This repository has been archived by the owner on Mar 7, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 71
/
sample_adal_bottle.py
78 lines (66 loc) · 3.19 KB
/
sample_adal_bottle.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
"""ADAL/Bottle sample for Microsoft Graph"""
# Copyright (c) Microsoft. All rights reserved. Licensed under the MIT license.
# See LICENSE in the project root for license information.
import os
import urllib.parse
import uuid
import adal
import bottle
import requests
import config
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' # enable non-HTTPS for testing
SESSION = requests.Session()
bottle.TEMPLATE_PATH = ['./static/templates']
@bottle.route('/')
@bottle.view('homepage.html')
def homepage():
"""Render the home page."""
return {'sample': 'ADAL'}
@bottle.route('/login')
def login():
"""Prompt user to authenticate."""
auth_state = str(uuid.uuid4())
SESSION.auth_state = auth_state
# For this sample, the user selects an account to authenticate. Change
# this value to 'none' for "silent SSO" behavior, and if the user is
# already authenticated they won't need to re-authenticate.
prompt_behavior = 'select_account'
params = urllib.parse.urlencode({'response_type': 'code',
'client_id': config.CLIENT_ID,
'redirect_uri': config.REDIRECT_URI,
'state': auth_state,
'resource': config.RESOURCE,
'prompt': prompt_behavior})
return bottle.redirect(config.AUTHORITY_URL + '/oauth2/authorize?' + params)
@bottle.route('/login/authorized')
def authorized():
"""Handler for the application's Redirect Uri."""
code = bottle.request.query.code
auth_state = bottle.request.query.state
if auth_state != SESSION.auth_state:
raise Exception('state returned to redirect URL does not match!')
auth_context = adal.AuthenticationContext(config.AUTHORITY_URL, api_version=None)
token_response = auth_context.acquire_token_with_authorization_code(
code, config.REDIRECT_URI, config.RESOURCE, config.CLIENT_ID, config.CLIENT_SECRET)
SESSION.headers.update({'Authorization': f"Bearer {token_response['accessToken']}",
'User-Agent': 'adal-sample',
'Accept': 'application/json',
'Content-Type': 'application/json',
'SdkVersion': 'sample-python-adal',
'return-client-request-id': 'true'})
return bottle.redirect('/graphcall')
@bottle.route('/graphcall')
@bottle.view('graphcall.html')
def graphcall():
"""Confirm user authentication by calling Graph and displaying some data."""
endpoint = config.RESOURCE + config.API_VERSION + '/me'
http_headers = {'client-request-id': str(uuid.uuid4())}
graphdata = SESSION.get(endpoint, headers=http_headers, stream=False).json()
return {'graphdata': graphdata, 'endpoint': endpoint, 'sample': 'ADAL'}
@bottle.route('/static/<filepath:path>')
def server_static(filepath):
"""Handler for static files, used with the development server."""
root_folder = os.path.abspath(os.path.dirname(__file__))
return bottle.static_file(filepath, root=os.path.join(root_folder, 'static'))
if __name__ == '__main__':
bottle.run(app=bottle.app(), server='wsgiref', host='localhost', port=5000)