penyesuaian google client

aagusti
Commit 0d5e7327 authored Jun 14, 2022 by aagusti
Showing 9 changed files with 87 additions and 56 deletions
opensipkd/base/__init__.py
opensipkd/base/views/base_google.py
opensipkd/base/views/register_external.py
opensipkd/base/views/templates/base3.1.pt
opensipkd/base/views/templates/form_input.pt
opensipkd/base/views/templates/login.pt
opensipkd/base/views/templates/register.pt
opensipkd/base/views/user.py
opensipkd/base/views/user_login.py
--- a/opensipkd/base/__init__.py
+++ b/opensipkd/base/__init__.py
@@ -116,15 +116,18 @@ def add_global(event):
    event['get_params'] = get_params
-def get_params(params, alternate=None):
+def get_params(params, alternate=None, settings=None):
    """
    Digunakan untuk mengambil nilai dari konfigurasi sesuai params yang disebut
    :param params: variable
    :param alternate: default apabila tidak ditemukan data/params
+    :param settings: default settings
    :return: value
    contoh penggunaan:
        get_params('devel', False)
    """
+    if not settings:
        settings = get_settings()
    result = settings and params in settings and settings[params].strip() or None
    if not result:
@@ -425,7 +428,8 @@ def main(global_config, **settings):
    config.add_static_view('deform_static', 'deform:static')
    # config.add_static_view('files', get_params('static_files'))
    # Captcha
-    captcha_files = get_params('captcha_files', '/tmp/captcha')
+    captcha_files = get_params('captcha_files', settings=settings,alternate="/tmp/captcha")
    if not os.path.exists(captcha_files):
        os.makedirs(captcha_files)
    config.add_static_view('captcha', captcha_files)

--- a/opensipkd/base/views/base_google.py
+++ b/opensipkd/base/views/base_google.py
 from google.auth.transport import requests
 from google.oauth2 import id_token
+from opensipkd.base import get_params
 from pyramid.view import (view_config, )
 from ..models import User
 from opensipkd.tools import get_settings
+import json
 def validate_user(request, idinfo):
@@ -51,16 +53,21 @@ def googlesignin(request):
    # (Receive token by HTTPS POST)
    # ...
    CLIENT_IDS = request.google_signin_client_ids
+    # CLIENT_IDS =     get_params('google-signin-client-id')
+    KEY = get_params('google-signin-client-secret')
    # Specify the CLIENT_ID of the app that accesses the backend:
    # idinfo = id_token.verify_oauth2_token(token, requests.Request(), CLIENT_ID)
    # Or, if multiple clients access the backend server:
-    gtoken = request.params['id_token']
+    gtoken = json.loads(request.params['id_token'])
-    idinfo = id_token.verify_oauth2_token(gtoken, requests.Request())
+    import jwt
+    idinfo = jwt.decode(gtoken["credential"], options={"verify_signature": False})  # KEY, algorithms=["RS256"]) #
+    # idinfo = id_token.verify_oauth2_token(gtoken, requests.Request())
    if idinfo['aud'] not in CLIENT_IDS:
        raise ValueError('Could not verify audience.')
    if idinfo['iss'] not in ['accounts.google.com', 'https://accounts.google.com']:
        raise ValueError('Wrong issuer.')
