Skip to content

Commit

Permalink
blacked
Browse files Browse the repository at this point in the history
  • Loading branch information
wh1te909 committed Sep 30, 2024
1 parent c906e99 commit 877eae0
Show file tree
Hide file tree
Showing 6 changed files with 40 additions and 38 deletions.
4 changes: 3 additions & 1 deletion api/tacticalrmm/accounts/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,9 @@
path("users/", views.GetAddUsers.as_view()),
path("<int:pk>/users/", views.GetUpdateDeleteUser.as_view()),
path("sessions/<str:pk>/", views.DeleteActiveLoginSession.as_view()),
path("users/<int:pk>/sessions/", views.GetDeleteActiveLoginSessionsPerUser.as_view()),
path(
"users/<int:pk>/sessions/", views.GetDeleteActiveLoginSessionsPerUser.as_view()
),
path("users/reset/", views.UserActions.as_view()),
path("users/reset_totp/", views.UserActions.as_view()),
path("users/setup_totp/", views.TOTPSetup.as_view()),
Expand Down
3 changes: 1 addition & 2 deletions api/tacticalrmm/ee/sso/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
For details, see: https://license.tacticalrmm.com/ee
"""


from django.urls import path
from django.urls import include

Expand All @@ -16,4 +15,4 @@
path("ssoproviders/<int:pk>/", views.GetUpdateDeleteSSOProvider.as_view()),
path("ssoproviders/token/", views.GetAccessToken.as_view()),
path("ssoproviders/settings/", views.GetUpdateSSOSettings.as_view()),
]
]
49 changes: 28 additions & 21 deletions api/tacticalrmm/ee/sso/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
For details, see: https://license.tacticalrmm.com/ee
"""


import re
from django.shortcuts import get_object_or_404

Expand All @@ -21,8 +20,10 @@
from logs.models import AuditLog
from tacticalrmm.utils import get_core_settings


class SocialAppSerializer(ModelSerializer):
server_url = ReadOnlyField(source="settings.server_url")

class Meta:
model = SocialApp
fields = [
Expand All @@ -35,7 +36,7 @@ class Meta:
"server_url",
"settings",
]


class GetAddSSOProvider(APIView):
permission_classes = [IsAuthenticated, AccountsPerms]
Expand All @@ -46,6 +47,7 @@ def get(self, request):

class InputSerializer(ModelSerializer):
server_url = ReadOnlyField()

class Meta:
model = SocialApp
fields = [
Expand All @@ -55,13 +57,13 @@ class Meta:
"server_url",
"provider",
"provider_id",
"settings"
"settings",
]

# removed any special characters and replaces spaces with a hyphen
def generate_provider_id(self, string):
id = re.sub(r'[^A-Za-z0-9\s]', '', string)
id = id.replace(' ', '-')
id = re.sub(r"[^A-Za-z0-9\s]", "", string)
id = id.replace(" ", "-")
return id

def post(self, request):
Expand All @@ -88,14 +90,10 @@ class GetUpdateDeleteSSOProvider(APIView):

class InputSerialzer(ModelSerializer):
server_url = ReadOnlyField()

class Meta:
model = SocialApp
fields = [
"client_id",
"secret",
"server_url",
"settings"
]
fields = ["client_id", "secret", "server_url", "settings"]

def put(self, request, pk):
provider = get_object_or_404(SocialApp, pk=pk)
Expand All @@ -105,7 +103,9 @@ def put(self, request, pk):
data["settings"] = {}
data["settings"]["server_url"] = data["server_url"]

serializer = self.InputSerialzer(instance=provider, data=request.data, partial=True)
serializer = self.InputSerialzer(
instance=provider, data=request.data, partial=True
)
serializer.is_valid(raise_exception=True)
serializer.save()
return Response("ok")
Expand All @@ -122,25 +122,32 @@ class GetAccessToken(KnoxLoginView):

def post(self, request, format=None):
# check for auth method before signing in
if "account_authentication_methods" in request.session and len(request.session["account_authentication_methods"]) > 0:
if (
"account_authentication_methods" in request.session
and len(request.session["account_authentication_methods"]) > 0
):
login_method = request.session["account_authentication_methods"][0]

# get token
response = super().post(request, format=None)
response.data["username"] = request.user.username
response.data["provider"] = login_method["provider"]

