summaryrefslogtreecommitdiffstats
path: root/python/fatcat_web
diff options
context:
space:
mode:
Diffstat (limited to 'python/fatcat_web')
-rw-r--r--python/fatcat_web/__init__.py25
-rw-r--r--python/fatcat_web/auth.py11
-rw-r--r--python/fatcat_web/routes.py17
-rw-r--r--python/fatcat_web/templates/auth_login.html30
-rw-r--r--python/fatcat_web/web_config.py9
5 files changed, 82 insertions, 10 deletions
diff --git a/python/fatcat_web/__init__.py b/python/fatcat_web/__init__.py
index fa7d005a..d0d3eaf5 100644
--- a/python/fatcat_web/__init__.py
+++ b/python/fatcat_web/__init__.py
@@ -6,8 +6,9 @@ from flask_debugtoolbar import DebugToolbarExtension
from flask_login import LoginManager
from flask_wtf.csrf import CSRFProtect
from flask_misaka import Misaka
+from flask_mwoauth import MWOAuth
from authlib.flask.client import OAuth
-from loginpass import create_flask_blueprint, Gitlab
+from loginpass import create_flask_blueprint, Gitlab, GitHub
from raven.contrib.flask import Sentry
import fatcat_client
@@ -60,7 +61,25 @@ else:
print("No privileged token found")
priv_api = None
+mwoauth = MWOAuth(
+ consumer_key=Config.WIKIPEDIA_CLIENT_ID,
+ consumer_secret=Config.WIKIPEDIA_CLIENT_SECRET,
+ default_return_to='wp_oauth_finish_login')
+mwoauth.handshaker.user_agent = "fatcat.wiki;python_web_interface"
+app.register_blueprint(mwoauth.bp, url_prefix='/auth/wikipedia')
+
from fatcat_web import routes, editing_routes, auth, cors, forms
-gitlab_bp = create_flask_blueprint(Gitlab, oauth, auth.handle_oauth)
-app.register_blueprint(gitlab_bp, url_prefix='/auth/gitlab')
+if Config.ORCID_CLIENT_ID:
+ # XXX:
+ pass
+ #orcid_bp = create_flask_blueprint(ORCID, oauth, auth.handle_oauth)
+ #app.register_blueprint(orcid_bp, url_prefix='/auth/orcid')
+
+if Config.GITLAB_CLIENT_ID:
+ gitlab_bp = create_flask_blueprint(Gitlab, oauth, auth.handle_oauth)
+ app.register_blueprint(gitlab_bp, url_prefix='/auth/gitlab')
+
+if Config.GITHUB_CLIENT_ID:
+ github_bp = create_flask_blueprint(GitHub, oauth, auth.handle_oauth)
+ app.register_blueprint(github_bp, url_prefix='/auth/google')
diff --git a/python/fatcat_web/auth.py b/python/fatcat_web/auth.py
index b815d816..44a03f5f 100644
--- a/python/fatcat_web/auth.py
+++ b/python/fatcat_web/auth.py
@@ -127,6 +127,17 @@ def handle_ia_xauth(email, password):
}
return handle_oauth(remote, None, oauth_info)
+def handle_wmoauth(username):
+ # pass off "as if" we did OAuth successfully
+ FakeOAuthRemote = namedtuple('FakeOAuthRemote', ['name', 'OAUTH_CONFIG'])
+ remote = FakeOAuthRemote(name='wikipedia', OAUTH_CONFIG={'api_base_url': "https://www.mediawiki.org/w"})
+ oauth_info = {
+ 'preferred_username': username,
+ 'iss': "https://www.mediawiki.org/w",
+ 'sub': username,
+ }
+ return handle_oauth(remote, None, oauth_info)
+
@login_manager.user_loader
def load_user(editor_id):
# looks for extra info in session, and updates the user object with that.
diff --git a/python/fatcat_web/routes.py b/python/fatcat_web/routes.py
index f6b08f54..f14ca5f6 100644
--- a/python/fatcat_web/routes.py
+++ b/python/fatcat_web/routes.py
@@ -9,8 +9,8 @@ from flask_wtf.csrf import CSRFError
from fatcat_client import Editgroup, EditgroupAnnotation
from fatcat_client.rest import ApiException
from fatcat_tools.transforms import *
-from fatcat_web import app, api, auth_api, priv_api
-from fatcat_web.auth import handle_token_login, handle_logout, load_user, handle_ia_xauth
+from fatcat_web import app, api, auth_api, priv_api, mwoauth
+from fatcat_web.auth import handle_token_login, handle_logout, load_user, handle_ia_xauth, handle_wmoauth
from fatcat_web.cors import crossdomain
from fatcat_web.search import *
from fatcat_web.hacks import strip_extlink_xml, wayback_suffix
@@ -673,6 +673,19 @@ def auth_account():
load_user(editor.editor_id)
return render_template('auth_account.html')
+@app.route('/auth/wikipedia/auth')
+def wp_oauth_rewrite():
+ """
+ This is a dirty hack to rewrite '/auth/wikipedia/auth' to '/auth/wikipedia/oauth-callback'
+ """
+ return redirect(b"/auth/wikipedia/oauth-callback?" + request.query_string, 307)
+
+@app.route('/auth/wikipedia/finish-login')
+def wp_oauth_finish_login():
+ wp_username = mwoauth.get_current_user(cached=True)
+ assert(wp_username)
+ return handle_wmoauth(wp_username)
+
### Static Routes ###########################################################
diff --git a/python/fatcat_web/templates/auth_login.html b/python/fatcat_web/templates/auth_login.html
index bcb11680..c63b4227 100644
--- a/python/fatcat_web/templates/auth_login.html
+++ b/python/fatcat_web/templates/auth_login.html
@@ -13,6 +13,7 @@ Note that currently editor accounts are locked 1-to-1 with external identities.
