Merge pull request auth0-samples#64 from auth0-samples/sdk-3183

Author: evansims

01-Login/.env.example

@@ -1,5 +1,3 @@
 AUTH0_CLIENT_ID={CLIENT_ID}
 AUTH0_DOMAIN={DOMAIN}
-AUTH0_CLIENT_SECRET={CLIENT_SECRET}
-AUTH0_CALLBACK_URL=http://localhost:3000/callback
-AUTH0_AUDIENCE=
+APP_SECRET_KEY=ALongRandomlyGeneratedString

01-Login/README.md

@@ -4,16 +4,16 @@ This sample demonstrates how to add authentication to a Python web app using Aut
 
 # Running the App
 
-To run the sample, make sure you have `python` and `pip` installed.
+To run the sample, make sure you have `python3` and `pip` installed.
 
 Rename `.env.example` to `.env` and populate it with the client ID, domain, secret, callback URL and audience for your
-Auth0 app. If you are not implementing any API you can use `https://YOUR_DOMAIN.auth0.com/userinfo` as the audience. 
+Auth0 app. If you are not implementing any API you can use `https://YOUR_DOMAIN.auth0.com/userinfo` as the audience.
 Also, add the callback URL to the settings section of your Auth0 client.
 
-Register `http://localhost:3000/callback` as `Allowed Callback URLs` and `http://localhost:3000` 
+Register `http://localhost:3000/callback` as `Allowed Callback URLs` and `http://localhost:3000`
 as `Allowed Logout URLs` in your client settings.
 
-Run `pip install -r requirements.txt` to install the dependencies and run `python server.py`. 
+Run `pip install -r requirements.txt` to install the dependencies and run `python server.py`.
 The app will be served at [http://localhost:3000/](http://localhost:3000/).
 
 # Running the App with Docker
@@ -24,15 +24,15 @@ To run the sample with [Docker](https://www.docker.com/), make sure you have `do
 
 Rename the .env.example file to .env, change the environment variables, and register the URLs as explained [previously](#running-the-app).
 
-Run `sh exec.sh` to build and run the docker image in Linux or run `.\exec.ps1` to build 
+Run `sh exec.sh` to build and run the docker image in Linux or run `.\exec.ps1` to build
 and run the docker image on Windows.
 
 ## What is Auth0?
 
 Auth0 helps you to:
 
 * Add authentication with [multiple authentication sources](https://auth0.com/docs/identityproviders),
-either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others**,or 
+either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others**,or
 enterprise identity systems like **Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider**.
 * Add authentication through more traditional **[username/password databases](https://docs.auth0.com/mysql-connection-tutorial)**.
 * Add support for **[linking different user accounts](https://auth0.com/docs/link-accounts)** with the same user.
@@ -49,7 +49,7 @@ enterprise identity systems like **Windows Azure AD, Google Apps, Active Directo
 ## Issue Reporting
 
 If you have found a bug or if you have a feature request, please report them at this repository issues section.
-Please do not report security vulnerabilities on the public GitHub issue tracker. 
+Please do not report security vulnerabilities on the public GitHub issue tracker.
 The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
 
 ## Author
@@ -58,4 +58,4 @@ The [Responsible Disclosure Program](https://auth0.com/whitehat) details the pro
 
 ## License
 
-This project is licensed under the MIT license. See the [LICENSE](LICENCE) file for more info.
+This project is licensed under the MIT license. See the [LICENSE](../LICENSE) file for more info.

01-Login/constants.py

@@ -1,5 +1,4 @@
-flask
-python-dotenv
-requests
-authlib>=0.14.1
-six
+flask>=2.0.3
+python-dotenv>=0.19.2
+authlib>=1.0
+requests>=2.27.1

01-Login/public/app.css

@@ -1,110 +1,74 @@
 """Python Flask WebApp Auth0 integration example
 """
-from functools import wraps
+
 import json
 from os import environ as env
-from werkzeug.exceptions import HTTPException
-
-from dotenv import load_dotenv, find_dotenv
-from flask import Flask
-from flask import jsonify
-from flask import redirect
-from flask import render_template
-from flask import session
-from flask import url_for
-from authlib.integrations.flask_client import OAuth
-from six.moves.urllib.parse import urlencode
+from urllib.parse import quote_plus, urlencode
 
-import constants
+from authlib.integrations.flask_client import OAuth
+from dotenv import find_dotenv, load_dotenv
+from flask import Flask, redirect, render_template, session, url_for
 
 ENV_FILE = find_dotenv()
 if ENV_FILE:
  load_dotenv(ENV_FILE)
 
