Merge pull request #14 from spz-signup/signup-shibboleth

Signup shibboleth

requirements.txt

@@ -57,6 +57,7 @@ pycodestyle==2.6.0
 pyflakes==2.2.0
 Pygments==2.8.0
 pyinotify==0.9.6
+pyjwkest==1.4.2
 pyparsing==2.4.7
 pyrsistent==0.17.3
 PySimpleSOAP==1.16.2
@@ -89,3 +90,4 @@ wcwidth==0.2.5
 webassets==2.0
 Werkzeug==1.0.1
 WTForms==2.3.3
+pkce==1.0.3

src/spz/__init__.py

@@ -38,7 +38,6 @@ class CustomFlask(Flask):
 
 app = CustomFlask(__name__, instance_relative_config=True)
 
-
 # Configuration loading
 if app.env == 'development':
     config_object = Development()
@@ -48,11 +47,9 @@ class CustomFlask(Flask):
     config_object = Testing()
 app.config.from_object(config_object)
 
-
 if 'SPZ_CFG_FILE' in os.environ:
     app.config.from_pyfile(os.environ['SPZ_CFG_FILE'])  # load override values from external directory
 
-
 # set up login system
 login_manager = LoginManager()
 login_manager.init_app(app)
@@ -69,7 +66,6 @@ def login_by_id(id):
 # set up CSRF protection
 CSRFProtect(app)
 
-
 # helper for random length, random content comment (e.g. for BREACH protection)
 rlrc_rng = random.SystemRandom()
 
@@ -88,7 +84,6 @@ def rlrc_comment():
 app.jinja_env.globals['include_raw'] = lambda filename: Markup(app.jinja_loader.get_source(app.jinja_env, filename)[0])
 app.jinja_env.globals['rlrc_comment'] = rlrc_comment
 
-
 # Assets handling; keep the spz.assets module in sync with the static directory
 assets_env = Environment(app)
 
@@ -97,25 +92,26 @@ def rlrc_comment():
 for name, bundle in bundles.items():
     assets_env.register(name, bundle)
 
-
 # Set up logging before anything else, in order to catch early errors
 if not app.debug and app.config.get('LOGFILE', None):
     from logging import FileHandler
+
     file_handler = FileHandler(app.config['LOGFILE'])
     app.logger.addHandler(file_handler)
 
-
 # modify app for uwsgi
 if app.debug:
     from werkzeug.debug import DebuggedApplication
+
     app.wsgi_app = DebuggedApplication(app.wsgi_app, True)
 elif app.config.get('PROFILING', False):
     from werkzeug.contrib.profiler import ProfilerMiddleware
+
     app.wsgi_app = ProfilerMiddleware(app.wsgi_app)
 elif app.config.get('LINTING', False):
     from werkzeug.contrib.lint import LintMiddleware
-    app.wsgi_app = LintMiddleware(app.wsgi_app)
 
+    app.wsgi_app = LintMiddleware(app.wsgi_app)
 
 # Database handling
 db = SQLAlchemy(app)
@@ -129,13 +125,13 @@ def rlrc_comment():
 # I18n setup
 babel = Babel(app)
 
-
 # Register all views here
 from spz import views, errorhandlers, pdf  # NOQA
 
-
 routes = [
     ('/', views.index, ['GET', 'POST']),
+    ('/signupinternal/<int:course_id>', views.signupinternal, ['GET', 'POST']),
+    ('/signupexternal/<int:course_id>', views.signupexternal, ['GET', 'POST']),
     ('/licenses', views.licenses, ['GET']),
     ('/vacancies', views.vacancies, ['GET']),
     ('/signoff', views.signoff, ['GET', 'POST']),
@@ -189,12 +185,12 @@ def rlrc_comment():
 
     ('/internal/login', views.login, ['GET', 'POST']),
     ('/internal/logout', views.logout, ['GET', 'POST']),
+
 ]
 
 for rule, view_func, methods in routes:
     app.add_url_rule(rule, view_func=view_func, methods=methods)
 
-
 handlers = [
     (400, errorhandlers.bad_request),
     (401, errorhandlers.unauthorized),

src/spz/config.py

@@ -5,6 +5,7 @@
     Values can be overridden by specifying 'SPZ_CFG_FILE' environment variable.
 """
 
+import json
 from datetime import timedelta
 
 from kombu import Queue
@@ -129,6 +130,12 @@ def SQLALCHEMY_DATABASE_URI(self):
     ILIAS_PASSWORD = 'mysecretpassword'
     ILIAS_REFID = '123'
 
+    # config for Open ID Connect authentication
+    SPZ_URL = 'https://anmeldung.spz.kit.edu'
+    CLIENT_ID = 'anmeldung-spz-kit-edu'
+    # !!! Never upload secret to gitHub !!! set to 'myclientsecret'
+    CLIENT_SECRET = 'myclientsecret'
+
 
 class Development(BaseConfig):
     DEBUG = True