public inbox for [email protected]
help / color / mirror / Atom feedFeature #7325 - Support for Azure AD OAUTH2 authentication
3+ messages / 2 participants
[nested] [flat]
* Feature #7325 - Support for Azure AD OAUTH2 authentication
@ 2022-04-21 05:42 Yogesh Mahajan <[email protected]>
2022-04-21 06:19 ` Re: Feature #7325 - Support for Azure AD OAUTH2 authentication Yogesh Mahajan <[email protected]>
0 siblings, 1 reply; 3+ messages in thread
From: Yogesh Mahajan @ 2022-04-21 05:42 UTC (permalink / raw)
To: pgadmin-hackers
Hi,
Please find the attached patch which adds support for Azure AD
authentication method.
Thanks,
Yogesh Mahajan
EnterpriseDB
Attachments:
[application/octet-stream] RM_7325_v1.patch (2.4K, 3-RM_7325_v1.patch)
download | inline diff:
diff --git a/web/pgadmin/authenticate/oauth2.py b/web/pgadmin/authenticate/oauth2.py
index 935d110a7..7134f3ea2 100644
--- a/web/pgadmin/authenticate/oauth2.py
+++ b/web/pgadmin/authenticate/oauth2.py
@@ -119,7 +119,14 @@ class OAuth2Authentication(BaseAuthentication):
def login(self, form):
profile = self.get_user_profile()
- if 'email' not in profile or not profile['email']:
+ email = None
+ if 'email' in profile or 'mail' in profile:
+ if profile['email']:
+ email = profile['email']
+ else:
+ email = profile['mail']
+
+ if not email or email == '':
current_app.logger.exception(
"An email id is required to login into pgAdmin. "
"Please update your Oauth2 profile."
@@ -128,10 +135,10 @@ class OAuth2Authentication(BaseAuthentication):
"An email id is required to login into pgAdmin. "
"Please update your Oauth2 profile.")
- user, msg = self.__auto_create_user(profile)
+ user, msg = self.__auto_create_user(email)
if user:
user = db.session.query(User).filter_by(
- username=profile['email'], auth_source=OAUTH2).first()
+ username=email, auth_source=OAUTH2).first()
current_app.login_manager.logout_view = \
OAuth2Authentication.LOGOUT_VIEW
return login_user(user), None
@@ -161,17 +168,17 @@ class OAuth2Authentication(BaseAuthentication):
return False, self.oauth2_clients[
self.oauth2_current_client].authorize_redirect(redirect_url)
- def __auto_create_user(self, resp):
+ def __auto_create_user(self, email):
if config.OAUTH2_AUTO_CREATE_USER:
- user = User.query.filter_by(username=resp['email'],
+ user = User.query.filter_by(username=email,
auth_source=OAUTH2).first()
if not user:
return create_user({
- 'username': resp['email'],
- 'email': resp['email'],
+ 'username': email,
+ 'email': email,
'role': 2,
'active': True,
'auth_source': OAUTH2
})
- return True, {'username': resp['email']}
+ return True, {'username': email}
^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: Feature #7325 - Support for Azure AD OAUTH2 authentication
2022-04-21 05:42 Feature #7325 - Support for Azure AD OAUTH2 authentication Yogesh Mahajan <[email protected]>
@ 2022-04-21 06:19 ` Yogesh Mahajan <[email protected]>
2022-04-21 07:19 ` Re: Feature #7325 - Support for Azure AD OAUTH2 authentication Akshay Joshi <[email protected]>
0 siblings, 1 reply; 3+ messages in thread
From: Yogesh Mahajan @ 2022-04-21 06:19 UTC (permalink / raw)
To: pgadmin-hackers
Hi,
Please ignore the previous patch. Here is the updated one.
Thanks,
Yogesh Mahajan
EnterpriseDB
On Thu, Apr 21, 2022 at 11:12 AM Yogesh Mahajan <
[email protected]> wrote:
> Hi,
>
> Please find the attached patch which adds support for Azure AD
> authentication method.
