Unify the AuthenticationMiddleware implementation

.github/workflows/eslint.yml

@@ -12,7 +12,9 @@ jobs:
     name: ESLint Check
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
+      with:
+        submodules: true
     - name: Install dependencies
       working-directory: ./react_frontend
       run: yarn

.github/workflows/pylint.yml

@@ -12,16 +12,18 @@ jobs:
     name: Get newest code and run pylint
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
-    - name: Set up Python 3.9
-      uses: actions/setup-python@v1
+      uses: actions/checkout@v4
       with:
-        python-version: 3.9
+        submodules: true
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: 3.11.4
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
         python -m pip install -r requirements.txt
         pip install pylint
     - name: Analysing the code with pylint
       run: |
-        python3 -m pylint `find . -type f | grep .py$ | grep -v tests/ | xargs` --disable=R0201,R0903
+        python3 -m pylint `find . -type f | grep .py$ | grep -v -e tests/ -e core_lib/ -e venv/ | xargs` --disable=R0903

.github/workflows/release.yml

@@ -12,7 +12,10 @@ jobs:
     name: Check for new commits
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          submodules: true
 
       - name: Get the newest hash and latest release hash
         id: tag_and_commit_hash_chech
@@ -93,8 +96,10 @@ jobs:
       with:
         node-version: '14'
 
-    - uses: actions/checkout@v2
+    - name: Checkout repository
+      uses: actions/checkout@v4
       with:
+        submodules: true
         path: ValDB
 
     - name: Save timestamp in release

.github/workflows/tslint.yml

@@ -12,7 +12,9 @@ jobs:
     name: TSLint Check
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
+      with:
+        submodules: true
     - name: Install dependencies
       working-directory: ./react_frontend
       run: yarn

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "core_lib"]
+	path = core_lib
+	url = https://github.com/cms-PdmV/PdmVWebCore.git

api/user.py

@@ -11,6 +11,7 @@
 from utils.logger import LoggerManager
 from core import Namespace
 from core.database import get_database
+from core_lib.middlewares.auth import UserInfo as MiddlewareUserInfo
 from data.group import get_all_groups
 from models.user import User, UserRole
 from lookup.user_group import UserGroupLookup
@@ -81,8 +82,9 @@ def get(self):
         '''
         Get current user info from request
         '''
-        email = session.get('user').get('email')
-        fullname = session.get('user').get('fullname')
+        user_data: MiddlewareUserInfo = session.get("user")
+        email = user_data.email
+        fullname = user_data.fullname
         _logger.info('Checking if user is already registered')
         existed_user = User.get_by_email(email=email)
         if not existed_user:

main.py

@@ -2,7 +2,6 @@
 Main module for valdb
 '''
 import os
-from werkzeug.middleware.proxy_fix import ProxyFix
 from flask import Flask, request, session, render_template
 from jinja2.exceptions import TemplateNotFound
 from flask_cors import CORS
@@ -12,7 +11,7 @@
 from api.static import serve_file
 from database.index import database_index_setup
 from lookup.user_group import UserGroupLookup
-from middlewares.auth import AuthenticationMiddleware
+from core_lib.middlewares.auth import AuthenticationMiddleware
 
 load_dotenv()
 
@@ -30,9 +29,6 @@
 # Set secret key for session cookie
 app.secret_key = os.getenv('SECRET_KEY')
 
-# Handle redirections from a reverse proxy
-app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1, x_host=1, x_prefix=1)
-
 # Enable CORS
 CORS(
     app,
@@ -41,13 +37,8 @@
 )
 
 # Enable OIDC authentication
-auth: AuthenticationMiddleware = AuthenticationMiddleware(
-    app=app,
-    client_id=os.getenv('CLIENT_ID'),
-    client_secret=os.getenv('CLIENT_SECRET'),
-    home_endpoint="catch_all"
-)
-app.before_request(lambda: auth(request=request, session=session))
+auth = AuthenticationMiddleware(app=app)
+app.before_request(lambda: auth.authenticate(request=request, flask_session=session))
 api.init_app(app)