Initial commit

1e0e8216 · Arthur Conrozier · 1e0e8216 · 1e0e8216 · 1e0e8216 · 1e0e8216
Commit 1e0e8216 authored 4 months ago by Arthur Conrozier
--- a/.env.template
+++ b/.env.template
+CLIENT_ID="XXXX"
+CLIENT_SECRET="XXXX"
+AUTHORIZATION_URL="https://auth.viarezo.fr/oauth/authorize"
+TOKEN_URL="https://auth.viarezo.fr/oauth/token"
+USERINFO_URL="https://auth.viarezo.fr/oidc/userinfo"
+LOGOUT_URL="https://auth.viarezo.fr/logout"
\ No newline at end of file
--- a/.gitignore
+++ b/.gitignore
+.env
+.venv
\ No newline at end of file
--- a/README.md
+++ b/README.md
+# Démonstration auth VR
+
+Ce repo héberge les exemples de la documentation sur le système d'authentification.
+Il y a une branche par étape du guide.
+
+## Lancer en local
+
+- Cloner le repo
+- Créer un `.env` à partir du `.env.template`
+- Remplir avec l'id et le secret du client d'exemple (donnés dans la documentation)
+- Installer les dépendances : `pip install -r requirements.txt` (dans un venv si vous voulez)
+- Lancer le serveur : `python main.py`
+- Aller sur `http://localhost:3000`
--- a/main.py
+++ b/main.py
+import os
+from flask import Flask
+from flask import request
+import requests
+
+app = Flask(__name__)
+
+
+@app.route('/')
+def home():
+
+    # Check if the user has been redirected back from the OAuth provider
+    if 'code' in request.args:
+        code = request.args['code']
+        payload = {
+            "code": code,
+            "client_id": os.environ.get('CLIENT_ID'),
+            "client_secret": os.environ.get('CLIENT_SECRET'),
+            "redirect_uri": "http://localhost:3000/",
+            "grant_type": "authorization_code"
+        }
+        headers = {
+            "Content-Type": "application/x-www-form-urlencoded"
+        }
+        response = requests.post(os.environ.get('TOKEN_URL'), data=payload, headers=headers)
+
+        # If the response is successful, use the access token to fetch the user's profile
+        if response.status_code == 200:
+            access_token = response.json()['access_token']
+            headers = {
+                "Authorization": f"Bearer {access_token}"
+            }
+            response = requests.get(os.environ.get('USERINFO_URL'), headers=headers)
+            if response.status_code == 200:
+                return f'Hello, {response.json()["first_name"]}'
+            else:
+                return 'Could not fetch user profile'
+
+    # If the user hasn't been redirected or has an invalid code, show a login button
+    params = {
+        "client_id": os.environ.get('CLIENT_ID'),
+        "redirect_uri": "http://localhost:3000/",
+        "response_type": "code",
+        "scope": "profile"
+    }
+    login_url = requests.Request(
+        'GET', os.environ.get('AUTHORIZATION_URL'),
+        params=params).prepare().url
+
+    return f'Main page -> <a href={login_url}>Login</a>'
+
+
+if __name__ == '__main__':
+    app.run(debug=True, port=3000)