nilsdebruin

Keybase proof

I hereby claim:

• I am nilsdebruin on github.
• I am nilsdebruin (https://keybase.io/nilsdebruin) on keybase.
• I have a public key ASDHeYKxS8GeG_QFQjWLz829UwfNR1NWC3OVRzTDqlTVvQo

To claim this, I am signing this object:

nilsdebruin

Keybase proof

I hereby claim:

• I am nilsldebruin on github.
• I am nilsdebruin (https://keybase.io/nilsdebruin) on keybase.
• I have a public key ASDHeYKxS8GeG_QFQjWLz829UwfNR1NWC3OVRzTDqlTVvQo

To claim this, I am signing this object:

nilsdebruin

@app.get("/")
async def homepage():
    return "Welcome to the security test!"


@app.get(f"{ERROR_ROUTE}", tags=["security"])
async def login_error():
    return "Something went wrong logging in!"

nilsdebruin

@app.get("/google_login_client", tags=["security"])
def google_login_client():

    return HTMLResponse(google_login_javascript_client)


@app.get("/google_login_server", tags=["security"])
def google_login_server():

    return HTMLResponse(google_login_javascript_server)

nilsdebruin

def get_user_by_email(db, email: str):
    for username, value in db.items():
        if value.get("email") == email:
            user_dict = db[username]
            return User(**user_dict)


def authenticate_user_email(fake_db, email: str):
    user = get_user_by_email(fake_db, email)
    if not user:

nilsdebruin

class Token(BaseModel):
    access_token: str
    token_type: str


class TokenData(BaseModel):
    username: str = None
    email: str = None

nilsdebruin

google_login_javascript_client = f"""<!DOCTYPE html>
<html itemscope itemtype="http://schema.org/Article">
<head>
    <meta charset="UTF-8">
    <meta name="google-signin-client_id" content="{CLIENT_ID}">
    <title>Google Login</title><script src="https://apis.google.com/js/platform.js" async defer></script>
    <body>
    <div class="g-signin2" data-onsuccess="onSignIn"></div>
    <script>function onSignIn(googleUser) {{
  

nilsdebruin

COOKIE_AUTHORIZATION_NAME = "Authorization"
COOKIE_DOMAIN = "<YOUR_DOMAIN_NAME>"

PROTOCOL = "http://"
FULL_HOST_NAME = "<YOUR_DOMAIN_NAME>"
PORT_NUMBER = 8000

CLIENT_ID = "1007436511433-1o329ffhgodf6ipbmgqm99r2kkjsoj9u.apps.googleusercontent.com"
CLIENT_SECRETS_JSON = "client_secret_1007436511433-1o329ffhgodf6ipbmgqm99r2kkjsoj9u.apps.googleusercontent.com.json"

nilsdebruin

from typing import Optional
from datetime import datetime, timedelta

import jwt
from jwt import PyJWTError

from fastapi import Depends, FastAPI, HTTPException
from fastapi.encoders import jsonable_encoder
from fastapi.security.oauth2 import (
    OAuth2,

nilsdebruin

@app.get("/secure_endpoint", tags=["test"])
async def get_open_api_endpoint(api_key: APIKey = Depends(get_api_key)):
    response = "How cool is this?"
    return response