-AUTH0_CALLBACK_URL = env.get(constants.AUTH0_CALLBACK_URL)
-AUTH0_CLIENT_ID = env.get(constants.AUTH0_CLIENT_ID)
-AUTH0_CLIENT_SECRET = env.get(constants.AUTH0_CLIENT_SECRET)
-AUTH0_DOMAIN = env.get(constants.AUTH0_DOMAIN)
-AUTH0_BASE_URL = 'https://' + AUTH0_DOMAIN
-AUTH0_AUDIENCE = env.get(constants.AUTH0_AUDIENCE)
-
-app = Flask(__name__, static_url_path='/public', static_folder='./public')
-app.secret_key = constants.SECRET_KEY
-app.debug = True
-
-
-@app.errorhandler(Exception)
-def handle_auth_error(ex):
- response = jsonify(message=str(ex))
- response.status_code = (ex.code if isinstance(ex, HTTPException) else 500)
- return response
+app = Flask(__name__)
+app.secret_key = env.get("APP_SECRET_KEY")
 
 
 oauth = OAuth(app)
 
-auth0 = oauth.register(
- 'auth0',
- client_id=AUTH0_CLIENT_ID,
- client_secret=AUTH0_CLIENT_SECRET,
- api_base_url=AUTH0_BASE_URL,
- access_token_url=AUTH0_BASE_URL + '/oauth/token',
- authorize_url=AUTH0_BASE_URL + '/authorize',
+oauth.register(
+ "auth0",
+ client_id=env.get("AUTH0_CLIENT_ID"),
  client_kwargs={
- 'scope': 'openid profile email',
+ "scope": "openid profile email",
  },
+ server_metadata_url=f'https://{env.get("AUTH0_DOMAIN")}/.well-known/openid-configuration',
 )
 
 
-def requires_auth(f):
- @wraps(f)
- def decorated(*args, **kwargs):
- if constants.PROFILE_KEY not in session:
- return redirect('/login')
- return f(*args, **kwargs)
-
- return decorated
-
-
 # Controllers API
-@app.route('/')
+@app.route("/")
 def home():
- return render_template('home.html')
+ return render_template(
+ "home.html",
+ session=session.get("user"),
+ pretty=json.dumps(session.get("user"), indent=4),
+ )
 
 
-@app.route('/callback')
-def callback_handling():
- auth0.authorize_access_token()
- resp = auth0.get('userinfo')
- userinfo = resp.json()
+@app.route("/callback", methods=["GET", "POST"])
+def callback():
+ token = oauth.auth0.authorize_access_token()
+ session["user"] = token
+ return redirect("/")
 
- session[constants.JWT_PAYLOAD] = userinfo
- session[constants.PROFILE_KEY] = {
- 'user_id': userinfo['sub'],
- 'name': userinfo['name'],
- 'picture': userinfo['picture']
- }
- return redirect('/dashboard')
 
-
-@app.route('/login')
+@app.route("/login")
 def login():
- return auth0.authorize_redirect(redirect_uri=AUTH0_CALLBACK_URL, audience=AUTH0_AUDIENCE)
+ return oauth.auth0.authorize_redirect(
+ redirect_uri=url_for("callback", _external=True)
+ )
 
 
-@app.route('/logout')
+@app.route("/logout")
 def logout():
  session.clear()
- params = {'returnTo': url_for('home', _external=True), 'client_id': AUTH0_CLIENT_ID}
- return redirect(auth0.api_base_url + '/v2/logout?' + urlencode(params))
-
-
-@app.route('/dashboard')
-@requires_auth
-def dashboard():
- return render_template('dashboard.html',
- userinfo=session[constants.PROFILE_KEY],
- userinfo_pretty=json.dumps(session[constants.JWT_PAYLOAD], indent=4))
+ return redirect(
+ "https://"
+ + env.get("AUTH0_DOMAIN")
+ + "/v2/logout?"
+ + urlencode(
+ {
+ "returnTo": url_for("home", _external=True),
+ "client_id": env.get("AUTH0_CLIENT_ID"),
+ },
+ quote_via=quote_plus,
+ )
+ )
 
 
 if __name__ == "__main__":
- app.run(host='0.0.0.0', port=env.get('PORT', 3000))
+ app.run(host="0.0.0.0", port=env.get("PORT", 3000))

01-Login/requirements.txt

@@ -1,24 +1,16 @@
 <html>
- <head>
-
- <meta name="viewport" content="width=device-width, initial-scale=1">
-
- <!-- font awesome from BootstrapCDN -->
- <link href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" rel="stylesheet">
- <link href="//maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css" rel="stylesheet">
-
- <link href="/public/app.css" rel="stylesheet">
- </head>
- <body class="home">
- <div class="container">
- <div class="login-page clearfix">
- <div class="login-box auth0-box before">
- <img src="https://i.cloudup.com/StzWWrY34s.png" />
- <h3>Auth0 Example</h3>
- <p>Zero friction identity infrastructure, built for developers</p>
- <a id="qsLoginBtn" class="btn btn-primary btn-lg btn-login btn-block" href="/login">Log In</a>
- </div>
- </div>
- </div>
- </body>
+ <head>
+ <meta charset="utf-8" />
+ <title>Auth0 Example</title>
+ </head>
+ <body>
+ {% if session %}
+ <h1>Welcome {{session.userinfo.name}}!</h1>
+ <p><a href="/logout">Logout</a></p>
+ <div><pre>{{pretty}}</pre></div>
+ {% else %}
+ <h1>Welcome Guest</h1>
+ <p><a href="/login">Login</a></p>
+ {% endif %}
+ </body>
 </html>