add Iota did and attributes

This commit is contained in:
Cayo Puigdefabregas 2023-11-06 13:23:47 +01:00
parent 20ee5ae411
commit ab4ec523c3
3 changed files with 71 additions and 0 deletions

View File

@ -99,6 +99,9 @@ class DevicehubConfig(Config):
API_DLT_TOKEN = config('API_DLT_TOKEN', None) API_DLT_TOKEN = config('API_DLT_TOKEN', None)
ID_FEDERATED = config('ID_FEDERATED', None) ID_FEDERATED = config('ID_FEDERATED', None)
URL_MANUALS = config('URL_MANUALS', None) URL_MANUALS = config('URL_MANUALS', None)
ABAC_TOKEN = config('ABAC_TOKEN', None)
ABAC_COOKIE = config('ABAC_COOKIE', None)
ABAC_USER = config('ABAC_USER', None)
"""Definition of oauth jwt details.""" """Definition of oauth jwt details."""
OAUTH2_JWT_ENABLED = config('OAUTH2_JWT_ENABLED', False) OAUTH2_JWT_ENABLED = config('OAUTH2_JWT_ENABLED', False)

View File

@ -1,4 +1,5 @@
import json import json
import requests
from uuid import uuid4 from uuid import uuid4
from citext import CIText from citext import CIText
@ -191,6 +192,53 @@ class User(UserMixin, Thing):
rols = result.get('Data', {}).get('data', {}) rols = result.get('Data', {}).get('data', {})
return [(k, k) for k, v in rols.items() if v] return [(k, k) for k, v in rols.items() if v]
def _call_abac(self, path):
abac_tk = app.config.get('ABAC_TOKEN')
abac_coockie = app.config.get('ABAC_COOKIE')
eth_pub_key = app.config.get('ABAC_USER')
abac_path = path
if not (abac_tk and eth_pub_key and abac_path):
return ''
header = {
'Authorization': f'Bearer {abac_tk}',
'Cookie': abac_coockie
}
domain = 'https://abac-oracle.stable.iota-ec.net/accounts/'
url = f'{domain}{eth_pub_key}/{abac_path}'
return requests.get(url, headers=header)
def get_abac_did(self):
try:
r = self._call_abac('did')
if not r or not r.status_code == 200:
return ''
return r.json().get('did', '')
except Exception:
return ''
def get_abac_attributes(self):
try:
r = self._call_abac('attributes')
if not r or not r.status_code == 200:
return {}
data = r.json()
if not data:
return {}
result = {}
for j in data:
k = j.get('attributeURI', '').split('/')[-1].split("#")[-1]
v = j.get('attributeValue', '')
if not (k and v):
continue
result[k] = v
return result
except Exception:
return {}
class UserInventory(db.Model): class UserInventory(db.Model):
"""Relationship between users and their inventories.""" """Relationship between users and their inventories."""

View File

@ -44,6 +44,9 @@
<a href="{{ url_for('oidc.create_client') }}" class="nav-link">OpenID Connect</a> <a href="{{ url_for('oidc.create_client') }}" class="nav-link">OpenID Connect</a>
</li> </li>
{% endif %} {% endif %}
<li class="nav-item">
<button class="nav-link" data-bs-toggle="tab" data-bs-target="#id_abac_attrs">Identity Attributes</button>
</li>
</ul> </ul>
<div class="tab-content pt-2"> <div class="tab-content pt-2">
@ -103,6 +106,23 @@
</form><!-- End Sanitization Certificate datas Form --> </form><!-- End Sanitization Certificate datas Form -->
</div> </div>
<div class="tab-pane fade pt-3" id="id_abac_attrs">
<div class="row mb-3">
<label class="col-md-4 col-lg-3 col-form-label">Did</label>
<div class="col-md-8 col-lg-9">
{{ current_user.get_abac_did() }}
</div>
</div>
{% for k, v in current_user.get_abac_attributes().items() %}
<div class="row mb-3">
<label class="col-md-4 col-lg-3 col-form-label">{{ k }}</label>
<div class="col-md-8 col-lg-9">
{{ v }}
</div>
</div>
{% endfor %}
</div>
</div><!-- End Bordered Tabs --> </div><!-- End Bordered Tabs -->
</div> </div>