1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
from flask_sqlalchemy import SQLAlchemy
from CTFd.models import Users
import time
import secrets
db = SQLAlchemy()
class OIDCConfig(db.Model):
__tablename__ = "oidc_config"
id = db.Column(db.Integer, primary_key=True)
key = db.Column(db.String(64), unique=True, nullable=False)
value = db.Column(db.Text, nullable=False)
created = db.Column(db.Integer, default=lambda: int(time.time()))
class OIDCClient(db.Model):
__tablename__ = 'oidc_client'
client_id = db.Column(db.String(32), primary_key=True)
client_secret = db.Column(db.String(128), nullable=True)
redirect_uris = db.Column(db.Text, nullable=False)
pkce = db.Column(db.Boolean, default=False, nullable=False)
created = db.Column(db.Integer, default=lambda: int(time.time()))
class OIDCAuthCode(db.Model):
__tablename__ = 'oidc_auth_code'
id = db.Column(db.Integer, primary_key=True)
code = db.Column(db.String(128), unique=True, nullable=False)
user_id = db.Column(db.Integer, db.ForeignKey(Users.id, ondelete='CASCADE'), nullable=False)
client_id = db.Column(db.String(32), db.ForeignKey(OIDCClient.client_id, ondelete='CASCADE'), nullable=False)
redirect_uri = db.Column(db.Text, nullable=False)
code_challenge = db.Column(db.String(128), nullable=True)
exp = db.Column(db.Integer, nullable=False)
user = db.relationship(Users, backref=db.backref("oidc_auth_code", uselist=False, lazy="select"))
client = db.relationship(OIDCClient, backref=db.backref("oidc_auth_code", uselist=False, lazy="select"))
class OIDCRefreshToken(db.Model):
__tablename__ = 'oidc_refresh_token'
id = db.Column(db.Integer, primary_key=True)
refresh_token = db.Column(db.String(128), unique=True, nullable=False)
user_id = db.Column(db.Integer, db.ForeignKey(Users.id, ondelete='CASCADE'), nullable=False)
client_id = db.Column(db.String(32), db.ForeignKey(OIDCClient.client_id, ondelete='CASCADE'), nullable=False)
exp = db.Column(db.Integer, nullable=False)
user = db.relationship(Users, backref=db.backref("oidc_refresh_token", uselist=False, lazy="select"))
client = db.relationship(OIDCClient, backref=db.backref("oidc_refresh_token", uselist=False, lazy="select"))
class OIDCAccessToken(db.Model):
__tablename__ = 'oidc_access_token'
id = db.Column(db.Integer, primary_key=True)
access_token = db.Column(db.String(128), unique=True, nullable=False)
user_id = db.Column(db.Integer, db.ForeignKey(Users.id, ondelete='CASCADE'), nullable=False)
client_id = db.Column(db.String(32), db.ForeignKey(OIDCClient.client_id, ondelete='CASCADE'), nullable=False)
exp = db.Column(db.Integer, nullable=False)
user = db.relationship(Users, backref=db.backref("oidc_access_token", uselist=False, lazy="select"))
client = db.relationship(OIDCClient, backref=db.backref("oidc_access_token", uselist=False, lazy="select"))
class OIDCKey(db.Model):
__tablename__ = 'oidc_key'
id = db.Column(db.Integer, primary_key=True)
kid = db.Column(db.String(32), unique=True, nullable=False)
private_pem = db.Column(db.Text, nullable=False)
public_pem = db.Column(db.Text, nullable=False)
created = db.Column(db.Integer, default=lambda: int(time.time()))
client_id = db.Column(db.String(32), db.ForeignKey(OIDCClient.client_id, ondelete='CASCADE'), nullable=False)
client = db.relationship(OIDCClient, backref=db.backref("oidc_key", uselist=False, lazy="select"))
|
