hsman/hsman/app/__init__.py

from flask import Flask, render_template
from werkzeug.exceptions import HTTPException

from flask_mobility import Mobility
# from flask_pyoidc import OIDCAuthentication
from flask_pyoidc.provider_configuration import ProviderConfiguration, ClientMetadata


from . import filters
from .lib import OIDCAuthentication
import os

mobility = Mobility()

client_metadata = ClientMetadata(
    client_id=os.getenv('HSMAN_OIDC_CLIENT_ID'),
    client_secret=os.getenv('HSMAN_OIDC_CLIENT_SECRET'))


provider_config = ProviderConfiguration(issuer=os.getenv('HSMAN_OIDC_URL'),
                                        client_metadata=client_metadata,
                                        auth_request_params={
                                            'scope': ['openid',
                                                      'profile',
                                                      'groups',
                                                      'email']},
                                        session_refresh_interval_seconds=1800)

auth = OIDCAuthentication({'default': provider_config})


def create_app(environment='development'):

    from config import config
    from .views import main_blueprint

    # Instantiate app.
    app = Flask(__name__)

    # Set app config.
    env = os.environ.get('FLASK_ENV', environment)
    app.config.from_object(config[env])
    app.config.from_prefixed_env(prefix="HSMAN")
    config[env].configure(app)
    app.config['APP_TZ'] = os.environ.get('TZ', 'UTC')

    app.logger.info("middleware init: mobility")
    mobility.init_app(app)

    # Register blueprints.
    app.logger.info("registering main blueprint")
    app.register_blueprint(main_blueprint)

    app.logger.info("jinja2 custom filters loaded")
    filters.init_app(app)

    auth.init_app(app)

    # Error handlers.
    @app.errorhandler(HTTPException)
    def handle_http_error(exc):
        return render_template('error.html', error=exc), exc.code

    return app