Merge pull request #64 from auth0-samples/sdk-3183

Author: evansims

01-Login/.env.example

@@ -1,5 +1,3 @@
 AUTH0_CLIENT_ID={CLIENT_ID}
 AUTH0_DOMAIN={DOMAIN}
-AUTH0_CLIENT_SECRET={CLIENT_SECRET}
-AUTH0_CALLBACK_URL=http://localhost:3000/callback
-AUTH0_AUDIENCE=
+APP_SECRET_KEY=ALongRandomlyGeneratedString

01-Login/README.md

@@ -4,16 +4,16 @@ This sample demonstrates how to add authentication to a Python web app using Aut
 
 # Running the App
 
-To run the sample, make sure you have `python` and `pip` installed.
+To run the sample, make sure you have `python3` and `pip` installed.
 
 Rename `.env.example` to `.env` and populate it with the client ID, domain, secret, callback URL and audience for your
-Auth0 app. If you are not implementing any API you can use `https://YOUR_DOMAIN.auth0.com/userinfo` as the audience. 
+Auth0 app. If you are not implementing any API you can use `https://YOUR_DOMAIN.auth0.com/userinfo` as the audience.
 Also, add the callback URL to the settings section of your Auth0 client.
 
-Register `http://localhost:3000/callback` as `Allowed Callback URLs` and `http://localhost:3000` 
+Register `http://localhost:3000/callback` as `Allowed Callback URLs` and `http://localhost:3000`
 as `Allowed Logout URLs` in your client settings.
 
-Run `pip install -r requirements.txt` to install the dependencies and run `python server.py`. 
+Run `pip install -r requirements.txt` to install the dependencies and run `python server.py`.
 The app will be served at [http://localhost:3000/](http://localhost:3000/).
 
 # Running the App with Docker
@@ -24,15 +24,15 @@ To run the sample with [Docker](https://www.docker.com/), make sure you have `do
 
 Rename the .env.example file to .env, change the environment variables, and register the URLs as explained [previously](#running-the-app).
 
-Run `sh exec.sh` to build and run the docker image in Linux or run `.\exec.ps1` to build 
+Run `sh exec.sh` to build and run the docker image in Linux or run `.\exec.ps1` to build
 and run the docker image on Windows.
 
 ## What is Auth0?
 
 Auth0 helps you to:
 
 * Add authentication with [multiple authentication sources](https://auth0.com/docs/identityproviders),
-either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others**,or 
+either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others**,or
 enterprise identity systems like **Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider**.
 * Add authentication through more traditional **[username/password databases](https://docs.auth0.com/mysql-connection-tutorial)**.
 * Add support for **[linking different user accounts](https://auth0.com/docs/link-accounts)** with the same user.
@@ -49,7 +49,7 @@ enterprise identity systems like **Windows Azure AD, Google Apps, Active Directo
 ## Issue Reporting
 
 If you have found a bug or if you have a feature request, please report them at this repository issues section.
-Please do not report security vulnerabilities on the public GitHub issue tracker. 
+Please do not report security vulnerabilities on the public GitHub issue tracker.
 The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
 
 ## Author
@@ -58,4 +58,4 @@ The [Responsible Disclosure Program](https://auth0.com/whitehat) details the pro
 
 ## License
 
-This project is licensed under the MIT license. See the [LICENSE](LICENCE) file for more info.
+This project is licensed under the MIT license. See the [LICENSE](../LICENSE) file for more info.

01-Login/constants.py

@@ -1,5 +1,4 @@
-flask
-python-dotenv
-requests
-authlib>=0.14.1
-six
+flask>=2.0.3
+python-dotenv>=0.19.2
+authlib>=1.0
+requests>=2.27.1

01-Login/public/app.css

@@ -1,110 +1,74 @@
 """Python Flask WebApp Auth0 integration example
 """
-from functools import wraps
+
 import json
 from os import environ as env
-from werkzeug.exceptions import HTTPException
-
-from dotenv import load_dotenv, find_dotenv
-from flask import Flask
-from flask import jsonify
-from flask import redirect
-from flask import render_template
-from flask import session
-from flask import url_for
-from authlib.integrations.flask_client import OAuth
-from six.moves.urllib.parse import urlencode
+from urllib.parse import quote_plus, urlencode
 
-import constants
+from authlib.integrations.flask_client import OAuth
+from dotenv import find_dotenv, load_dotenv
+from flask import Flask, redirect, render_template, session, url_for
 
 ENV_FILE = find_dotenv()
 if ENV_FILE:
     load_dotenv(ENV_FILE)
 
-AUTH0_CALLBACK_URL = env.get(constants.AUTH0_CALLBACK_URL)
-AUTH0_CLIENT_ID = env.get(constants.AUTH0_CLIENT_ID)
-AUTH0_CLIENT_SECRET = env.get(constants.AUTH0_CLIENT_SECRET)
-AUTH0_DOMAIN = env.get(constants.AUTH0_DOMAIN)
-AUTH0_BASE_URL = 'https://' + AUTH0_DOMAIN
-AUTH0_AUDIENCE = env.get(constants.AUTH0_AUDIENCE)
-
-app = Flask(__name__, static_url_path='/public', static_folder='./public')
-app.secret_key = constants.SECRET_KEY
-app.debug = True
-
-
-@app.errorhandler(Exception)
-def handle_auth_error(ex):
-    response = jsonify(message=str(ex))
-    response.status_code = (ex.code if isinstance(ex, HTTPException) else 500)
-    return response
+app = Flask(__name__)
+app.secret_key = env.get("APP_SECRET_KEY")
 
 
 oauth = OAuth(app)
 
