Pass the configuration options in init_app
#171
Comments
|
RuntimeError: Working outside of application context.
This typically means that you attempted to use functionality that needed
the current application. To solve this, set up an application context
with app.app_context(). See the documentation for more information.So, this line 👇 won't work: >>> current_app.init_app({"default": user_provider_configuration})You need access to the ...
post_logout_redirect_uris=url_for("endpoints.logout", _external=True),
...This 👆 won't work and not even this 👇: with app.app_context():
...
post_logout_redirect_uris=url_for("endpoints.logout", _external=True)
...This is because in order for the You need to restructure your code:
|
|
Thank you for your answer. In my original post I actually oversimplified my actual code to get to the point. My real usecase has a setup closer to the run.py/auth.py/views.py you describe. The issue I have with your example is that the
This is why I suggest to pass the To be able to use views.pyfrom flask import Blueprint
from auth import auth
bp = Blueprint("endpoints", __name__)
@bp.get("/")
def index():
return "hello flask"
@bp.get("/logout")
@auth.oidc_logout
def logout():
return "You have been logged out!"run.pyfrom flask_pyoidc import OIDCAuthentication
from flask_pyoidc.provider_configuration import ClientMetadata, ProviderConfiguration
app = Flask(__name__)
auth = OIDCAuthentication({"default": None})
def setup_auth(app):
with app.app_context():
logout_url = url_for("myendpoint.logout", _external=True)
client_metadata = ClientMetadata(
client_id="client123",
client_secret="some_secret123",
post_logout_redirect_uris=[logout_url]
)
default_provider_config = ProviderConfiguration(issuer="https://idp.example.com", client_metadata=client_metadata)
auth._provider_configurations = {
"default": default_provider_configuration,
}
auth.init_app(app)
def create_app():
app.register_blueprint(blueprint=bp)
setup_auth(app)
return app
if __name__ == "__main__":
create_app().run()The hacky part being I would love to be able to initialize flask-pyoidc this way: app = Flask(__name__)
auth = OIDCAuthentication()
def setup_auth(app):
...
auth.init_app(app, {
"default": default_provider_configuration,
})
... |
Addresses zamzterz#171 Instead of hardcoding complete post logout redirect URI, oidc_logout should be able to resolve URL from the endpoint name of the view function. We are already doing this for routes that are directly created on app instance. This feature extends the functionality for routes created by Bueprints.
|
I think the bigger problem was that there was no way to dynamically resolve post logout redirect URI when logout routes are created by blueprints. The linked PR resolves that problem so you won't have to specify |
|
Thank you putting efforts in helping me to find a solution. I really appreciate this 🙇 There is another thing I forgot to mention: some of the values passed to I really think the ideal solution would be to be able to initialize an This two-steps configuration is a common pattern among other libraries like flask-babel, flask-caching, flask-cors or authlib. This is an example of implementation in a project with huge quantities of legacy code I have no control over, including configuring the OIDC settings by the configuration: https://github.com/numerique-gouv/b3desk/blob/main/web/b3desk/__init__.py#L182-L220 |
I encounter issues when initializing flask-pyoidc and using
url_forto define callbacks URLs.There is a cycling dependency here, the
logoutendpoint needs aOIDCAuthenticationobject, that needs aProviderConfiguration, that callsurl_for, that needs the endpoint to be initialized.I think this can be mitigated by delaying the
ProviderConfigurationpart, for instance with the help ofinit_app. I suggest to pass the configuration options toinit_appso this would be valid:What do you think?
The text was updated successfully, but these errors were encountered: