From ab4ec523c3d67da64fe5e3b1b38b461c7c2e6b01 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Mon, 6 Nov 2023 13:23:47 +0100 Subject: [PATCH] add Iota did and attributes --- ereuse_devicehub/config.py | 3 ++ ereuse_devicehub/resources/user/models.py | 48 +++++++++++++++++++ .../ereuse_devicehub/user_profile.html | 20 ++++++++ 3 files changed, 71 insertions(+) diff --git a/ereuse_devicehub/config.py b/ereuse_devicehub/config.py index 5152bee5..51dc229f 100644 --- a/ereuse_devicehub/config.py +++ b/ereuse_devicehub/config.py @@ -99,6 +99,9 @@ class DevicehubConfig(Config): API_DLT_TOKEN = config('API_DLT_TOKEN', None) ID_FEDERATED = config('ID_FEDERATED', None) URL_MANUALS = config('URL_MANUALS', None) + ABAC_TOKEN = config('ABAC_TOKEN', None) + ABAC_COOKIE = config('ABAC_COOKIE', None) + ABAC_USER = config('ABAC_USER', None) """Definition of oauth jwt details.""" OAUTH2_JWT_ENABLED = config('OAUTH2_JWT_ENABLED', False) diff --git a/ereuse_devicehub/resources/user/models.py b/ereuse_devicehub/resources/user/models.py index 21efa70f..fe018306 100644 --- a/ereuse_devicehub/resources/user/models.py +++ b/ereuse_devicehub/resources/user/models.py @@ -1,4 +1,5 @@ import json +import requests from uuid import uuid4 from citext import CIText @@ -191,6 +192,53 @@ class User(UserMixin, Thing): rols = result.get('Data', {}).get('data', {}) return [(k, k) for k, v in rols.items() if v] + def _call_abac(self, path): + abac_tk = app.config.get('ABAC_TOKEN') + abac_coockie = app.config.get('ABAC_COOKIE') + eth_pub_key = app.config.get('ABAC_USER') + abac_path = path + if not (abac_tk and eth_pub_key and abac_path): + return '' + + header = { + 'Authorization': f'Bearer {abac_tk}', + 'Cookie': abac_coockie + } + domain = 'https://abac-oracle.stable.iota-ec.net/accounts/' + url = f'{domain}{eth_pub_key}/{abac_path}' + return requests.get(url, headers=header) + + def get_abac_did(self): + try: + r = self._call_abac('did') + if not r or not r.status_code == 200: + return '' + return r.json().get('did', '') + except Exception: + return '' + + def get_abac_attributes(self): + try: + r = self._call_abac('attributes') + if not r or not r.status_code == 200: + return {} + data = r.json() + if not data: + return {} + result = {} + for j in data: + k = j.get('attributeURI', '').split('/')[-1].split("#")[-1] + v = j.get('attributeValue', '') + if not (k and v): + continue + result[k] = v + + return result + + except Exception: + return {} + + class UserInventory(db.Model): """Relationship between users and their inventories.""" diff --git a/ereuse_devicehub/templates/ereuse_devicehub/user_profile.html b/ereuse_devicehub/templates/ereuse_devicehub/user_profile.html index 0da7805b..e82cfb07 100644 --- a/ereuse_devicehub/templates/ereuse_devicehub/user_profile.html +++ b/ereuse_devicehub/templates/ereuse_devicehub/user_profile.html @@ -44,6 +44,9 @@ OpenID Connect {% endif %} +
  • + +
    • @@ -103,6 +106,23 @@
    +
    +
    + +
    + {{ current_user.get_abac_did() }} +
    +
    + {% for k, v in current_user.get_abac_attributes().items() %} +
    + +
    + {{ v }} +
    +
    + {% endfor %} +
    +