mirror of
https://github.com/apache/superset.git
synced 2026-04-10 03:45:22 +00:00
89 lines
3.4 KiB
Python
89 lines
3.4 KiB
Python
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from datetime import datetime, timedelta
|
|
from functools import partial
|
|
from typing import cast
|
|
|
|
from superset.commands.base import BaseCommand
|
|
from superset.commands.database.exceptions import DatabaseNotFoundError
|
|
from superset.daos.database import DatabaseUserOAuth2TokensDAO
|
|
from superset.databases.schemas import OAuth2ProviderResponseSchema
|
|
from superset.exceptions import OAuth2Error
|
|
from superset.models.core import Database, DatabaseUserOAuth2Tokens
|
|
from superset.superset_typing import OAuth2State
|
|
from superset.utils.decorators import on_error, transaction
|
|
from superset.utils.oauth2 import decode_oauth2_state
|
|
|
|
|
|
class OAuth2StoreTokenCommand(BaseCommand):
|
|
"""
|
|
Command to store OAuth2 tokens in the database.
|
|
"""
|
|
|
|
def __init__(self, parameters: OAuth2ProviderResponseSchema):
|
|
self._parameters = parameters
|
|
self._state: OAuth2State | None = None
|
|
self._database: Database | None = None
|
|
|
|
@transaction(on_error=partial(on_error, reraise=OAuth2Error))
|
|
def run(self) -> DatabaseUserOAuth2Tokens:
|
|
self.validate()
|
|
self._database = cast(Database, self._database)
|
|
self._state = cast(OAuth2State, self._state)
|
|
|
|
oauth2_config = self._database.get_oauth2_config()
|
|
if oauth2_config is None:
|
|
raise OAuth2Error("No configuration found for OAuth2")
|
|
|
|
token_response = self._database.db_engine_spec.get_oauth2_token(
|
|
oauth2_config,
|
|
self._parameters["code"],
|
|
)
|
|
|
|
# delete old tokens
|
|
if existing := DatabaseUserOAuth2TokensDAO.find_one_or_none(
|
|
user_id=self._state["user_id"],
|
|
database_id=self._state["database_id"],
|
|
):
|
|
DatabaseUserOAuth2TokensDAO.delete([existing])
|
|
|
|
# store tokens
|
|
expiration = datetime.now() + timedelta(seconds=token_response["expires_in"])
|
|
return DatabaseUserOAuth2TokensDAO.create(
|
|
attributes={
|
|
"user_id": self._state["user_id"],
|
|
"database_id": self._state["database_id"],
|
|
"access_token": token_response["access_token"],
|
|
"access_token_expiration": expiration,
|
|
"refresh_token": token_response.get("refresh_token"),
|
|
},
|
|
)
|
|
|
|
def validate(self) -> None:
|
|
if error := self._parameters.get("error"):
|
|
raise OAuth2Error(error)
|
|
|
|
self._state = decode_oauth2_state(self._parameters["state"])
|
|
|
|
if database := DatabaseUserOAuth2TokensDAO.get_database(
|
|
self._state["database_id"]
|
|
):
|
|
self._database = database
|
|
else:
|
|
raise DatabaseNotFoundError("Database not found")
|