diff --git a/pulseguardian/auth.py b/pulseguardian/auth.py index 7ed566d1..6ac6ec5d 100644 --- a/pulseguardian/auth.py +++ b/pulseguardian/auth.py @@ -5,6 +5,7 @@ import functools from flask_pyoidc.flask_pyoidc import OIDCAuthentication +from flask_pyoidc.provider_configuration import ProviderConfiguration, ClientMetadata from pulseguardian import config @@ -30,10 +31,14 @@ def wrapper(*args, **kwargs): class OpenIDConnect(object): """Auth object for login, logout, and response validation.""" - def client_info(self): - return dict( - client_id=config.oidc_client_id, - client_secret=config.oidc_client_secret, + def get_provider(self): + auth_params = {"scope": ["openid", "profile", "email"]} + return ProviderConfiguration( + issuer="https://{DOMAIN}/".format(DOMAIN=config.oidc_domain), + client_metadata=ClientMetadata( + config.oidc_client_id, config.oidc_client_secret + ), + auth_request_params=auth_params ) def auth(self, app): @@ -41,11 +46,7 @@ def auth(self, app): return FakeOIDCAuthentication() oidc = OIDCAuthentication( - app, - issuer='https://{DOMAIN}/'.format(DOMAIN=config.oidc_domain), - client_registration_info=self.client_info(), - extra_request_args={ - 'scope': ['openid', 'profile', 'email'], - }, + {"pg_provider": self.get_provider()}, + app=app, ) return oidc diff --git a/requirements.txt b/requirements.txt index 676b91b3..b809393c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -10,7 +10,7 @@ chardet==3.0.4 click==7.1.2 cryptography==3.3.1 Flask==1.1.2 -https://github.com/mozilla-iam/Flask-pyoidc/archive/v1.0.0.tar.gz +Flask-pyoidc==3.7.0 Flask-SSLify==0.1.5 funcsigs==1.0.2 future==0.18.2 @@ -23,7 +23,7 @@ kombu==5.0.2 Mako==1.1.3 MarkupSafe==1.1.1 MozillaPulse==1.3 -oic==0.9.1.0 # pyup: ignore +oic==1.2.1 psycopg2-binary==2.8.6 pycparser==2.20 pycryptodomex==3.9.9