    return idinfo
--- a/opensipkd/base/views/register_external.py
+++ b/opensipkd/base/views/register_external.py
@@ -180,7 +180,7 @@ def get_form(request, class_form, buttons=None, validator=form_validator):
    return Form(schema, buttons=('batal', 'simpan'))
-def save(values, user=None, row=None):
+def save(values, user=None, row=None, request=None):
    """
    Digunakan untuk menyimpan User External
    :param values: dictionary of
@@ -198,7 +198,7 @@ def save(values, user=None, row=None):
    if not user:
        user_ = dict(user_name=values['external_user_name'],
                     email=values['external_email'])
-        user, remail = save_user(user_)
+        user, remail = save_user(request, user_)
    if not row:
        row = ExternalIdentity()
@@ -222,9 +222,9 @@ def save_request(values, request, row=None):
    user = ExternalIdentityService.user_by_external_id_and_provider(
        id_info['sub'], id_info['iss'])
    if not user:
-        user = save(values, user, row)
+        user = save(values, user, row, request)
-    partner = Partner.query_user_id(user.id).first()
+    partner = Partner.query_email(id_info['email']).first()
    # if not partner:
    values['email'] = id_info['email']
    if 'kode' not in values and not values['kode']:
@@ -280,7 +280,7 @@ class RegistrasiExternal(BaseView):
                    values['primari']['email'] = id_info['email']
                    # values['detail']['captcha']
                    form.set_appstruct(values)
-                    return dict(form=form, captcha=get_captcha(request))
+                    return dict(form=form, captcha=get_captcha(request), scripts="")
                dicts = dict(controls)
                values = dicts['primari']
@@ -317,7 +317,9 @@ class RegistrasiExternal(BaseView):
                values['secondari'].update(partner.to_dict())
        form.set_appstruct(values)
-        return dict(form=form, captcha=get_captcha(request))
+        # return dict()
+        # return dict(captcha=get_captcha(request))
+        return dict(form=form.render(), captcha=get_captcha(request), scripts="")
    @view_config(route_name='profile-external', renderer='templates/register.pt',
                 permission='view')

--- a/opensipkd/base/views/templates/base3.1.pt
+++ b/opensipkd/base/views/templates/base3.1.pt
 <!DOCTYPE html>
 <html lang="en-us"
-      tal:define="home request.route_url('home')[:-1];
+         tal:define="
+        home request.route_url('home')[:-1];
        user_path  ['user', 'user-add', 'user-edit', 'user-view', 'user-delete'];
        group_path  ['group', 'group-add', 'group-edit', 'group-view', 'group-delete'];
        param_path  ['parameter', 'parameter-add', 'parameter-edit', 'parameter-view', 'parameter-delete'];
        dep_path ['departemen', 'departemen-add', 'departemen-edit', 'departemen-view', 'departemen-delete'];
        partner_path ['partner', 'partner-add', 'partner-edt', 'partner-view', 'partner-del'];
        company_path ['company', 'company-add', 'company-edt', 'company-view', 'company-del'];
-    part_dep_path ['partner-departemen', 'partner-departemen-add', 'partner-departemen-edit', 'partner-departemen-view',
+        part_dep_path ['partner-departemen', 'partner-departemen-add', 'partner-departemen-edit', 'partner-departemen-view', 'partner-departemen-delete'];
-    'partner-departemen-delete'];
        jabatan_path ['jabatan', 'jabatan-add', 'jabatan-edit', 'jabatan-view', 'jabatan-delete'];
        eselon_path ['eselon', 'eselon-add', 'eselon-edit', 'eselon-view', 'eselon-delete'];
        provinsi_path ['provinsi', 'provinsi-add', 'provinsi-edit', 'provinsi-view', 'provinsi-delete'];

--- a/opensipkd/base/views/templates/form_input.pt
+++ b/opensipkd/base/views/templates/form_input.pt
@@ -22,9 +22,8 @@
                ${structure:scripts}
        });
    </script>
-    <div metal:define-slot="scripts">
+    <div metal:define-slot="scripts"></div>
-    </div>
 </div>
 </html>
--- a/opensipkd/base/views/templates/login.pt
+++ b/opensipkd/base/views/templates/login.pt
 <!DOCTYPE html>
 <html lang="en"
         tal:define="home request.route_url('home')[:-1];">
-    <head>
+<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="description" content="">
    <meta name="author" content="">
    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
-        <meta tal:condition="request.google_signin_client_id"
+    <!--?        <meta tal:condition="request.google_signin_client_id"-->
-              name="google-signin-client_id"
+    <!--?              name="google-signin-client_id"-->
-              content="${request.google_signin_client_id}">
+    <!--?              content="${request.google_signin_client_id}">-->
    <link rel="shortcut icon" href="${home}/static/img/favicon.png">
    <title tal:content="request.title" />
@@ -19,7 +19,8 @@
    <link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/font-awesome.min.css">
    <!-- SmartAdmin Styles : Caution! DO NOT change the order -->
-    <link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-production-plugins.min.css">
+    <link rel="stylesheet" type="text/css" media="screen"
+          href="${home}/static/v3/css/smartadmin-production-plugins.min.css">
    <link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-production.min.css">
    <link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-skins.min.css">
@@ -27,21 +28,22 @@
    <link rel="stylesheet" type="text/css" media="screen" href="${home}/static/v3/css/smartadmin-rtl.min.css">
    <link rel="stylesheet" type="text/css" href="${home}/static/css/custom.css">
-    </head>
+</head>
