Commit 5c3c795e authored by echel0n's avatar echel0n
Browse files

Pre-Release v9.3.72.dev1

parent a658730f
# Changelog
- * eedd912 - 2018-09-08: Release v9.3.71
- * 055e08b - 2018-09-08: Pre-Release v9.3.72.dev1
- * 3b8de1e - 2018-09-08: Release v9.3.71
- * cf75694a - 2018-09-08: Release v9.3.70
- * d1aa98d - 2018-09-08: Pre-Release v9.3.70.dev2
- * f805a60 - 2018-09-08: Added real-time SSO session handling for WebUI. Token exchange performed to get offline token for API access.
......
......@@ -70,12 +70,15 @@ class API(object):
extras = {
'client_id': self.client_id,
'client_secret': self.client_secret,
'refresh_token': sickrage.app.config.app_oauth_refresh_token
}
try:
self.token = self.session.refresh_token(self.token_url, **extras)
if sickrage.app.config.app_oauth_refresh_token:
self.token = self.session.refresh_token(self.token_url, **extras)
except InvalidGrantError as e:
self.token = {}
sickrage.app.config.app_oauth_refresh_token = ''
sickrage.app.config.save()
@staticmethod
def throttle_hook(response, **kwargs):
......
......@@ -55,6 +55,7 @@ class Config(object):
self.app_id = ""
self.app_oauth_token = ""
self.app_oauth_refresh_token = ""
self.debug = False
......@@ -691,6 +692,7 @@ class Config(object):
'General': {
'app_id': self.app_id or str(uuid.uuid4()),
'app_oauth_token': '',
'app_oauth_refresh_token': '',
'enable_api_providers_cache': True,
'log_size': 1048576,
'calendar_unprotected': False,
......@@ -1386,6 +1388,7 @@ class Config(object):
self.config_version = self.check_setting_int('General', 'config_version')
self.app_id = self.check_setting_str('General', 'app_id')
self.app_oauth_token = self.check_setting_str('General', 'app_oauth_token')
self.app_oauth_refresh_token = self.check_setting_str('General', 'app_oauth_refresh_token')
self.enable_api_providers_cache = self.check_setting_bool('General', 'enable_api_providers_cache')
self.debug = sickrage.app.debug or self.check_setting_bool('General', 'debug')
self.last_db_compact = self.check_setting_int('General', 'last_db_compact')
......@@ -1881,6 +1884,7 @@ class Config(object):
'last_db_compact': self.last_db_compact,
'app_id': self.app_id,
'app_oauth_token': self.app_oauth_token,
'app_oauth_refresh_token': self.app_oauth_refresh_token,
'enable_api_providers_cache': int(self.enable_api_providers_cache),
'git_autoissues': int(self.git_autoissues),
'git_username': self.git_username,
......
......@@ -280,10 +280,12 @@ class LoginHandler(BaseHandler):
self.set_secure_cookie('sr_access_token', token['access_token'])
self.set_secure_cookie('sr_refresh_token', token['refresh_token'])
if not API().token:
if not sickrage.app.config.app_oauth_refresh_token:
exchange = {'scope': 'offline_access', 'subject_token': token['access_token']}
API().token = sickrage.app.oidc_client.token_exchange(**exchange)
sickrage.app.config.app_oauth_refresh_token = API().token['refresh_token']
API().register_appid(sickrage.app.config.app_id)
sickrage.app.config.save()
elif sickrage.app.oidc_client.userinfo(token['access_token'])['sub'] != API().userinfo['sub']:
return self.redirect('/logout')
except Exception as e:
......@@ -536,8 +538,9 @@ class WebRoot(WebHandler):
return self.redirect("/{}/".format(sickrage.app.config.default_page))
API().unregister_appid(sickrage.app.config.app_id)
sickrage.app.oidc_client.logout(API().token['refresh_token'])
API().token = ''
sickrage.app.oidc_client.logout(sickrage.app.config.app_oauth_refresh_token)
sickrage.app.config.app_oauth_refresh_token = ''
sickrage.app.config.save()
return self.redirect('/logout/')
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment