Hello everyone,
I have failed to industrialize authentication via oauth2 on mattermost.
I'm dropping this system (temporarily maybe?).
I recall my problem: to be able to launch calls on the mattermost api using exclusively gitlab authentication.
So I chose to emulate the "real" stream that we follow as user.
It forces me to parse the html code of the authentication form on gitlab.
And for a reason that escapes me, I am forced to add a Header to pass my queries as Ajax when I query on the mattermost api.
But it works.
The code (python):
#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
DOC
"""
# Import from stdlib
from urllib.parse import urlparse
# Imports from external libraries
from lxml import html as ehtml
from path import Path
import requests
config = {
'gitlab': {
'username': 'my-username',
'password': 'my-password',
},
'mattermost': {
'api-url': Path('https://mattermost.domain.ext/api/v3'),
'team-id': 'my-team-id',
}
}
# Create session for keep cookies (auth with mattermost)
session = requests.Session()
# Request on gitlab oauth
r1 = session.get(config['mattermost']['api-url'] / 'oauth/gitlab/login')
# Parse html for retrieve data in prevision of auth in gitlab
gitlab_domain = Path('{uri.scheme}://{uri.netloc}/'.format(uri=urlparse(r1.url)))
html = ehtml.fromstring(r1.text)
form = html.xpath('//form[@id="new_ldap_user"]')[0]
data = {e.get('name'): e.get('value', None) for e in form.xpath('.//input')}
data['username'] = config['gitlab']['username']
data['password'] = config['gitlab']['password']
# Auth in gitlab
r2 = session.post(gitlab_domain / form.get('action').strip('/'), data=data)
# Now we have cookie in session for requests in API
# Next line is required for accepting requests in mattermost api, I don't know why
session.headers.update({
'X-Requested-With': 'XMLHttpRequest',
})
# Profit !
r3 = session.get(config['mattermost']['api-url'] / 'teams' / config['mattermost']['team-id'] / 'channels/')
print(r3.json())