<a href="https://guide.fatcat.wiki/policies.html">Norms and Policies</a>.
<br>
+{% if config.IA_XAUTH_CLIENT_ID %}
<a href="/auth/ia/login">
<div class="ui segment attached">
<h2 class="ui header">
@@ -24,7 +25,19 @@ Note that currently editor accounts are locked 1-to-1 with external identities.
</h2>
</div>
</a>
+{% else %}
+<div class="ui segment attached">
+ <h2 class="ui header">
+ <i class="grey times circle icon"></i>
+ <div class="content">
+ Internet Archive
+ <div class="sub header">not configured</div>
+ </div>
+ </h2>
+</div>
+{% endif %}
+{% if config.ORCID_CLIENT_ID %}
<a href="/auth/orcid/login">
<div class="ui segment attached">
<h2 class="ui header">
@@ -36,42 +49,49 @@ Note that currently editor accounts are locked 1-to-1 with external identities.
</h2>
</div>
</a>
+{% endif %}
+{% if config.WIKIPEDIA_CLIENT_ID %}
<a href="/auth/wikipedia/login">
<div class="ui segment attached">
<h2 class="ui header">
- <i class="wikipedia w icon"></i>
+ <i class="wikipedia w icon"></i>
<div class="content">
Wikipedia
- <div class="sub header">via OpenID Connect</div>
+ <div class="sub header">via OAuth</div>
</div>
</h2>
</div>
</a>
+{% endif %}
+{% if config.GITLAB_CLIENT_ID %}
<a href="/auth/gitlab/login">
<div class="ui segment attached">
<h2 class="ui header">
<i class="orange gitlab icon"></i>
<div class="content">
Gitlab
- <div class="sub header">via OpenID Connect</div>
+ <div class="sub header">via OAuth</div>
</div>
</h2>
</div>
</a>
+{% endif %}
-<a href="/auth/google/login">
+{% if config.GITHUB_CLIENT_ID %}
+<a href="/auth/github/login">
<div class="ui segment attached">
<h2 class="ui header">
<i class="red google icon"></i>
<div class="content">
- Google
+ Github
<div class="sub header">via OpenID Connect</div>
</div>
</h2>
</div>
</a>
+{% endif %}
{# alternative style
<br>
diff --git a/python/fatcat_web/web_config.py b/python/fatcat_web/web_config.py
index b12cb114..e681b397 100644
--- a/python/fatcat_web/web_config.py
+++ b/python/fatcat_web/web_config.py
@@ -32,9 +32,18 @@ class Config(object):
FLASK_SECRET_KEY = os.environ.get("FLASK_SECRET_KEY", default=None)
SECRET_KEY = FLASK_SECRET_KEY
+ ORCID_CLIENT_ID = os.environ.get("ORCID_CLIENT_ID", default=None)
+ ORCID_CLIENT_SECRET = os.environ.get("ORCID_CLIENT_SECRET", default=None)
+
+ WIKIPEDIA_CLIENT_ID = os.environ.get("WIKIPEDIA_CLIENT_ID", default=None)
+ WIKIPEDIA_CLIENT_SECRET = os.environ.get("WIKIPEDIA_CLIENT_SECRET", default=None)
+
GITLAB_CLIENT_ID = os.environ.get("GITLAB_CLIENT_ID", default=None)
GITLAB_CLIENT_SECRET = os.environ.get("GITLAB_CLIENT_SECRET", default=None)
+ GITHUB_CLIENT_ID = os.environ.get("GITHUB_CLIENT_ID", default=None)
+ GITHUB_CLIENT_SECRET = os.environ.get("GITHUB_CLIENT_SECRET", default=None)
+
IA_XAUTH_URI = "https://archive.org/services/xauthn/"
IA_XAUTH_CLIENT_ID = os.environ.get("IA_XAUTH_CLIENT_ID", default=None)
IA_XAUTH_CLIENT_SECRET = os.environ.get("IA_XAUTH_CLIENT_SECRET", default=None)