Mock Basic Authentication

Author: vkrizan

crcmocks/auth.py

@@ -0,0 +1,32 @@
+#!/usr/env/bin python
+import logging
+
+from flask import Blueprint
+from flask.json import jsonify
+from flask_httpauth import HTTPBasicAuth
+from keycloak.exceptions import KeycloakAuthenticationError
+
+import crcmocks.config as conf
+from crcmocks.keycloak_helper import kc_helper
+
+blueprint = Blueprint("auth", __name__)
+log = logging.getLogger(__name__)
+auth = HTTPBasicAuth()
+
+
+@blueprint.route("/v1/auth", methods=["GET"])
+def mock_basic_auth():
+    if not conf.KEYCLOAK:
+        return "keycloak integration disabled", 404
+
+    creds = auth.get_auth()
+
+    # https://github.com/RedHatInsights/insights-3scale/blob/master/build/docker-assets/src/insights/identity.lua#L93
+    try:
+        token = kc_helper.openid.token(creds['username'], creds['password'])
+    except KeycloakAuthenticationError:
+        return "Unauthorized", 401
+
+    userinfo = kc_helper.openid.userinfo(token['access_token'])
+
+    return jsonify({ 'user': userinfo })

crcmocks/main.py

@@ -8,6 +8,7 @@
 
 import crcmocks.config as conf
 import crcmocks.db
+from crcmocks.auth import blueprint as auth_bp
 from crcmocks.bop import blueprint as bop_bp
 from crcmocks.entitlements import blueprint as entitlements_bp
 from crcmocks.initializer import initialize
@@ -22,6 +23,7 @@
 
 app = Flask(__name__)
 app.config["SECRET_KEY"] = conf.SECRET_KEY
+app.register_blueprint(auth_bp)
 app.register_blueprint(bop_bp, url_prefix="/api/bop")
 app.register_blueprint(entitlements_bp, url_prefix="/api/entitlements")
 app.register_blueprint(rbac_bp, url_prefix="/api/rbac")

requirements.txt

@@ -5,3 +5,4 @@ flask_wtf
 requests
 tinydb
 ocviapy>=0.2.2
+Flask-HTTPAuth