From f6d2373f393764394b21fd16b11a5d16e9f7a85b Mon Sep 17 00:00:00 2001
From: Charlie <wang@post.com>
Date: Fri, 4 Oct 2024 12:10:31 -0700
Subject: [PATCH] Add OIDC Authorization

---
 indicators.py    | 40 +++++++++++++++++++++++++---------------
 requirements.txt |  4 ++++
 2 files changed, 29 insertions(+), 15 deletions(-)

diff --git a/indicators.py b/indicators.py
index 2ef21b3..b72daa4 100644
--- a/indicators.py
+++ b/indicators.py
@@ -30,7 +30,7 @@ from dash import Dash, html, dcc, callback, Output, Input, State, no_update
 from waitress import serve
 from flask_caching import Cache
 from dash.exceptions import PreventUpdate
-import dash_auth
+from dash_auth import OIDCAuth
 import yahoo_fin.stock_info as si
 import hashlib
 from dotenv import load_dotenv
@@ -551,23 +551,33 @@ def intelligent_loop_plots(sym, stk_data):
 
     return data, vol.to_frame('_VOL'), macd, rsi, plot_indicator
 
-VALID_USERNAME_PASSWORD_PAIRS = {
-    'ce16559af2caf7bb54bebd57a1602e29ada331b3356004265abeab0e568278cc':
-    'b4db36eb3f887ca0bc15de7feb0b41a9589b65dbd5325aedf1c76b3ee63b8871'
-}
+# VALID_USERNAME_PASSWORD_PAIRS = {
+#     'ce16559af2caf7bb54bebd57a1602e29ada331b3356004265abeab0e568278cc':
+#     'b4db36eb3f887ca0bc15de7feb0b41a9589b65dbd5325aedf1c76b3ee63b8871'
+# }
 
-def user_login(username, password):
-    if VALID_USERNAME_PASSWORD_PAIRS.get(hash_password(username)) == hash_password(password):
-        return True
-    return False
+# def user_login(username, password):
+#     if VALID_USERNAME_PASSWORD_PAIRS.get(hash_password(username)) == hash_password(password):
+#         return True
+#     return False
 
 # Initialize the app
-app = Dash()
-dash_auth.BasicAuth(
-    app,
-    # VALID_USERNAME_PASSWORD_PAIRS,
-    auth_func=user_login,
-    secret_key="MK8dyS6PyDDuEuzrmqa7dJTJZ7eH2Jkh",
+app = Dash(__name__)
+
+# dash_auth.BasicAuth(
+#     app,
+#     # VALID_USERNAME_PASSWORD_PAIRS,
+#     auth_func=user_login,
+#     secret_key="MK8dyS6PyDDuEuzrmqa7dJTJZ7eH2Jkh",
+# )
+
+auth = OIDCAuth(app, secret_key=os.environ['SECRET_KEY'])
+auth.register_provider(
+    "stock",
+    token_endpoint_auth_method="client_secret_post",
+    client_id=os.environ['APP_ID'],
+    client_secret=os.environ['APP_SECRET'],
+    server_metadata_url=os.environ['SERVER_URL'],
 )
 
 watchlist = get_watchlist()
diff --git a/requirements.txt b/requirements.txt
index fa1c06a..fa9e490 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,12 +1,15 @@
 appdirs==1.4.4
+Authlib==1.3.2
 beautifulsoup4==4.12.3
 blinker==1.8.2
 bs4==0.0.2
 cachelib==0.9.0
 certifi==2024.8.30
+cffi==1.17.1
 charset-normalizer==3.3.2
 click==8.1.7
 colorama==0.4.6
+cryptography==43.0.1
 cssselect==1.2.0
 dash==2.18.1
 dash-core-components==2.0.0
@@ -31,6 +34,7 @@ pandas==2.2.3
 parse==1.20.2
 plotly==5.24.1
 psycopg2==2.9.9
+pycparser==2.22
 pyee==11.1.1
 pyppeteer==2.0.0
 pyquery==2.0.1