From 0ea79c059d4ced7224df79d899c04f0e6f1e480a Mon Sep 17 00:00:00 2001
From: zcemycl <lyc010197@gmail.com>
Date: Mon, 20 Nov 2023 23:35:15 +0000
Subject: [PATCH] update

---
 app/main.py                                   | 25 +++++
 requirements.txt                              |  1 +
 src/docker/oauth2/OAuth2Config.json           |  1 +
 src/docker/oauth2/login.example.html          | 39 ++++++++
 .../auth/third_party_jwt/utils.py             | 91 +++++++++++--------
 5 files changed, 121 insertions(+), 36 deletions(-)
 create mode 100644 src/docker/oauth2/login.example.html

diff --git a/app/main.py b/app/main.py
index 0a9bd5b..615dd6e 100644
--- a/app/main.py
+++ b/app/main.py
@@ -8,6 +8,9 @@
 
 from .database import get_async_session
 
+# import requests
+
+
 app = FastAPI()
 
 
@@ -46,3 +49,25 @@ async def get_async_skills(
     res = (await session.execute(stmt)).mappings().all()
     logger.info(res)
     return res
+
+
+# @app.get("/login_page")
+# async def login_page():
+#     headers = {"Content-Type": "application/x-www-form-urlencoded"}
+#     data = {
+#         "grant_type":"client_credentials",
+#         "client_id":"fake",
+#         "client_secret":"fake",
+#         "mock_type":"user",
+#     }
+#     # if grant_type == "refresh_token":
+#     #     data["refresh_token"] = refresh_token
+#     resp = requests.post(
+#         "http://oauth:8080/default_issuer/token",
+#         headers=headers,
+#         data=data,
+#     )
+#     return {
+#         **resp.json(),
+#         "id_token": "7cZPgOvv?hMc6j8FqMuYhx=g45454gw?vOWZM?!vz2FB7dAf?O?63iY"
+#         }
diff --git a/requirements.txt b/requirements.txt
index 495b1f5..5f14521 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -15,3 +15,4 @@ pydantic-settings
 python-jose
 PyJWT
 bcrypt
+requests
diff --git a/src/docker/oauth2/OAuth2Config.json b/src/docker/oauth2/OAuth2Config.json
index c8aa889..ddad18b 100644
--- a/src/docker/oauth2/OAuth2Config.json
+++ b/src/docker/oauth2/OAuth2Config.json
@@ -1,5 +1,6 @@
 {
     "interactiveLogin": false,
+    "loginPagePath": "/conf/login.example.html",
     "httpServer": "NettyWrapper",
     "tokenCallbacks": [
         {
diff --git a/src/docker/oauth2/login.example.html b/src/docker/oauth2/login.example.html
new file mode 100644
index 0000000..3b5f8b9
--- /dev/null
+++ b/src/docker/oauth2/login.example.html
@@ -0,0 +1,39 @@
+<!doctype html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <title>Mock OAuth2 Server Example Sign-in</title>
+
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"
+        integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
+</head>
+
+<body>
+    <div class="container">
+        <div class="row mt-5 justify-content-md-center">
+            <div class="col-md-5">
+                <form method="post">
+                    <div></div>
+                    <h4><img src="/static/nav-logo-red.svg" />&nbsp;&nbsp; Mock OAuth2 Server Example</h4>
+                    <hr class="divisor">
+                    <div class="form-group">
+                        <input type="text" class="form-control" name="username" autofocus="on"
+                            placeholder="Enter any user/subject">
+                    </div>
+                    <div class="form-group">
+                        <textarea class="form-control" name="claims" rows="15" placeholder="Optional claims JSON value, example:
+{
+  &quot;acr&quot;: &quot;reference&quot;
+}"
+                        ></textarea>
+                    </div>
+                    <button type="submit" class="btn btn-primary topBtn"><i class="fa fa-sign-in"></i>Sign-in</button>
+                </form>
+            </div>
+        </div>
+    </div>
+</body>
+
+</html>
diff --git a/src/example_package/auth/third_party_jwt/utils.py b/src/example_package/auth/third_party_jwt/utils.py
index 53d54ec..12302d7 100644
--- a/src/example_package/auth/third_party_jwt/utils.py
+++ b/src/example_package/auth/third_party_jwt/utils.py
@@ -107,40 +107,59 @@ def end_session(url: str = URL_END):
 
 
 if __name__ == "__main__":
-    print(get_well_known_endpoint())
-    token_resp_user = get_token(
-        grant_type="client_credentials",
-        client_id="fake",
-        client_secret="fake",
-        user="user",
-    )
-    token_resp_admin = get_token(
-        grant_type="client_credentials",
-        client_id="fake",
-        client_secret="fake",
-        user="admin",
-    )
-    print("-------Token--------\n ")
-    print(token_resp_user)
-    print(token_resp_admin)
-    print(get_user_info(token_resp_user["access_token"]))
-    print(get_user_info(token_resp_admin["access_token"]))
-
-    new_token_resp_user = get_token(
-        grant_type="refresh_token",
-        client_id="fake",
-        client_secret="fake",
-        refresh_token=token_resp_user["access_token"],
-        user="user",
+    # print(get_well_known_endpoint())
+    # token_resp_user = get_token(
+    #     grant_type="client_credentials",
+    #     client_id="fake",
+    #     client_secret="fake",
+    #     user="user",
+    # )
+    # token_resp_admin = get_token(
+    #     grant_type="client_credentials",
+    #     client_id="fake",
+    #     client_secret="fake",
+    #     user="admin",
+    # )
+    # print("-------Token--------\n ")
+    # print(token_resp_user)
+    # print(token_resp_admin)
+    # print(get_user_info(token_resp_user["access_token"]))
+    # print(get_user_info(token_resp_admin["access_token"]))
+
+    # new_token_resp_user = get_token(
+    #     grant_type="refresh_token",
+    #     client_id="fake",
+    #     client_secret="fake",
+    #     refresh_token=token_resp_user["access_token"],
+    #     user="user",
+    # )
+    # print(get_user_info(new_token_resp_user["access_token"]))
+
+    # print("------- jwks -------\n")
+    # print(get_jwks())
+    # introspect(new_token_resp_user["access_token"])
+    # revoke_token(new_token_resp_user["access_token"])
+    # introspect(new_token_resp_user["access_token"])
+
+    # end_session()
+    # introspect(new_token_resp_user["access_token"])
+    # introspect(token_resp_admin["access_token"])
+
+    # https://identityserver4.readthedocs.io/en/latest/endpoints/authorize.html#
+    auth_resp = requests.get(
+        "http://localhost:8002/default_issuer/authorize",
+        params={
+            "client_id": "fake",
+            # "response_type": "id_token token",
+            # "scope": "openid profile",
+            "response_type": "code",
+            "scope": "openid",
+            "redirect_uri": "http://localhost:4555/login_page",
+            "state": "abc",
+            "nonce": "abc",
+            # "code": "1234"
+        },
+        data={"username": "user"},
     )
-    print(get_user_info(new_token_resp_user["access_token"]))
-
-    print("------- jwks -------\n")
-    print(get_jwks())
-    introspect(new_token_resp_user["access_token"])
-    revoke_token(new_token_resp_user["access_token"])
-    introspect(new_token_resp_user["access_token"])
-
-    end_session()
-    introspect(new_token_resp_user["access_token"])
-    introspect(token_resp_admin["access_token"])
+    print(auth_resp.text)
+    print(auth_resp.json())