flask and python3 conversion #42
Conversation
There was a problem hiding this comment.
Hi! First of all I want to thank you for this contribution. However, I'm afraid I cannot accept this PR as there are some changes which are required to be done before merging. Some of them are related with the comments I left in the code, but there is another important one: tests need to be adapted to the new code.
I'll be glad to review the PR again when you fix these issues.
INSTALL.md
Outdated
| @@ -46,7 +46,7 @@ ckan.oauth2.authorization_header = OAUTH2_HEADER | |||
| > ckan.oauth2.authorization_header = Authorization | |||
| > ``` | |||
| > | |||
| > And this is an example for using Google as OAuth2 provider: | |||
| > And this is an theme for using Google as OAuth2 provider: | |||
There was a problem hiding this comment.
There are a lot of places where the word example is replaced by theme. Why?
ckanext/oauth2/oauth2.py
Outdated
| @@ -19,11 +19,11 @@ | |||
| # along with OAuth2 CKAN Extension. If not, see <http://www.gnu.org/licenses/>. | |||
|
|
|||
|
|
|||
| from __future__ import unicode_literals | |||
| # from __future__ import unicode_literals | |||
There was a problem hiding this comment.
Instead of commenting, just drop the line. This happens a lot of times
ckanext/oauth2/oauth2.py
Outdated
| # log.debug(f'self.token_endpoint: {self.token_endpoint}') | ||
| # log.debug(f'headers: {headers}') | ||
| # log.debug(f'authorization_response: {toolkit.request.url}') | ||
| # log.debug(f'client_secret: {self.client_secret}') |
There was a problem hiding this comment.
Are these lines required?
ckanext/oauth2/oauth2.py
Outdated
| # toolkit.response.status = 302 | ||
| # toolkit.response.location = came_from | ||
| # return toolkit.redirect_to(came_from) | ||
| # log.debug(f'come from: {came_from}') | ||
| # toolkit.response.status = 302 | ||
| # toolkit.response.location = came_from |
ckanext/oauth2/plugin.py
Outdated
| # def _get_previous_page(default_page): | ||
| # if 'came_from' not in toolkit.request.params: | ||
| # came_from_url = toolkit.request.headers.get('Referer', default_page) | ||
| # else: | ||
| # came_from_url = toolkit.request.params.get('came_from', default_page) | ||
|
|
||
| came_from_url_parsed = urlparse(came_from_url) | ||
| # came_from_url_parsed = urllib.parse(came_from_url) | ||
|
|
||
| # Avoid redirecting users to external hosts | ||
| if came_from_url_parsed.netloc != '' and came_from_url_parsed.netloc != toolkit.request.host: | ||
| came_from_url = default_page | ||
| # # Avoid redirecting users to external hosts | ||
| # if came_from_url_parsed.netloc != '' and came_from_url_parsed.netloc != toolkit.request.host: | ||
| # came_from_url = default_page | ||
|
|
||
| # When a user is being logged and REFERER == HOME or LOGOUT_PAGE | ||
| # he/she must be redirected to the dashboard | ||
| pages = ['/', '/user/logged_out_redirect'] | ||
| if came_from_url_parsed.path in pages: | ||
| came_from_url = default_page | ||
| # # When a user is being logged and REFERER == HOME or LOGOUT_PAGE | ||
| # # he/she must be redirected to the dashboard | ||
| # pages = ['/', '/user/logged_out_redirect'] | ||
| # if came_from_url_parsed.path in pages: | ||
| # came_from_url = default_page | ||
|
|
There was a problem hiding this comment.
If removed, user won't be redirected to the page they came from...