-auth0 = oauth.register(
-    'auth0',
-    client_id=AUTH0_CLIENT_ID,
-    client_secret=AUTH0_CLIENT_SECRET,
-    api_base_url=AUTH0_BASE_URL,
-    access_token_url=AUTH0_BASE_URL + '/oauth/token',
-    authorize_url=AUTH0_BASE_URL + '/authorize',
+oauth.register(
+    "auth0",
+    client_id=env.get("AUTH0_CLIENT_ID"),
     client_kwargs={
-        'scope': 'openid profile email',
+        "scope": "openid profile email",
     },
+    server_metadata_url=f'https://{env.get("AUTH0_DOMAIN")}/.well-known/openid-configuration',
 )
 
 
-def requires_auth(f):
-    @wraps(f)
-    def decorated(*args, **kwargs):
-        if constants.PROFILE_KEY not in session:
-            return redirect('/login')
-        return f(*args, **kwargs)
-
-    return decorated
-
-
 # Controllers API
-@app.route('/')
+@app.route("/")
 def home():
-    return render_template('home.html')
+    return render_template(
+        "home.html",
+        session=session.get("user"),
+        pretty=json.dumps(session.get("user"), indent=4),
+    )
 
 
-@app.route('/callback')
-def callback_handling():
-    auth0.authorize_access_token()
-    resp = auth0.get('userinfo')
-    userinfo = resp.json()
+@app.route("/callback", methods=["GET", "POST"])
+def callback():
+    token = oauth.auth0.authorize_access_token()
+    session["user"] = token
+    return redirect("/")
 
-    session[constants.JWT_PAYLOAD] = userinfo
-    session[constants.PROFILE_KEY] = {
-        'user_id': userinfo['sub'],
-        'name': userinfo['name'],
-        'picture': userinfo['picture']
-    }
-    return redirect('/dashboard')
 
-
-@app.route('/login')
+@app.route("/login")
 def login():
-    return auth0.authorize_redirect(redirect_uri=AUTH0_CALLBACK_URL, audience=AUTH0_AUDIENCE)
+    return oauth.auth0.authorize_redirect(
+        redirect_uri=url_for("callback", _external=True)
+    )
 
 
-@app.route('/logout')
+@app.route("/logout")
 def logout():
     session.clear()
-    params = {'returnTo': url_for('home', _external=True), 'client_id': AUTH0_CLIENT_ID}
-    return redirect(auth0.api_base_url + '/v2/logout?' + urlencode(params))
-
-
-@app.route('/dashboard')
-@requires_auth
-def dashboard():
-    return render_template('dashboard.html',
-                           userinfo=session[constants.PROFILE_KEY],
-                           userinfo_pretty=json.dumps(session[constants.JWT_PAYLOAD], indent=4))
+    return redirect(
+        "https://"
+        + env.get("AUTH0_DOMAIN")
+        + "/v2/logout?"
+        + urlencode(
+            {
+                "returnTo": url_for("home", _external=True),
+                "client_id": env.get("AUTH0_CLIENT_ID"),
+            },
+            quote_via=quote_plus,
+        )
+    )
 
 
 if __name__ == "__main__":
-    app.run(host='0.0.0.0', port=env.get('PORT', 3000))
+    app.run(host="0.0.0.0", port=env.get("PORT", 3000))

01-Login/requirements.txt

@@ -1,24 +1,16 @@
 <html>
-    <head>
-
-        <meta name="viewport" content="width=device-width, initial-scale=1">
-
-        <!-- font awesome from BootstrapCDN -->
-        <link href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" rel="stylesheet">
-        <link href="//maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css" rel="stylesheet">
-
-        <link href="/public/app.css" rel="stylesheet">
-    </head>
-    <body class="home">
-        <div class="container">
-            <div class="login-page clearfix">
-              <div class="login-box auth0-box before">
-                <img src="https://i.cloudup.com/StzWWrY34s.png" />
-                <h3>Auth0 Example</h3>
-                <p>Zero friction identity infrastructure, built for developers</p>
-                <a id="qsLoginBtn" class="btn btn-primary btn-lg btn-login btn-block" href="/login">Log In</a>
-              </div>
-            </div>
-        </div>
-    </body>
+  <head>
+    <meta charset="utf-8" />
+    <title>Auth0 Example</title>
+  </head>
+  <body>
+    {% if session %}
+    <h1>Welcome {{session.userinfo.name}}!</h1>
+    <p><a href="/logout">Logout</a></p>
+    <div><pre>{{pretty}}</pre></div>
+    {% else %}
+    <h1>Welcome Guest</h1>
+    <p><a href="/login">Login</a></p>
+    {% endif %}
+  </body>
 </html>