From 2781f336e74eb49f75141f4b36420cb34add900d Mon Sep 17 00:00:00 2001
From: Bjarke Madsen <bjarke@nordu.net>
Date: Thu, 15 Jun 2023 19:01:28 +0200
Subject: [PATCH] Add authlib and flask-login libraries for oauth integration

---
 compendium_v2/config.py | 16 +++++++++++++---
 config-example.json     |  8 +++++++-
 requirements.txt        |  2 ++
 setup.py                |  4 +++-
 test/conftest.py        |  3 ++-
 5 files changed, 27 insertions(+), 6 deletions(-)

diff --git a/compendium_v2/config.py b/compendium_v2/config.py
index 5cf1a69b..490f399a 100644
--- a/compendium_v2/config.py
+++ b/compendium_v2/config.py
@@ -1,15 +1,25 @@
 import json
 import jsonschema
 
-
 CONFIG_SCHEMA = {
     '$schema': 'http://json-schema.org/draft-07/schema#',
     'type': 'object',
     'properties': {
         'SQLALCHEMY_DATABASE_URI': {'type': 'string', 'format': 'database-uri'},
-        'SURVEY_DATABASE_URI': {'type': 'string', 'format': 'database-uri'}
+        'SURVEY_DATABASE_URI': {'type': 'string', 'format': 'database-uri'},
+        'oidc': {
+            'type': 'object',
+            'properties': {
+                'client_id': {'type': 'string'},
+                'client_secret': {'type': 'string'},
+                'server_metadata_url': {'type': 'string', 'format': 'uri', 'pattern': '^https?://'},
+            },
+            'required': ['client_id', 'client_secret', 'server_metadata_url'],
+            'additionalProperties': False
+        },
+        'SECRET_KEY': {'type': 'string'},
     },
-    'required': ['SQLALCHEMY_DATABASE_URI', 'SURVEY_DATABASE_URI'],
+    'required': ['SQLALCHEMY_DATABASE_URI', 'SURVEY_DATABASE_URI', 'SECRET_KEY'],
     'additionalProperties': False
 }
 
diff --git a/config-example.json b/config-example.json
index f480ed92..a04ee059 100644
--- a/config-example.json
+++ b/config-example.json
@@ -1,4 +1,10 @@
 {
   "SQLALCHEMY_DATABASE_URI": "postgresql://compendium:compendium321@localhost:65000/compendium",
-  "SURVEY_DATABASE_URI": ""
+  "SURVEY_DATABASE_URI": "",
+  "oidc": {
+    "client_id": "<id>",
+    "client_secret": "<secret>",
+    "server_metadata_url": "https://accounts.google.com/.well-known/openid-configuration"
+  },
+  "SECRET_KEY": "changeme"
 }
diff --git a/requirements.txt b/requirements.txt
index 2487e32e..fe4111a1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -8,6 +8,8 @@ flask-sqlalchemy~=3.0
 openpyxl~=3.1
 psycopg2-binary~=2.9
 SQLAlchemy~=2.0
+authlib~=1.2
+flask-login~=0.6
 
 pytest~=7.2
 pytest-mock~=3.10
diff --git a/setup.py b/setup.py
index 87daee04..af25355e 100644
--- a/setup.py
+++ b/setup.py
@@ -20,7 +20,9 @@ setup(
         'openpyxl~=3.1',
         'psycopg2-binary~=2.9',
         'SQLAlchemy~=2.0',
-        'sentry-sdk[flask]~=1.23'
+        'sentry-sdk[flask]~=1.23',
+        'authlib~=1.2',
+        'flask-login~=0.6'
     ],
     include_package_data=True,
 
diff --git a/test/conftest.py b/test/conftest.py
index 1374fe29..8fdd0c86 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -17,7 +17,8 @@ def _test_data_csv(filename):
 def dummy_config():
     yield {
         'SQLALCHEMY_DATABASE_URI': 'sqlite://',
-        'SURVEY_DATABASE_URI': 'sqlite:///'
+        'SURVEY_DATABASE_URI': 'sqlite:///',
+        'SECRET_KEY': 'testsecret123'
     }
 
 
-- 
GitLab