changed syntaxis to much the rest of the file, added a check for defa…

…ult oauth values
feyruzb · Sep 23, 2024 · fc930b3 · fc930b3
1 parent d5c9a8c
commit fc930b3
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 8 deletions.
diff --git a/web/server/codechecker_server/api/authentication.py b/web/server/codechecker_server/api/authentication.py
@@ -108,7 +108,7 @@ def createLink(self, provider):
         # print("manager", self.__manager)
         # print("config_database", self.__config_db)
         oauth_config = self.__manager.get_oauth_config(provider)
-        if not oauth_config.get("enabled"):
+        if not oauth_config.get('enabled'):
             raise codechecker_api_shared.ttypes.RequestFailed(
                 codechecker_api_shared.ttypes.ErrorCode.AUTH_DENIED,
                 "OAuth authentication is not enabled.")
@@ -216,8 +216,9 @@ def performLogin(self, auth_method, auth_string):
             provider, url = auth_string.split("@")
 
             oauth_config = self.__manager.get_oauth_config(provider)
-            if not oauth_config.get("enabled"):
-                LOG.error("OAuth authentication is not enabled for provider: %s", provider)
+            if not oauth_config.get('enabled'):
+                LOG.error("OAuth authentication is " +
+                          "not enabled for provider: %s", provider)
                 raise codechecker_api_shared.ttypes.RequestFailed(
                     codechecker_api_shared.ttypes.ErrorCode.AUTH_DENIED,
                     "OAuth authentication is not enabled.")
@@ -284,7 +285,8 @@ def performLogin(self, auth_method, auth_string):
                     codechecker_api_shared.ttypes.ErrorCode.AUTH_DENIED,
                     "User is not authorized to access this service")
 
-            LOG.error("User %s is not authorized to access this service.", username)
+            LOG.error("User %s is not authorized " +
+                      "to access this service.", username)
             raise codechecker_api_shared.ttypes.RequestFailed(
                 codechecker_api_shared.ttypes.ErrorCode.AUTH_DENIED,
                 "User is not authorized to access this service")

diff --git a/web/server/codechecker_server/session_manager.py b/web/server/codechecker_server/session_manager.py
@@ -270,6 +270,19 @@ def get_oauth_providers(self):
         return result
 
     def get_oauth_config(self, provider):
+        provider_cfg = self.__auth_config.get(
+            'method_oauth', {}).get("providers", {}).get(provider, {})
+
+        if provider_cfg.get("oauth_client_secret",
+                            "ExampleClientSecret") == "ExampleClientSecret" \
+                or provider_cfg.get("oauth_client_id",
+                                    "ExampleClientID") == "ExampleClientID":
+            self.__auth_config["method_oauth"]["providers"][provider][
+                "enabled"] = False
+
+            LOG.warning("OAuth configuration was set to default values. " +
+                        "Disabling oauth provider: %s", provider)
+
         return self.__auth_config.get(
             'method_oauth', {}).get("providers", {}).get(provider, {})
 
@@ -517,7 +530,7 @@ def __try_auth_oauth(self, auth_string):
         providers = self.__auth_config.get(
             'method_oauth', {}).get("providers", {})
 
-        provider, data = auth_string.split('@',1)
+        provider, data = auth_string.split('@', 1)
 
         if provider in providers:
             if not providers[provider].get('enabled', False):

diff --git a/web/server/config/server_config.json b/web/server/config/server_config.json
@@ -63,7 +63,7 @@
         "github" : {
           "enabled" : false,
           "oauth_client_id" : "ExampleClientID",
-          "oauth_client_secret": "exampleClientSecret",
+          "oauth_client_secret": "ExampleClientSecret",
           "oauth_authorization_uri": "https://github.com/login/oauth/authorize",
           "oauth_redirect_uri": "http://path_To_CodeChecker_Login_Page",
           "oauth_token_uri": "https://github.com/login/oauth/access_token",
@@ -81,7 +81,7 @@
         "google": {
           "enabled" : false,
           "oauth_client_id" : "ExampleClientID",
-          "oauth_client_secret" : "exampleClientSecret",
+          "oauth_client_secret" : "ExampleClientSecret",
           "oauth_authorization_uri" : "https://accounts.google.com/o/oauth2/auth",
           "oauth_redirect_uri" : "http://path_To_CodeChecker_Login_Page",
           "oauth_token_uri" : "https://accounts.google.com/o/oauth2/token",
@@ -99,7 +99,7 @@
         "microsoft": {
           "enabled": true,
           "oauth_client_id": "ExampleClientID",
-          "oauth_client_secret": "exampleClientSecret",
+          "oauth_client_secret": "ExampleClientSecret",
           "oauth_authorization_uri": "https://login.microsoftonline.com/92e84ceb-fbfd-47ab-be52-080c6b87953f/oauth2/v2.0/authorize",
           "oauth_redirect_uri": "http://path_To_CodeChecker_Login_Page",
           "oauth_token_uri": "https://login.microsoftonline.com/92e84ceb-fbfd-47ab-be52-080c6b87953f/oauth2/v2.0/token",