-    <body>
+<body>
-        <div id="content" class="container">
+<div id="content" class="container">
    <div class="row">
        <div class="col-xs-12 col-sm-12 col-md-6 col-md-offset-3 col-lg-4 col-lg-offset-4" style="margin-top:50px">
            <div class="well no-padding">
                <form id="deform" method="POST" enctype="multipart/form-data" accept-charset="utf-8"
                      class="smart-form client-form panel form-signin" style="border:0px;">
                    <header class="bg-color-blue">
-                                    <h1 class="txt-color-white login-header-big" align="center" style="letter-spacing:1px;">${request.app_name}</h1>
+                        <h1 class="txt-color-white login-header-big" align="center"
+                            style="letter-spacing:1px;">${request.app_name}</h1>
                    </header>
                    <fieldset class="deformFormFieldset">
-                                <input type="hidden" name="_charset_" />
+                        <input type="hidden" name="_charset_"/>
                        <input type="hidden" name="__formid__" value="deform"/>
                        <div tal:condition="request.session.peek_flash()">
                            <div class="alert alert-success" tal:repeat="message request.session.pop_flash()"><i
@@ -74,7 +76,8 @@
                            <label class="label">PASSWORD</label>
                            <label class="input"> <i class="icon-append fa fa-lock"></i>
                                <input id="password" type="password" name="password" class="form-control">
-                                        <b class="tooltip tooltip-top-right"><i class="fa fa-lock txt-color-teal"></i> ISI DENGAN PASSWORD ANDA</b> </label>
+                                <b class="tooltip tooltip-top-right"><i class="fa fa-lock txt-color-teal"></i> ISI
+                                    DENGAN PASSWORD ANDA</b> </label>
                            <div class="note">
                                <a id="lupa" name="lupa"
                                   href="${home}/reset-password">Lupa Password?</a>
@@ -100,10 +103,17 @@
                            </button>
                            <div class="clearfix"></div>
                        </div>
-                                <div
+                        <!--?                        <div-->
-                                    style="margin-top:10px;" tal:condition="request.google_signin_client_id and allow_register(request)"
+                        <!--?                                style="margin-top:10px;" tal:condition="request.google_signin_client_id and allow_register(request)"-->
-                                    class="g-signin2 text-center"
+                        <!--?                                class="g-signin2 text-center"-->
-                                    data-onsuccess="onSignIn">
+                        <!--?                                data-onsuccess="onSignIn">handleCredentialResponse-->
+                        <!--?                        </div>-->
+                        <div tal:condition="request.google_signin_client_id and allow_register(request)">
+                            <div id="g_id_onload"
+                                 data-client_id="${request.google_signin_client_id}"
+                                 data-callback="onSignIn">
+                            </div>
+                            <div class="g_id_signin" data-type="standard"></div>
                        </div>
                    </footer>
@@ -113,26 +123,33 @@
            </div>
        </div>
    </div>
-        </div>
+</div>
-        <!-- Bootstrap core JavaScript
+<!-- Bootstrap core JavaScript
-        ================================================== -->
+================================================== -->
-        <!-- Placed at the end of the document so the pages load faster -->
+<!-- Placed at the end of the document so the pages load faster -->
-        <script type="text/javascript" src="${home}/deform_static/scripts/jquery-2.0.3.min.js"></script>
+<script type="text/javascript" src="${home}/deform_static/scripts/jquery-2.0.3.min.js"></script>
-        <script type="text/javascript" src="${home}/deform_static/scripts/bootstrap.min.js"></script>
+<script type="text/javascript" src="${home}/deform_static/scripts/bootstrap.min.js"></script>
-        <script type="text/javascript" src="${home}/deform_static/scripts/deform.js"></script>
+<script type="text/javascript" src="${home}/deform_static/scripts/deform.js"></script>
-        <script tal:condition="request.google_signin_client_id"
+<!--?        <script tal:condition="request.google_signin_client_id"-->
-                src="https://apis.google.com/js/platform.js" async defer></script>
+<!--?                src="https://apis.google.com/js/platform.js" async defer></script>-->
-        <script tal:condition="request.google_signin_client_id">
+<script tal:condition="request.google_signin_client_id"
+        src="https://accounts.google.com/gsi/client" async defer></script>
+<script tal:condition="request.google_signin_client_id">
    function onSignIn(googleUser) {
-              var profile = googleUser.getBasicProfile();
+        // var profile = googleUser.getBasicProfile();
        // console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
        // console.log('Name: ' + profile.getName());
        // console.log('Image URL: ' + profile.getImageUrl());
        // console.log('Email: ' + profile.getEmail()); // This is null if the 'email' scope is not present.