ckanext/oauth2/plugin.py
Outdated
| # def before_map(self, m): | ||
| # log.debug('Setting up the redirections to the OAuth2 service') | ||
|
|
||
| m.connect('/user/login', | ||
| controller='ckanext.oauth2.controller:OAuth2Controller', | ||
| action='login') | ||
| # m.connect('/user/login', | ||
| # controller='ckanext.oauth2.controller:OAuth2Controller', | ||
| # action='login') | ||
|
|
||
| # We need to handle petitions received to the Callback URL | ||
| # since some error can arise and we need to process them | ||
| m.connect('/oauth2/callback', | ||
| controller='ckanext.oauth2.controller:OAuth2Controller', | ||
| action='callback') | ||
| # # We need to handle petitions received to the Callback URL | ||
| # # since some error can arise and we need to process them | ||
| # m.connect('/oauth2/callback', | ||
| # controller='ckanext.oauth2.controller:OAuth2Controller', | ||
| # action='callback') | ||
|
|
||
| # Redirect the user to the OAuth service register page | ||
| if self.register_url: | ||
| m.redirect('/user/register', self.register_url) | ||
| # # Redirect the user to the OAuth service register page | ||
| # if self.register_url: | ||
| # m.redirect('/user/register', self.register_url) | ||
|
|
||
| # Redirect the user to the OAuth service reset page | ||
| if self.reset_url: | ||
| m.redirect('/user/reset', self.reset_url) | ||
| # # Redirect the user to the OAuth service reset page | ||
| # if self.reset_url: | ||
| # m.redirect('/user/reset', self.reset_url) | ||
|
|
||
| # Redirect the user to the OAuth service reset page | ||
| if self.edit_url: | ||
| m.redirect('/user/edit/{user}', self.edit_url) | ||
| # # Redirect the user to the OAuth service reset page | ||
| # if self.edit_url: | ||
| # m.redirect('/user/edit/{user}', self.edit_url) | ||
|
|
||
| return m | ||
| # return m |
There was a problem hiding this comment.
We still need this to redirect the user to the appropriate site
ckanext/oauth2/utils.py
Outdated
| @@ -0,0 +1,223 @@ | |||
| # -*- coding: utf-8 -*- | |||
There was a problem hiding this comment.
Is this file required? I don't see any references to it...
There was a problem hiding this comment.
Such file is linked imported by ckanext/oauth2/cli.py, but I think it is a mistake, and both the file and the import should be deleted.
|
It is a pity that such PR is stuck because of minor changes which can be easily applied. I can work on it if needed. |
ckanext/oauth2/plugin.py
Outdated
| from urlparse import urlparse | ||
| import urllib.parse | ||
| from ckanext.oauth2.views import get_blueprints | ||
| from ckanext.cloudstorage.cli import get_commands |
|
Thank you guys for your interest in this conversion. Actually, the development is gone a little bit further and I solve some issues. Unfortunately, I didn't have time to address the changes requested. Some of them are due to the try&error process I followed to make things work but for sure they can be written better. |
Great! :)
Feel free to share your progress here if you need help. |
|
Hi all, what is the proper way to setup the DB tables with this approach? If I just try to use the extension based on this code, the tables are not created and I get a |
|
I quickly revised some of the comments, but the most important change is in the creation of the DB table during the first run. This was a big bug in my first version. Hope you guys can run it, let me know! |
|
Thanks, I can confirm the table gets created now. 👍 |
|
It works just fine for me. I guess the review should be updated :) |
LICENSE.txt
Outdated
| @@ -125,7 +125,7 @@ work) run the object code and to modify the work, including scripts to | |||
| control those activities. However, it does not include the work's | |||
| System Libraries, or general-purpose tools or generally available free | |||
| programs which are used unmodified in performing those activities but | |||
| which are not part of the work. For example, Corresponding Source | |||
| which are not part of the work. For theme, Corresponding Source | |||
ckanext/oauth2/controller.py
Outdated
| @@ -18,16 +18,16 @@ | |||
| # You should have received a copy of the GNU Affero General Public License | |||
| # along with OAuth2 CKAN Extension. If not, see <http://www.gnu.org/licenses/>. | |||
|
|
|||
| from __future__ import unicode_literals | |||
| # from __future__ import unicode_literals | |||
ckanext/oauth2/db.py
Outdated
| @@ -18,10 +18,17 @@ | |||
| # along with OAuth2 CKAN Extension. If not, see <http://www.gnu.org/licenses/>. | |||
|
|
|||
| import sqlalchemy as sa | |||
| import ckan.model.meta as meta | |||
| import logging | |||
There was a problem hiding this comment.
There is no logging in this file, except a getLogger. I suggest we discard this.
ckanext/oauth2/db.py
Outdated
|
|
||
| UserToken = None | ||
| log = logging.getLogger(__name__) |
ckanext/oauth2/db.py
Outdated
| @@ -47,3 +54,5 @@ def by_user_name(cls, user_name): | |||
| user_token_table.create(checkfirst=True) | |||
|
|
|||
| model.meta.mapper(UserToken, user_token_table) | |||
|
|
|||
|
|
|||
setup.py
Outdated
| ] | ||
| }, | ||
| # 'nose.plugins': [ | ||
| # 'pylons = pylons.test:PylonsPlugin' | ||
| # ] |
ckanext/oauth2/cli.py
Outdated
| # -*- coding: utf-8 -*- | ||
|
|
||
| import click | ||
| import ckanext.oauth2.utils as utils |
There was a problem hiding this comment.
ckanext.oauth2.utils is not used here and should be removed.
ckanext/oauth2/utils.py
Outdated
| @@ -0,0 +1,223 @@ | |||
| # -*- coding: utf-8 -*- | |||
There was a problem hiding this comment.
Such file is linked imported by ckanext/oauth2/cli.py, but I think it is a mistake, and both the file and the import should be deleted.
ckanext/oauth2/views.py
Outdated
| @@ -0,0 +1,91 @@ | |||
| # -*- coding: utf-8 -*- | |||
ckanext/oauth2/views.py
Outdated
| redirect_url = '/' if redirect_url == constants.INITIAL_PAGE else redirect_url | ||
| response.location = redirect_url | ||
| helpers.flash_error(error_description) | ||
| # make_response((content, 302, headers)) |
|
Hi @FedericOldani! I can help with this PR if needed :) |
ckanext/oauth2/oauth2.py
Outdated
| @@ -38,23 +37,24 @@ | |||
|
|
|||
| import jwt | |||
|
|
|||
| import constants | |||
| from .constants import * | |||
There was a problem hiding this comment.
Wildcard import are a bit dangerous and potentially confusing, but they are not a big issue.
|
It looks much better to me :) |
| if self.edit_url: | ||
| m.redirect('/user/edit/{user}', self.edit_url) | ||
|
|
||
| return m |
There was a problem hiding this comment.
Various redirect have been dropped here, but the redirect configuration and test are still here.
ckanext/oauth2/views.py
Outdated
|
|
||
| log = logging.getLogger(__name__) | ||
|
|
||
| log = logging.getLogger(__name__) |
ckanext/oauth2/plugin.py
Outdated
| came_from_url = toolkit.request.params.get('came_from', default_page) | ||
|
|
||
| came_from_url_parsed = urlparse(came_from_url) | ||
| class _OAuth2Plugin(plugins.SingletonPlugin): |
| def oauth2(): | ||
| """Oauth2 management commands. | ||
| """ | ||
| pass |
|
When using this version I get the following error: This is the full traceback: |
|
Do you also have the same problem with the previous version? |
|
@frafra If by previous version you mean the original 0.7.0 version the answer is no. When using that version I get the error |
|
@simao-silva that is a missing dependency that you haven't installed. If you cannot test a previous version, then it is hard to determine if you are hitting a regression. |
|
@frafra I believe you are referring to |
|
@simao-silva try https://github.com/frafra/ckanext-oauth2/tree/flask_conversion_and_ckan_auth |
|
@aitormagan any feedback on this PR? |
@frafra that revisions does not forward to the oauth2 endpoint automatically when clicking on login. Still, if I correct that issue, the response from the authentication provider (Keycloak) throws the following error: |
|
@simao-silva I currently use revision 3633240; you could try that one. |
|
@aitormagan is unresponsive, and this is critical issue for the project, which seems dead to me. |
|
I am not unresponsive... I reviewed the code and highlighted things that must be changed before the PR can be merged... In addition, tests are required to be adapted before the PR can be approved. BR |
|
@FedericOldani there are some required small changes that need to be made before having your PR being accepted; do you have the time to make them? |
Hi there!
Since few people asked for python 3 version of this useful ckan extension (issue #39), I implemented it. I converted the code to be compatible with ckan 2.9 which uses python3 and Flask (instead of Pylons). It is now no more compatible with Pylons.
I did a dirty job of conversion, the best way would be re-implement the extension from zero but this is a starting point.