pypomes-iam 0.0.5__tar.gz → 0.0.7__tar.gz

{pypomes_iam-0.0.5 → pypomes_iam-0.0.7}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pypomes_iam
-Version: 0.0.5
+Version: 0.0.7
 Summary: A collection of Python pomes, penyeach (IAM modules)
 Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-IAM
 Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-IAM/issues

{pypomes_iam-0.0.5 → pypomes_iam-0.0.7}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "pypomes_iam"
-version = "0.0.5"
+version = "0.0.7"
 authors = [
   { name="GT Nunes", email="wisecoder01@gmail.com" }
 ]

{pypomes_iam-0.0.5 → pypomes_iam-0.0.7}/src/pypomes_iam/iam_jusbr.py

@@ -14,6 +14,7 @@ from typing import Any, Final
 JUSBR_CLIENT_ID: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CLIENT_ID")
 JUSBR_CLIENT_SECRET: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CLIENT_SECRET")
 JUSBR_LOGIN_TIMEOUT: Final[int] = env_get_int(key=f"{APP_PREFIX}_JUSBR_LOGIN_TIMEOUT")
+
 JUSBR_CALLBACK_ENDPOINT: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CALLBACK_ENDPOINT",
                                                   def_value="/iam/jusbr:callback")
 JUSBR_TOKEN_ENDPOINT: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_TOKEN_ENDPOINT",
@@ -22,6 +23,8 @@ JUSBR_LOGIN_ENDPOINT: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_LOGIN_EN
                                                def_value="/iam/jusbr:login")
 JUSBR_LOGOUT_ENDPOINT: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_LOGOUT_ENDPOINT",
                                                 def_value="/iam/jusbr:logout")
+
+JUSBR_CALLBACK_URL: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CALLBACK_URL")
 JUSBR_AUTH_URL: Final[str] = env_get_str(
     key=f"{APP_PREFIX}JUSBR_AUTH_URL",
     def_value="https://sso.stg.cloud.pje.jus.br/auth/realms/pje/protocol/openid-connect/auth"
@@ -30,7 +33,6 @@ JUSBR_TOKEN_URL: Final[str] = env_get_str(
     key=f"{APP_PREFIX}JUSBR_TOKEN_URL",
     def_value="https://sso.stg.cloud.pje.jus.br/auth/realms/pje/protocol/openid-connect/token"
 )
-JUSBR_CALLBACK_URL: Final[str] = env_get_str(key=f"{APP_PREFIX}_JUSBR_CALLBACK_URL")
 
 # safe memory cache - structure:
 # {
@@ -56,6 +58,7 @@ _jusbr_registry: dict[str, Any] = {
     "client-secret": None,
     "login-timeout": None,
     "auth-url": None,
+    "callback-url": None,
     "token-url": None,
     "users": []
 }
@@ -73,6 +76,7 @@ def jusbr_setup(flask_app: Flask,
                 login_endpoint: str = JUSBR_LOGIN_ENDPOINT,
                 logout_endpoint: str = JUSBR_LOGOUT_ENDPOINT,
                 auth_url: str = JUSBR_AUTH_URL,
+                callback_url: str = JUSBR_CALLBACK_URL,
                 token_url: str = JUSBR_TOKEN_URL,
                 logger: Logger = None) -> None:
     """
@@ -89,6 +93,7 @@ def jusbr_setup(flask_app: Flask,
     :param login_endpoint: endpoint for redirecting user to JusBR login page
     :param logout_endpoint: endpoint for terminating user access to JusBR
     :param auth_url: URL to access the JusBR login page
+    :param callback_url: URL for JusBR to callback on login
     :param token_url: URL for obtaing or refreshing the token
     :param logger: optional logger
     """
@@ -103,6 +108,7 @@ def jusbr_setup(flask_app: Flask,
         "client-secret": client_secret,
         "login-timeout": login_timeout,
         "auth-url": auth_url,
+        "callback-url": callback_url,
         "token-url": token_url
     })
 
