diff --git a/portal/rest/auth/gitlab.py b/portal/rest/auth/gitlab.py
index 485a99f855994e19691c86dbd2bc71746902e51c..0d252137070dec2cab166503b85955423af34e26 100644
--- a/portal/rest/auth/gitlab.py
+++ b/portal/rest/auth/gitlab.py
@@ -1,10 +1,11 @@
import logging
from typing import Union
-from flask import Flask, Response, make_response, redirect, request, session, url_for
+from flask import Flask, Response, make_response, redirect, request, session
from flask_oauthlib.client import OAuth, OAuthRemoteApp
from flask_restplus import Namespace, Resource
from portal import oauth
+from portal.rest import rest_api
from portal.service import general
from portal.service.users import create_user
@@ -23,7 +24,7 @@ def extract_user_info(me: dict) -> dict:
)
-def gitlab_enabled(app: Flask)-> bool:
+def gitlab_enabled(app: Flask) -> bool:
return app.config.get('GITLAB_URL') and \
app.config.get('GITLAB_CLIENT_ID') and \
app.config.get('GITLAB_CLIENT_SECRET')
@@ -54,13 +55,12 @@ gitlab = create_gitlab_app(oauth_app=oauth)
@oauth_namespace.route('/login')
class OAuthLogin(Resource):
-
def get(self):
if not gitlab:
return {'message': 'Gitlab OAuth is not enabled'}, 404
- callback = url_for('oauth.oauth_authorized',
- _external=True, _scheme='https')
+ callback = rest_api.url_for(OAuthLoginAuthorized, _external=True)
+
log.debug(f"Callback set: {callback}")
return gitlab.authorize(callback=callback)
@@ -88,7 +88,6 @@ def user_login(user_info) -> Response:
@oauth_namespace.route('/login/authorized')
class OAuthLoginAuthorized(Resource):
-
def get(self):
if not gitlab:
return {'message': 'Gitlab OAuth is not enabled'}, 404
diff --git a/portal/rest/auth/login.py b/portal/rest/auth/login.py
index 98f2c4339f3538e7043f7d7b2e107f745f081e81..2b980f3c277a9c55efe24a809fab9ebb399e0170 100644
--- a/portal/rest/auth/login.py
+++ b/portal/rest/auth/login.py
@@ -6,6 +6,7 @@ from flask_restplus import Namespace, Resource, fields
from portal import jwt
from portal.database.models import Component, User
+from portal.rest import rest_api
from portal.service import general
from portal.service.auth import login_component, login_user
from portal.service.errors import PortalAPIError, UnauthorizedError
@@ -18,16 +19,16 @@ login_schema = auth_namespace.model('LoginSchema', {
'id': fields.String,
'access_token': fields.String,
'refresh_token': fields.String
-})
+ })
refresh_schema = auth_namespace.model('RefreshSchema', {
'refresh_token': fields.String
-})
+ })
logout_schema = auth_namespace.model('LogoutSchema', {
'access_token': fields.String,
'refresh_token': fields.String
-})
+ })
@jwt.user_claims_loader
@@ -77,7 +78,7 @@ def _create_tokens(client) -> dict:
id=client_id,
access_token=create_access_token(identity=client_id),
refresh_token=create_refresh_token(identity=client_id)
- )
+ )
@auth_namespace.route('/login')
diff --git a/portal/service/users.py b/portal/service/users.py
index 528e03a619f9b4ab2817130d2c1d0fbd4d869aec..a17e1f63cd59c2488744e711bb5560927be2787e 100644
--- a/portal/service/users.py
+++ b/portal/service/users.py
@@ -32,10 +32,9 @@ def create_user(**data) -> User:
data['is_admin'] = data.get('is_admin', False)
username = data['username']
new_user = User(username=username)
- __set_user_data(new_user, data, True)
-
if data['uco'] is None and ldap_wrapper.is_enabled:
- new_user.uco = ldap_get_uco_for_user(username)
+ data['uco'] = ldap_get_uco_for_user(username)
+ __set_user_data(new_user, data, True)
emails.notify_user(new_user, 'users', 'created',
context=dict(username=username))
@@ -54,7 +53,7 @@ def ldap_get_uco_for_user(username: str) -> int:
if not user_dict:
return 0
desc = user_dict[0]['description']
- uco = [u for u in desc if u.startswith('UCO=')]
+ uco = [str(u) for u in desc if str(u).startswith('UCO=')]
if not uco:
return 0
return int(uco[0][4:])