From c5d142c0d9f09d3f88e9e69c949bb126577f18aa Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 10 Apr 2019 15:06:06 -0700 Subject: use patched loginpass (temporarily) --- python/Pipfile | 2 +- python/Pipfile.lock | 52 ++++++---------------------------------------------- 2 files changed, 7 insertions(+), 47 deletions(-) diff --git a/python/Pipfile b/python/Pipfile index 63336f5f..bd25e4f2 100644 --- a/python/Pipfile +++ b/python/Pipfile @@ -29,7 +29,7 @@ flask-wtf = "*" Flask-Misaka = "*" flask-mwoauth = "*" WTForms = "*" -loginpass = "*" +loginpass = { git = 'https://github.com/bnewbold/loginpass.git', ref = 'bnewbold-orcid' } requests = ">=2" raven = { extras = ['flask'], version = "*" } pykafka = ">=2" diff --git a/python/Pipfile.lock b/python/Pipfile.lock index 3193224c..d4daf663 100644 --- a/python/Pipfile.lock +++ b/python/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "3f8b12cae190b6af84c19c09cb1ff77c3a00ef78e65cb14ebccf66d821a35cac" + "sha256": "5e17a99fdd0d8a30570c3a59463d8d1983c3692fe9faedee5e9cca6163220b59" }, "pipfile-spec": 6, "requires": { @@ -16,20 +16,6 @@ ] }, "default": { - "asn1crypto": { - "hashes": [ - "sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87", - "sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49" - ], - "version": "==0.24.0" - }, - "authlib": { - "hashes": [ - "sha256:3a226f231e962a16dd5f6fcf0c113235805ba206e294717a64fa8e04ae3ad9c4", - "sha256:9741db6de2950a0a5cefbdb72ec7ab12f7e9fd530ff47219f1530e79183cbaaf" - ], - "version": "==0.11" - }, "beautifulsoup4": { "hashes": [ "sha256:034740f6cb549b4e932ae1ab975581e6103ac8f942200a0e9759065984391858", @@ -121,33 +107,11 @@ ], "version": "==7.0" }, - "cryptography": { - "hashes": [ - "sha256:066f815f1fe46020877c5983a7e747ae140f517f1b09030ec098503575265ce1", - "sha256:210210d9df0afba9e000636e97810117dc55b7157c903a55716bb73e3ae07705", - "sha256:26c821cbeb683facb966045e2064303029d572a87ee69ca5a1bf54bf55f93ca6", - "sha256:2afb83308dc5c5255149ff7d3fb9964f7c9ee3d59b603ec18ccf5b0a8852e2b1", - "sha256:2db34e5c45988f36f7a08a7ab2b69638994a8923853dec2d4af121f689c66dc8", - "sha256:409c4653e0f719fa78febcb71ac417076ae5e20160aec7270c91d009837b9151", - "sha256:45a4f4cf4f4e6a55c8128f8b76b4c057027b27d4c67e3fe157fa02f27e37830d", - "sha256:48eab46ef38faf1031e58dfcc9c3e71756a1108f4c9c966150b605d4a1a7f659", - "sha256:6b9e0ae298ab20d371fc26e2129fd683cfc0cfde4d157c6341722de645146537", - "sha256:6c4778afe50f413707f604828c1ad1ff81fadf6c110cb669579dea7e2e98a75e", - "sha256:8c33fb99025d353c9520141f8bc989c2134a1f76bac6369cea060812f5b5c2bb", - "sha256:9873a1760a274b620a135054b756f9f218fa61ca030e42df31b409f0fb738b6c", - "sha256:9b069768c627f3f5623b1cbd3248c5e7e92aec62f4c98827059eed7053138cc9", - "sha256:9e4ce27a507e4886efbd3c32d120db5089b906979a4debf1d5939ec01b9dd6c5", - "sha256:acb424eaca214cb08735f1a744eceb97d014de6530c1ea23beb86d9c6f13c2ad", - "sha256:c8181c7d77388fe26ab8418bb088b1a1ef5fde058c6926790c8a0a3d94075a4a", - "sha256:d4afbb0840f489b60f5a580a41a1b9c3622e08ecb5eec8614d4fb4cd914c4460", - "sha256:d9ed28030797c00f4bc43c86bf819266c76a5ea61d006cd4078a93ebf7da6bfd", - "sha256:e603aa7bb52e4e8ed4119a58a03b60323918467ef209e6ff9db3ac382e5cf2c6" - ], - "version": "==2.6.1" - }, "fatcat-client": { "editable": true, - "path": "./../python_client" + "git": "git@git.archive.org:webgroup/fatcat.git", + "ref": "325afb68b37eb53693a1b24d2a9d1ecda164995e", + "subdirectory": "python_client" }, "flask": { "hashes": [ @@ -246,12 +210,8 @@ "version": "==2.5.0" }, "loginpass": { - "hashes": [ - "sha256:0d87aa651ae6ff25194f4f7d8b85fdd780d356783f893b8921fe2ba5112aaf93", - "sha256:970e1debbd88c75cc5df693656fd86620817366108214f53d3af8edee09db428" - ], - "index": "pypi", - "version": "==0.2.1" + "git": "https://github.com/bnewbold/loginpass.git", + "ref": "bnewbold-orcid" }, "lxml": { "hashes": [ -- cgit v1.2.3 From f1fb73409936dd288e0e05f4810e108864e39562 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 10 Apr 2019 15:13:33 -0700 Subject: re-enable ORCiD login --- python/fatcat_web/__init__.py | 8 ++++---- python/fatcat_web/templates/auth_login.html | 10 +++------- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/python/fatcat_web/__init__.py b/python/fatcat_web/__init__.py index 6e285ddb..ba789609 100644 --- a/python/fatcat_web/__init__.py +++ b/python/fatcat_web/__init__.py @@ -8,7 +8,7 @@ from flask_wtf.csrf import CSRFProtect from flask_misaka import Misaka from flask_mwoauth import MWOAuth from authlib.flask.client import OAuth -from loginpass import create_flask_blueprint, Gitlab, GitHub +from loginpass import create_flask_blueprint, Gitlab, GitHub, ORCiD from raven.contrib.flask import Sentry import fatcat_client @@ -74,9 +74,9 @@ app.register_blueprint(mwoauth.bp, url_prefix='/auth/wikipedia') from fatcat_web import routes, editing_routes, auth, cors, forms # TODO: blocking on ORCID support in loginpass -#if Config.ORCID_CLIENT_ID: -# orcid_bp = create_flask_blueprint(ORCID, oauth, auth.handle_oauth) -# app.register_blueprint(orcid_bp, url_prefix='/auth/orcid') +if Config.ORCID_CLIENT_ID: + orcid_bp = create_flask_blueprint(ORCiD, oauth, auth.handle_oauth) + app.register_blueprint(orcid_bp, url_prefix='/auth/orcid') if Config.GITLAB_CLIENT_ID: gitlab_bp = create_flask_blueprint(Gitlab, oauth, auth.handle_oauth) diff --git a/python/fatcat_web/templates/auth_login.html b/python/fatcat_web/templates/auth_login.html index 6e9b1f15..85e33d79 100644 --- a/python/fatcat_web/templates/auth_login.html +++ b/python/fatcat_web/templates/auth_login.html @@ -37,21 +37,17 @@ Note that currently editor accounts are locked 1-to-1 with external identities. {% endif %} -{# not implemented in login pass yet #} {% if config.ORCID_CLIENT_ID %} -{# #} +

- {# #} - +
ORCiD - {#
via OpenID Connect
#} -
not implemented yet
+
via OpenID Connect

-{#
#} {% endif %} {% if config.WIKIPEDIA_CLIENT_ID %} -- cgit v1.2.3 From 3d1ad4d5339e6ae06adf7c24061716052daa16cc Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 10 Apr 2019 15:47:19 -0700 Subject: update Pipfile.lock using new pipenv (2018.11.26) --- python/Pipfile.lock | 24 ++++++------------------ 1 file changed, 6 insertions(+), 18 deletions(-) diff --git a/python/Pipfile.lock b/python/Pipfile.lock index d4daf663..1a790e0b 100644 --- a/python/Pipfile.lock +++ b/python/Pipfile.lock @@ -109,9 +109,7 @@ }, "fatcat-client": { "editable": true, - "git": "git@git.archive.org:webgroup/fatcat.git", - "ref": "325afb68b37eb53693a1b24d2a9d1ecda164995e", - "subdirectory": "python_client" + "path": "./../python_client" }, "flask": { "hashes": [ @@ -138,7 +136,6 @@ }, "flask-misaka": { "hashes": [ - "sha256:bcfdacc0803ccea75d377737e82c83489b2153d922c9d9f9eabc5148d216ed70", "sha256:d0cfb0efd9e5afacda76defd4a605a68390f4fb1bef283c71534fd3ce0d3efb5", "sha256:f423c3beb5502742a57330a272f81d53223f6f99d45cc45b03926e3a3034f589" ], @@ -211,7 +208,7 @@ }, "loginpass": { "git": "https://github.com/bnewbold/loginpass.git", - "ref": "bnewbold-orcid" + "ref": "69d68a9112f676ea71c2bc90f21c32065bf07ef4" }, "lxml": { "hashes": [ @@ -312,7 +309,6 @@ }, "pykafka": { "hashes": [ - "sha256:6b075909a52cb0c95325bc16ab797bbcdbb37386652ea460705ed4472ce91459", "sha256:f0bbd394ae6970042a587c99fe4dc0966e67787249d963d4ce2f810dc9490577" ], "index": "pypi", @@ -383,6 +379,9 @@ "version": "==0.5.4" }, "raven": { + "extras": [ + "flask" + ], "hashes": [ "sha256:3fa6de6efa2493a7c827472e984ce9b020797d0da16f1db67197bcc23c8fae54", "sha256:44a13f87670836e153951af9a3c80405d36b43097db869a36e92809673692ce4" @@ -401,8 +400,7 @@ "requests-oauthlib": { "hashes": [ "sha256:bd6533330e8748e94bf0b214775fed487d309b8b8fe823dc45641ebcd9a32f57", - "sha256:d3ed0c8f2e3bbc6b344fa63d6f933745ab394469da38db16bdddb461c7e25140", - "sha256:dd5a0499abfefd087c6dd96693cbd5bfd28aa009719a7f85ab3fabe3956ef19a" + "sha256:d3ed0c8f2e3bbc6b344fa63d6f933745ab394469da38db16bdddb461c7e25140" ], "version": "==1.2.0" }, @@ -509,42 +507,32 @@ }, "coverage": { "hashes": [ - "sha256:0c5fe441b9cfdab64719f24e9684502a59432df7570521563d7b1aff27ac755f", - "sha256:2b412abc4c7d6e019ce7c27cbc229783035eef6d5401695dccba80f481be4eb3", "sha256:3684fabf6b87a369017756b551cef29e505cb155ddb892a7a29277b978da88b9", "sha256:39e088da9b284f1bd17c750ac672103779f7954ce6125fd4382134ac8d152d74", "sha256:3c205bc11cc4fcc57b761c2da73b9b72a59f8d5ca89979afb0c1c6f9e53c7390", - "sha256:42692db854d13c6c5e9541b6ffe0fe921fe16c9c446358d642ccae1462582d3b", "sha256:465ce53a8c0f3a7950dfb836438442f833cf6663d407f37d8c52fe7b6e56d7e8", "sha256:48020e343fc40f72a442c8a1334284620f81295256a6b6ca6d8aa1350c763bbe", - "sha256:4ec30ade438d1711562f3786bea33a9da6107414aed60a5daa974d50a8c2c351", "sha256:5296fc86ab612ec12394565c500b412a43b328b3907c0d14358950d06fd83baf", "sha256:5f61bed2f7d9b6a9ab935150a6b23d7f84b8055524e7be7715b6513f3328138e", - "sha256:6899797ac384b239ce1926f3cb86ffc19996f6fa3a1efbb23cb49e0c12d8c18c", "sha256:68a43a9f9f83693ce0414d17e019daee7ab3f7113a70c79a3dd4c2f704e4d741", "sha256:6b8033d47fe22506856fe450470ccb1d8ba1ffb8463494a15cfc96392a288c09", "sha256:7ad7536066b28863e5835e8cfeaa794b7fe352d99a8cded9f43d1161be8e9fbd", "sha256:7bacb89ccf4bedb30b277e96e4cc68cd1369ca6841bde7b005191b54d3dd1034", "sha256:839dc7c36501254e14331bcb98b27002aa415e4af7ea039d9009409b9d2d5420", - "sha256:8e679d1bde5e2de4a909efb071f14b472a678b788904440779d2c449c0355b27", "sha256:8f9a95b66969cdea53ec992ecea5406c5bd99c9221f539bca1e8406b200ae98c", "sha256:932c03d2d565f75961ba1d3cec41ddde00e162c5b46d03f7423edcb807734eab", - "sha256:93f965415cc51604f571e491f280cff0f5be35895b4eb5e55b47ae90c02a497b", "sha256:988529edadc49039d205e0aa6ce049c5ccda4acb2d6c3c5c550c17e8c02c05ba", "sha256:998d7e73548fe395eeb294495a04d38942edb66d1fa61eb70418871bc621227e", "sha256:9de60893fb447d1e797f6bf08fdf0dbcda0c1e34c1b06c92bd3a363c0ea8c609", "sha256:9e80d45d0c7fcee54e22771db7f1b0b126fb4a6c0a2e5afa72f66827207ff2f2", "sha256:a545a3dfe5082dc8e8c3eb7f8a2cf4f2870902ff1860bd99b6198cfd1f9d1f49", "sha256:a5d8f29e5ec661143621a8f4de51adfb300d7a476224156a39a392254f70687b", - "sha256:a9abc8c480e103dc05d9b332c6cc9fb1586330356fc14f1aa9c0ca5745097d19", "sha256:aca06bfba4759bbdb09bf52ebb15ae20268ee1f6747417837926fae990ebc41d", "sha256:bb23b7a6fd666e551a3094ab896a57809e010059540ad20acbeec03a154224ce", "sha256:bfd1d0ae7e292105f29d7deaa9d8f2916ed8553ab9d5f39ec65bcf5deadff3f9", - "sha256:c22ab9f96cbaff05c6a84e20ec856383d27eae09e511d3e6ac4479489195861d", "sha256:c62ca0a38958f541a73cf86acdab020c2091631c137bd359c4f5bddde7b75fd4", "sha256:c709d8bda72cf4cd348ccec2a4881f2c5848fd72903c185f363d361b2737f773", "sha256:c968a6aa7e0b56ecbd28531ddf439c2ec103610d3e2bf3b75b813304f8cb7723", - "sha256:ca58eba39c68010d7e87a823f22a081b5290e3e3c64714aac3c91481d8b34d22", "sha256:df785d8cb80539d0b55fd47183264b7002077859028dfe3070cf6359bf8b2d9c", "sha256:f406628ca51e0ae90ae76ea8398677a921b36f0bd71aab2099dfed08abd0322f", "sha256:f46087bbd95ebae244a0eda01a618aff11ec7a069b15a3ef8f6b520db523dcf1", -- cgit v1.2.3 From f87c5482386c0df4e59f033c98db672ec6d0e370 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 10 Apr 2019 16:15:01 -0700 Subject: bugfix and special case for orcid logins --- python/fatcat_web/auth.