >> >> Please find the attached patch which adds support for Azure AD >> authentication method. >> >> Thanks, >> Yogesh Mahajan >> EnterpriseDB >> > -- *Thanks & Regards* *Akshay Joshi* *pgAdmin Hacker | Principal Software Architect* *EDB Postgres <http://edbpostgres.com>* *Mobile: +91 976-788-8246* ^ permalink raw reply [nested|flat] 3+ messages in thread
end of thread, other threads:[~2022-04-21 07:19 UTC | newest] Thread overview: 3+ messages (download: mbox mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2022-04-21 05:42 Feature #7325 - Support for Azure AD OAUTH2 authentication Yogesh Mahajan <[email protected]> 2022-04-21 06:19 ` Yogesh Mahajan <[email protected]> 2022-04-21 07:19 ` Akshay Joshi <[email protected]>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox