headscale/hsman
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix authentication on Keycloak

Browse Source
This commit is contained in:
Andrea Mistrali
2025-01-17 10:24:21 +01:00
parent 9fcae05d20
commit 33c0e603f8
8 changed files with 532 additions and 388 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
app/lib.py
View File

@ -5,7 +5,7 @@ from flask import request, abort, current_app
from flask import session as flask_session, jsonify
from flask_pyoidc import OIDCAuthentication as _OIDCAuth
from flask_pyoidc.user_session import UserSession
from flask_pyoidc.provider_configuration import ProviderConfiguration, ClientMetadata
from flask_pyoidc.provider_configuration import ProviderConfiguration, ClientMetadata, ProviderMetadata
from typing import Callable, List
@ -51,35 +51,33 @@ class OIDCAuthentication(_OIDCAuth):
super().init_app(app)
app.auth = self
@property
def userinfo(self) -> dict:
return flask_session.get('userinfo', {})
@property
def username(self) -> str:
userinfo = flask_session['userinfo']
return userinfo['email'].split('@')[0]
return self.userinfo.get('preferred_username', 'unknown')
@property
def email(self) -> str:
userinfo = flask_session['userinfo']
return userinfo['email']
return self.userinfo.get('email', 'unknown')
@property
def login_name(self) -> str:
userinfo = flask_session['userinfo']
return userinfo.get('preferred_username', self.username)
return self.userinfo.get('preferred_username', self.username)
@property
def full_name(self) -> str:
userinfo = flask_session['userinfo']
return userinfo.get('name')
return self.userinfo.get('name', self.username)
@property
def groups(self) -> list:
userinfo = flask_session['userinfo']
return userinfo.get('groups') or []
return self.userinfo.get('groups', [])
@property
def isAdmin(self) -> bool:
userinfo = flask_session['userinfo']
user_groups = userinfo.get('groups', [])
user_groups = self.userinfo.get('groups', [])
with current_app.app_context():
admin_groups = current_app.config.get('ADMIN_GROUPS', [])
admin_users = current_app.config.get('ADMIN_USERS', [])