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/python/fatcat_web/auth.py b/python/fatcat_web/auth.py index 44a03f5f..06c8475b 100644 --- a/python/fatcat_web/auth.py +++ b/python/fatcat_web/auth.py @@ -54,10 +54,15 @@ def handle_oauth(remote, token, user_info): # not sure all loginpass backends will set it if user_info.get('preferred_username'): preferred_username = user_info['preferred_username'] + elif 'orcid.org' in iss: + # as a special case, prefix ORCiD identifier so it can be used as a + # username. If we instead used the human name, we could have + # collisions. Not a great user experience either way. + preferred_username = 'i' + user_info['sub'].replace('-', '') else: preferred_username = user_info['sub'] - params = fatcat_client.AuthOidc(remote.name, user_info['sub'], iss, user_info['preferred_username']) + params = fatcat_client.AuthOidc(remote.name, user_info['sub'], iss, preferred_username) # this call requires admin privs (resp, http_status, http_headers) = priv_api.auth_oidc_with_http_info(params) editor = resp.editor -- cgit v1.2.3 From d9e04e7ab264465c3eab4d050f289d27b7acb67c Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 10 Apr 2019 16:15:23 -0700 Subject: bump loginpass patch version --- python/Pipfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/Pipfile.lock b/python/Pipfile.lock index 1a790e0b..6d8171ce 100644 --- a/python/Pipfile.lock +++ b/python/Pipfile.lock @@ -208,7 +208,7 @@ }, "loginpass": { "git": "https://github.com/bnewbold/loginpass.git", - "ref": "69d68a9112f676ea71c2bc90f21c32065bf07ef4" + "ref": "212c26b93e8bb4e66f4edb6a43927b72905e1e63" }, "lxml": { "hashes": [ -- cgit v1.2.3 From effef07fbb8eea5b608d48e6b6bd420ea2c76506 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 10 Apr 2019 17:47:33 -0700 Subject: point loginpass to upstream (patch accepted) --- python/Pipfile | 2 +- python/Pipfile.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/python/Pipfile b/python/Pipfile index bd25e4f2..42d0b7ad 100644 --- a/python/Pipfile +++ b/python/Pipfile @@ -29,7 +29,7 @@ flask-wtf = "*" Flask-Misaka = "*" flask-mwoauth = "*" WTForms = "*" -loginpass = { git = 'https://github.com/bnewbold/loginpass.git', ref = 'bnewbold-orcid' } +loginpass = { git = 'https://github.com/authlib/loginpass.git', ref = 'ed9e527502bd19be6793f88ed71ca0e1764e9034' } requests = ">=2" raven = { extras = ['flask'], version = "*" } pykafka = ">=2" diff --git a/python/Pipfile.lock b/python/Pipfile.lock index 6d8171ce..0d73417d 100644 --- a/python/Pipfile.lock +++ b/python/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "5e17a99fdd0d8a30570c3a59463d8d1983c3692fe9faedee5e9cca6163220b59" + "sha256": "e6ac8d0bd63b3819a170bde676a9f6a00933af9ac7cd45c75b809f14776e2652" }, "pipfile-spec": 6, "requires": { @@ -207,8 +207,8 @@ "version": "==2.5.0" }, "loginpass": { - "git": "https://github.com/bnewbold/loginpass.git", - "ref": "212c26b93e8bb4e66f4edb6a43927b72905e1e63" + "git": "https://github.com/authlib/loginpass.git", + "ref": "ed9e527502bd19be6793f88ed71ca0e1764e9034" }, "lxml": { "hashes": [ -- cgit v1.2.3