-              var id_token = googleUser.getAuthResponse().id_token;
+        //getId(), getName(), getGivenName(), getFamilyName(), getImageUrl(), getEmail() methods, and
+        console.log(googleUser);
+        // console.log(googleUser.getId());
+        // console.log(googleUser.getName());
+        // var id_token = googleUser.getAuthResponse().id_token;
        document.getElementById('provider_name').value = "google";
-              document.getElementById('id_token').value = id_token;
+        document.getElementById('id_token').value = JSON.stringify(googleUser);
        document.getElementById("deform").submit();
        // var xhr = new XMLHttpRequest();
@@ -145,15 +162,15 @@
    }
-            $( document ).ready(function() {
+    $(document).ready(function () {
-              $("form#deform").keypress(function(event) {
+        $("form#deform").keypress(function (event) {
            var keycode = (event.keyCode ? event.keyCode : event.which);
-                  if(keycode == '13'){
+            if (keycode == '13') {
                event.preventDefault();
                $("button#login-btn").click();
            }
        });
    });
-        </script>
+</script>
-    </body>
+</body>
 </html>
--- a/opensipkd/base/views/templates/register.pt
+++ b/opensipkd/base/views/templates/register.pt
-<html metal:use-macro="load: form_input.pt">
+<html metal:use-macro="load: form_input.pt"
+tal:define="home request.route_url('home')[:-1];">
 <div metal:fill-slot="scripts">
    <script>
        $(document).ready(function () {
@@ -11,7 +13,6 @@
                });
            });
        });
    </script>
 </div>

--- a/opensipkd/base/views/user.py
+++ b/opensipkd/base/views/user.py
@@ -6,6 +6,7 @@ import transaction
 from datatables import (ColumnDT, DataTables, )
 from deform import (Form, widget, ValidationFailure, Button, )
 # from sqlalchemy.exc import IntegrityErrortpl
+from sqlalchemy.exc import IntegrityError
 from opensipkd.tools import create_now
 from opensipkd.tools.buttons import btn_cancel, btn_save, btn_close

--- a/opensipkd/base/views/user_login.py
+++ b/opensipkd/base/views/user_login.py
@@ -122,23 +122,23 @@ def view_login(request):
        return r
    elif "provider_name" in request.params and request.params["provider_name"]:
-        # checking jika mengggunakan openid seperti google atau facebook
        provider_name = request.params["provider_name"]
        if provider_name == "google":
            from .base_google import googlesignin
            # user = googlesignin(request)
-            try:
            id_info = googlesignin(request)
            request.session["id_info"] = id_info
+            try:
+                pass
            except ValueError as e:
                request.session.flash(e, 'error')
                raise HTTPNotFound
        else:
            id_info = None
        user = id_info and ExternalIdentityService. \
            user_by_external_id_and_provider(id_info['sub'], id_info['iss'])
        if id_info and not user:
            request.session.flash('Silahkan Melakukan Registrasi')
            return HTTPFound(location=request.route_url('register-external'))