@@ -161,7 +167,7 @@ def service_login() -> Response:
     user_data["cache-obj"] = safe_cache
     auth_url: str = (f"{_jusbr_registry["auth-url"]}?response_type=code"
                      f"&client_id={_jusbr_registry["client-id"]}"
-                     f"&redirect_url={_jusbr_registry["redirect-url"]}"
+                     f"&redirect_url={_jusbr_registry["callback-url"]}"
                      f"&state={oauth_state}")
     if user_data.get("oauth-scope"):
         auth_url += f"&scope={user_data.get("oauth-scope")}"
@@ -218,18 +224,19 @@ def service_callback() -> Response:
                 break
 
     # exchange 'code' for the token
+    token: str | None = None
     errors: list[str] = []
     if user_data:
         code: str = request.args.get("code")
         body_data: dict[str, Any] = {
             "grant_type": "authorization_code",
             "code": code,
-            "redirec_url": _jusbr_registry.get("redirect-url"),
+            "redirec_url": _jusbr_registry.get("callback-url"),
         }
-        __post_jusbr(user_data=user_data,
-                     body_data=body_data,
-                     errors=errors,
-                     logger=_logger)
+        token = __post_jusbr(user_data=user_data,
+                             body_data=body_data,
+                             errors=errors,
+                             logger=_logger)
     else:
         msg: str = "Unknown OAuth2 code received"
         if __get_login_timeout():
@@ -241,7 +248,7 @@ def service_callback() -> Response:
         result = jsonify({"errors": "; ".join(errors)})
         result.status_code = 400
     else:
-        result = Response(status=200)
+        result = jsonify({"access_token": token})
 
     return result
 
@@ -279,6 +286,7 @@ def jusbr_get_token(user_id: str,
     :param user_id: the user's identification
     :param errors: incidental error messages
     :param logger: optional logger
+    :return: the token for *user_id*, or *None* if error
     """
     global _jusbr_registry
 
@@ -301,12 +309,10 @@ def jusbr_get_token(user_id: str,
                     "grant_type": "refresh_token",
                     "refresh_token": refresh_token
                 }
-                __post_jusbr(user_data=user_data,
-                             body_data=body_data,
-                             errors=errors,
-                             logger=logger)
-                if not errors:
-                    result = safe_cache.get("access_token")
+                result = __post_jusbr(user_data=user_data,
+                                      body_data=body_data,
+                                      errors=errors,
+                                      logger=logger)
 
     elif logger or isinstance(errors, list):
         err_msg: str = f"User '{user_id}' not authenticated with JusBR"
@@ -377,9 +383,9 @@ def __get_user_data(user_id: str,
 def __post_jusbr(user_data: dict[str, Any],
                  body_data: dict[str, Any],
                  errors: list[str] | None,
-                 logger: Logger | None) -> None:
+                 logger: Logger | None) -> str | None:
     """
-    Send a POST request to JusBR to obtain the authentication tokens.
+    Send a POST request to JusBR to obtain the authentication token data, and return the access token.
 
     For code for token exchange, *body_data* will have the attributes
         - "grant_type": "authorization_code"
@@ -396,9 +402,13 @@ def __post_jusbr(user_data: dict[str, Any],
     :param body_data: the data to send in the body of the request
     :param errors: incidental errors
     :param logger: optional logger
+    :return: the access token obtained, or *None* if error
     """
     global _jusbr_registry
 
+    # initialize the return variable
+    result: str | None = None
+
     # complete the data to send in body of request
     body_data["client_id"] = _jusbr_registry.get("client-id")
     client_secret: str = _jusbr_registry.get("client-secret")
@@ -449,3 +459,5 @@ def __post_jusbr(user_data: dict[str, Any],
             errors.append(err_msg)
         if logger:
             logger.error(msg=err_msg)
+
+    return result