diff --git a/admin/docker/requirements.pip3 b/admin/docker/requirements.pip3
index c2479e8..20b018a 100644
--- a/admin/docker/requirements.pip3
+++ b/admin/docker/requirements.pip3
@@ -25,4 +25,6 @@ diceware==0.9.6
python-engineio==3.8.1
python-socketio==4.1.0
-minio==7.0.3
\ No newline at end of file
+minio==7.0.3
+
+flask-oidc==1.4.0
\ No newline at end of file
diff --git a/admin/src/admin/auth/authentication.py b/admin/src/admin/auth/authentication.py
index a0fd35f..3b656d2 100644
--- a/admin/src/admin/auth/authentication.py
+++ b/admin/src/admin/auth/authentication.py
@@ -1,12 +1,34 @@
from admin import app
from flask_login import LoginManager, UserMixin
-import os
-
+from flask_login import login_required
+from flask_oidc import OpenIDConnect
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "login"
+app.config.update({
+ 'SECRET_KEY': 'u\x91\xcf\xfa\x0c\xb9\x95\xe3t\xba2K\x7f\xfd\xca\xa3\x9f\x90\x88\xb8\xee\xa4\xd6\xe4',
+ 'TESTING': True,
+ 'DEBUG': True,
+ 'OIDC_CLIENT_SECRETS': 'client_secrets.json',
+ 'OIDC_ID_TOKEN_COOKIE_SECURE': False,
+ 'OIDC_REQUIRE_VERIFIED_EMAIL': False,
+ 'OIDC_VALID_ISSUERS': ['https://sso.santantoni.duckdns.org:8080/auth/realms/master'],
+ 'OIDC_OPENID_REALM': 'https://sso.santantoni.duckdns.org/isard-sso-admin/custom_callback',
+ 'OVERWRITE_REDIRECT_URI': 'https://sso.santantoni.duckdns.org/isard-sso-admin/custom_callback',
+})
+ # 'OVERWRITE_REDIRECT_URI': 'https://sso.santantoni.duckdns.org/isard-sso-admin/custom_callback',
+ # 'OIDC_CALLBACK_ROUTE': '/isard-sso-admin/custom_callback'
+oidc = OpenIDConnect(app)
+
+import os
+
+# login_manager = LoginManager()
+# login_manager.init_app(app)
+login_manager.login_view = "login"
+
+
ram_users={
os.environ["ADMINAPP_USER"]: {
'id': os.environ["ADMINAPP_USER"],
diff --git a/admin/src/admin/views/MenuViews.py b/admin/src/admin/views/MenuViews.py
index d3f99e6..09e1e07 100644
--- a/admin/src/admin/views/MenuViews.py
+++ b/admin/src/admin/views/MenuViews.py
@@ -17,6 +17,36 @@ from pprint import pprint
# close_room, rooms, disconnect, send
# socketio = SocketIO(app)
+# from flask_login import login_required
+# from flask_oidc import OpenIDConnect
+
+from ..auth.authentication import oidc
+
+@app.route('/isard-sso-admin/custom_callback')
+@oidc.custom_callback
+def callback(data):
+ return 'Hello. You submitted %s' % data
+
+@app.route('/isard-sso-admin/private')
+@oidc.require_login
+def hello_me():
+ info = oidc.user_getinfo(['email', 'openid_id'])
+ return ('Hello, %s (%s)! Return' %
+ (info.get('email'), info.get('openid_id')))
+
+
+@app.route('/isard-sso-admin/api')
+@oidc.accept_token(True, ['openid'])
+def hello_api():
+ return json.dumps({'hello': 'Welcome %s' % g.oidc_token_info['sub']})
+
+
+@app.route('/isard-sso-admin/logout')
+def logoutoidc():
+ oidc.logout()
+ return 'Hi, you have been logged out! Return'
+
+
@app.route('/isard-sso-admin/resync')
@login_required
def resync():
diff --git a/admin/src/client_secrets.json b/admin/src/client_secrets.json
new file mode 100644
index 0000000..05873dd
--- /dev/null
+++ b/admin/src/client_secrets.json
@@ -0,0 +1,13 @@
+{
+ "web": {
+ "auth_uri": "https://sso.santantoni.duckdns.org/auth/realms/master/protocol/openid-connect/auth",
+ "client_id": "adminapp",
+ "client_secret": "8a9e5a2e-3be9-43e3-9c47-1796f0d5ab72",
+ "redirect_uris": [
+ "https://sso.santantoni.duckdns.org/isard-sso-admin/custom_callback"
+ ],
+ "userinfo_uri": "https://sso.santantoni.duckdns.org/auth/realms/master/protocol/openid-connect/userinfo",
+ "token_uri": "https://sso.santantoni.duckdns.org/auth/realms/master/protocol/openid-connect/token",
+ "token_introspection_uri": "https://sso.santantoni.duckdns.org/auth/realms/master/protocol/openid-connect/token/introspect"
+ }
+}
\ No newline at end of file
diff --git a/admin/src/start.py b/admin/src/start.py
index 571ac3d..45e69cb 100644
--- a/admin/src/start.py
+++ b/admin/src/start.py
@@ -13,7 +13,10 @@ from admin import app
# from admin.views.Socketio import *
+
+
app.socketio = SocketIO(app)
+
# app.socketio.init_app(app, cors_allowed_origins="*")
@app.socketio.on('connect', namespace='/isard-sso-admin/sio')
def socketio_connect():
@@ -33,4 +36,6 @@ def socketio_domains_disconnect():
None
if __name__ == '__main__':
- app.socketio.run(app,host='0.0.0.0', port=9000, debug=False, cors_allowed_origins="*", async_mode="threading") #, logger=logger, engineio_logger=engineio_logger)
+ app.socketio.run(app,host='0.0.0.0', port=9000, debug=False, cors_allowed_origins="*", ssl_context='adhoc', async_mode="threading") #, logger=logger, engineio_logger=engineio_logger)
+
+# /usr/lib/python3.8/site-packages/certifi
\ No newline at end of file