-
Notifications
You must be signed in to change notification settings - Fork 5
/
app_factory.py
112 lines (90 loc) · 3.08 KB
/
app_factory.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
from flask import Flask
from flask_cors import CORS
from werkzeug.middleware.proxy_fix import ProxyFix
from flask import redirect
from api_definitions import api
from auth import auth_lib_helper
from keycloak_api_client.keycloak import keycloak_client
from log_utils import configure_logging
from flask import Blueprint
index_bp = Blueprint("index", __name__)
@index_bp.route("/")
def index():
return redirect("/swagger-ui")
def _set_config_if_undefined(app, variable, value):
if not app.config.get(variable):
app.config.update(**{variable: value})
def configure_keycloak_dependent_variables(app: Flask) -> None:
keycloak_server = app.config["KEYCLOAK_SERVER"]
api_version = app.config["API_VERSION"]
realm = app.config["OIDC_REALM"]
authorizations = app.config["OAUTH_AUTHORIZATIONS"]
authorizations["oauth2"].update(
{
"tokenUrl": f"{keycloak_server}/auth/realms/{realm}/protocol/openid-connect/token",
"authorizationUrl": f"{keycloak_server}/auth/realms/{realm}/protocol/openid-connect/auth",
}
)
# Configuration URL for all the keys of the Keycloak server
_set_config_if_undefined(
app,
"OIDC_JWKS_URL",
f"{keycloak_server}/auth/realms/{realm}/protocol/openid-connect/certs",
)
# The 'iss' field in the token should match this
_set_config_if_undefined(
app, "OIDC_ISSUER", f"{keycloak_server}/auth/realms/{realm}"
)
# UI OAuth URL
_set_config_if_undefined(
app,
"OAUTH_AUTH_URL",
f"{keycloak_server}/auth/realms/{realm}/protocol/openid-connect/auth",
)
app.config.update(
OAUTH_AUTHORIZATIONS=authorizations,
API_URL_PREFIX="/api/{}".format(api_version),
)
def read_env_config(app: Flask):
try:
app.config.from_envvar("KEYCLOAK_REST_ADAPTER_CONFIG")
except Exception as e:
app.logger.error(e)
def configure_keycloak_client(app: Flask):
"""
Configures the keycloak client using the app's config
"""
keycloak_client.init_app(app)
def configure_authlib_helper(app: Flask):
"""
Configures the authorization helper
"""
auth_lib_helper.init_app(app)
def setup_api(app: Flask):
"""
Sets up the flast-restx API
"""
api.authorizations = app.config["OAUTH_AUTHORIZATIONS"]
api.version = app.config["API_VERSION"]
api.prefix = app.config["API_URL_PREFIX"]
api.init_app(app)
def create_app() -> Flask:
app = Flask(__name__)
app.wsgi_app = ProxyFix(app.wsgi_app)
CORS(app)
app.url_map.strict_slashes = False
app.config.from_object("default_adapter_config")
read_env_config(app)
app.logger = configure_logging(app.config["LOG_DIR"])
# Configuration
configure_keycloak_dependent_variables(app)
configure_keycloak_client(app)
configure_authlib_helper(app)
if app.config.get("OAUTH_AUTH_URL", None):
app.config["OAUTH_AUTHORIZATIONS"]["oauth2"]["authorizationUrl"] = app.config[
"OAUTH_AUTH_URL"
]
setup_api(app)
# Blueprints
app.register_blueprint(index_bp)
return app