-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathfake_mpapi.py
More file actions
130 lines (106 loc) · 3.45 KB
/
fake_mpapi.py
File metadata and controls
130 lines (106 loc) · 3.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#!/usr/bin/env python3
# /// script
# requires-python = ">=3.11"
# dependencies = ["flask"]
# ///
"""
Fake MPAPI server for local testing.
Usage:
uv run fake_mpapi.py [--port 8081]
Then set auth.mpapi.url = http://localhost:8081 in your development.ini.
"""
import argparse
import hashlib
import uuid
from urllib.parse import urlencode, urlparse, parse_qs
from flask import Flask, request, redirect, jsonify, abort
app = Flask(__name__)
# In-memory ticket store: {ticket: username}
tickets: dict[str, str] = {}
def fake_uid(username: str) -> int:
"""Generate a stable fake uidNumber from the username."""
return int(hashlib.md5(username.encode()).hexdigest()[:8], 16)
def user_attributes(username: str) -> dict:
return {
"uidNumber": fake_uid(username),
"first": username.capitalize(),
"sn": "Testuser",
"mail": f"{username}@mines.edu",
}
@app.get("/sso")
def sso_form():
return_url = request.args.get("return", "/")
return f"""
<!doctype html>
<html>
<head><title>Fake MPAPI Login</title>
<style>
body {{ font-family: sans-serif; max-width: 400px; margin: 4rem auto; }}
input, button {{ display: block; width: 100%; padding: 0.5rem; margin: 0.5rem 0; font-size: 1rem; box-sizing: border-box; }}
.notice {{ background: #fff3cd; border: 1px solid #ffc107; padding: 0.75rem; margin-bottom: 1rem; border-radius: 4px; }}
</style>
</head>
<body>
<h2>Fake MPAPI Login</h2>
<div class="notice">
This is a fake MPAPI server for local testing only.
Try a username ending in <code>_sw</code> to test the student worker block.
</div>
<form method="post" action="/sso">
<input type="hidden" name="return" value="{return_url}" />
<label>Username</label>
<input type="text" name="username" autofocus placeholder="e.g. jdoe or jdoe_sw" />
<button type="submit">Sign In</button>
</form>
</body>
</html>
"""
@app.post("/sso")
def sso_submit():
username = request.form.get("username", "").strip()
return_url = request.form.get("return", "/")
if not username:
return redirect(f"/sso?{urlencode({'return': return_url})}")
ticket = str(uuid.uuid4())
tickets[ticket] = username
separator = "&" if "?" in return_url else "?"
return redirect(f"{return_url}{separator}tkt={ticket}")
@app.post("/fetch")
def fetch():
tkt = request.form.get("tkt")
username = tickets.pop(tkt, None)
if username is None:
return jsonify({"result": "failure", "reason": "unknown ticket"})
return jsonify({
"result": "success",
"uid": username,
"attributes": user_attributes(username),
})
@app.get("/uid/<username>")
def uid_lookup(username: str):
return jsonify({
"result": "success",
"uid": username,
"attributes": user_attributes(username),
})
@app.get("/slo")
def slo():
return """
<!doctype html>
<html>
<head><title>Signed Out</title>
<style>body {{ font-family: sans-serif; max-width: 400px; margin: 4rem auto; }}</style>
</head>
<body>
<h2>Signed out (fake MPAPI)</h2>
<p>You have been signed out of the fake MPAPI server.</p>
</body>
</html>
"""
if __name__ == "__main__":
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument("--port", type=int, default=8081)
args = parser.parse_args()
print(f"Fake MPAPI running at http://localhost:{args.port}")
print("Set auth.mpapi.url = http://localhost:{} in development.ini".format(args.port))
app.run(port=args.port, debug=True)