AuditLog.audit_user_login_successful_sso(request.user.username, login_method["provider"], login_method)
AuditLog.audit_user_login_successful_sso(
request.user.username, login_method["provider"], login_method
)

#invalid user session since we have an access token now
# invalid user session since we have an access token now
logout(request)

return Response(response.data)
else:
AuditLog.audit_user_login_failed_sso(request.user.username)
logout(request)
return Response("The credentials supplied were invalid", status.HTTP_403_FORBIDDEN)

return Response(
"The credentials supplied were invalid", status.HTTP_403_FORBIDDEN
)


class GetUpdateSSOSettings(APIView):
permission_classes = [IsAuthenticated, AccountsPerms]
Expand All @@ -150,14 +157,14 @@ def get(self, request):
settings = get_core_settings()

return Response({"block_local_user_logon": settings.block_local_user_logon})

def post(self, request):

data = request.data

settings = get_core_settings()

settings.block_local_user_logon = data["block_local_user_logon"]
settings.save(update_fields=["block_local_user_logon"])

return Response("ok")
return Response("ok")
6 changes: 4 additions & 2 deletions api/tacticalrmm/tacticalrmm/middleware.py
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def get_debug_info() -> Dict[str, Any]:
"/api/schema",
"/accounts/ssoproviders/token",
"/_allauth/browser/v1/config",
"/_allauth/browser/v1/auth/provider/redirect"
"/_allauth/browser/v1/auth/provider/redirect",
)

DEMO_EXCLUDE_PATHS = (
Expand Down Expand Up @@ -75,7 +75,9 @@ def process_view(self, request, view_func, view_args, view_kwargs):
# gather and save debug info
debug_info["url"] = request.path
debug_info["method"] = request.method
debug_info["view_class"] = view_func.cls.__name__ if hasattr(view_func, "cls") else None
debug_info["view_class"] = (
view_func.cls.__name__ if hasattr(view_func, "cls") else None
)
debug_info["view_func"] = view_Name
debug_info["view_args"] = view_args
debug_info["view_kwargs"] = view_kwargs
Expand Down
14 changes: 4 additions & 10 deletions api/tacticalrmm/tacticalrmm/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@
"scripts",
"alerts",
"ee.reporting",
"ee.sso"
"ee.sso",
]

CHANNEL_LAYERS = {
Expand All @@ -200,16 +200,12 @@
HEADLESS_ONLY = True
SOCIALACCOUNT_ONLY = True
ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
ACCOUNT_EMAIL_VERIFICATION = 'none'
ACCOUNT_EMAIL_VERIFICATION = "none"
SOCIALACCOUNT_EMAIL_AUTHENTICATION = True
SOCIALACCOUNT_EMAIL_AUTHENTICATION_AUTO_CONNECT = True
SOCIALACCOUNT_EMAIL_VERIFICATION = True

SOCIALACCOUNT_PROVIDERS = {
"openid_connect": {
"OAUTH_PKCE_ENABLED": True
}
}
SOCIALACCOUNT_PROVIDERS = {"openid_connect": {"OAUTH_PKCE_ENABLED": True}}

AUTHENTICATION_BACKENDS = ("allauth.account.auth_backends.AuthenticationBackend",)
SESSION_COOKIE_SECURE = True
Expand Down Expand Up @@ -258,9 +254,7 @@
MIDDLEWARE.insert(0, "silk.middleware.SilkyMiddleware")

if ADMIN_ENABLED:
INSTALLED_APPS += (
"django.contrib.admin",
)
INSTALLED_APPS += ("django.contrib.admin",)

if DEMO:
MIDDLEWARE += ("tacticalrmm.middleware.DemoMiddleware",)
Expand Down
2 changes: 0 additions & 2 deletions api/tacticalrmm/tacticalrmm/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,8 @@ def to_url(self, value):

urlpatterns = [
path("", home),

# all auth urls
path("_allauth/", include("allauth.headless.urls")),

path("v2/checkcreds/", CheckCredsV2.as_view()),
path("v2/login/", LoginViewV2.as_view()),
path("checkcreds/", CheckCreds.as_view()), # DEPRECATED AS OF 0.19.0
Expand Down

0 comments on commit 877eae0

Please sign in to comment.