>
> Thanks,
> Yogesh Mahajan
> EnterpriseDB
>
Attachments:
[application/octet-stream] RM_7325_v2.patch (2.6K, 3-RM_7325_v2.patch)
download | inline diff:
diff --git a/web/pgadmin/authenticate/oauth2.py b/web/pgadmin/authenticate/oauth2.py
index 935d110a7..07d398380 100644
--- a/web/pgadmin/authenticate/oauth2.py
+++ b/web/pgadmin/authenticate/oauth2.py
@@ -88,6 +88,7 @@ class OAuth2Authentication(BaseAuthentication):
oauth_obj = OAuth(Flask(__name__))
oauth2_clients = {}
oauth2_config = {}
+ email_keys = ['mail', 'email']
def __init__(self):
for oauth2_config in config.OAUTH2_CONFIG:
@@ -119,7 +120,11 @@ class OAuth2Authentication(BaseAuthentication):
def login(self, form):
profile = self.get_user_profile()
- if 'email' not in profile or not profile['email']:
+ email_key = \
+ [value for value in self.email_keys if value in profile.keys()]
+ email = profile[email_key[0]] if (len(email_key) > 0) else None
+
+ if not email or email == '':
current_app.logger.exception(
"An email id is required to login into pgAdmin. "
"Please update your Oauth2 profile."
@@ -128,10 +133,10 @@ class OAuth2Authentication(BaseAuthentication):
"An email id is required to login into pgAdmin. "
"Please update your Oauth2 profile.")
- user, msg = self.__auto_create_user(profile)
+ user, msg = self.__auto_create_user(email)
if user:
user = db.session.query(User).filter_by(
- username=profile['email'], auth_source=OAUTH2).first()
+ username=email, auth_source=OAUTH2).first()
current_app.login_manager.logout_view = \
OAuth2Authentication.LOGOUT_VIEW
return login_user(user), None
@@ -161,17 +166,17 @@ class OAuth2Authentication(BaseAuthentication):
return False, self.oauth2_clients[
self.oauth2_current_client].authorize_redirect(redirect_url)
- def __auto_create_user(self, resp):
+ def __auto_create_user(self, email):
if config.OAUTH2_AUTO_CREATE_USER:
- user = User.query.filter_by(username=resp['email'],
+ user = User.query.filter_by(username=email,
auth_source=OAUTH2).first()
if not user:
return create_user({
- 'username': resp['email'],
- 'email': resp['email'],
+ 'username': email,
+ 'email': email,
'role': 2,
'active': True,
'auth_source': OAUTH2
})
- return True, {'username': resp['email']}
+ return True, {'username': email}
^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: Feature #7325 - Support for Azure AD OAUTH2 authentication
2022-04-21 05:42 Feature #7325 - Support for Azure AD OAUTH2 authentication Yogesh Mahajan <[email protected]>
2022-04-21 06:19 ` Re: Feature #7325 - Support for Azure AD OAUTH2 authentication Yogesh Mahajan <[email protected]>
@ 2022-04-21 07:19 ` Akshay Joshi <[email protected]>
0 siblings, 0 replies; 3+ messages in thread
From: Akshay Joshi @ 2022-04-21 07:19 UTC (permalink / raw)
To: Yogesh Mahajan <[email protected]>; +Cc: pgadmin-hackers
Thanks, the patch applied.
On Thu, Apr 21, 2022 at 11:50 AM Yogesh Mahajan <
[email protected]> wrote:
> Hi,
>
> Please ignore the previous patch. Here is the updated one.
>
> Thanks,
> Yogesh Mahajan
> EnterpriseDB
>
>
> On Thu, Apr 21, 2022 at 11:12 AM Yogesh Mahajan <
> [email protected]> wrote:
>
>> Hi,
>>
>> Please find the attached patch which adds support for Azure AD
>> authentication method.
>>
>> Thanks,
>> Yogesh Mahajan
>> EnterpriseDB
>>
>
--
*Thanks & Regards*
*Akshay Joshi*
*pgAdmin Hacker | Principal Software Architect*
*EDB Postgres <http://edbpostgres.com>*
*Mobile: +91 976-788-8246*
^ permalink raw reply [nested|flat] 3+ messages in thread
end of thread, other threads:[~2022-04-21 07:19 UTC | newest]
Thread overview: 3+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2022-04-21 05:42 Feature #7325 - Support for Azure AD OAUTH2 authentication Yogesh Mahajan <[email protected]>
2022-04-21 06:19 ` Yogesh Mahajan <[email protected]>
2022-04-21 07:19 ` Akshay Joshi <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox