app/notify_client/org_invite_api_client.py

import json
import secrets
from urllib.parse import unquote

from flask import current_app, request

from app import redis_client
from app.enums import InvitedOrgUserStatus
from app.notify_client import NotifyAdminAPIClient, _attach_current_user
from notifications_utils.url_safe_token import generate_token


class OrgInviteApiClient(NotifyAdminAPIClient):
    def init_app(self, app):
        super().init_app(app)

        self.admin_url = app.config["ADMIN_BASE_URL"]

    def create_invite(self, invite_from_id, org_id, email_address):
        data = {
            "email_address": email_address,
            "invited_by": invite_from_id,
            "invite_link_host": self.admin_url,
        }
        data = _attach_current_user(data)

        ttl = 24 * 60 * 60
        # make and store the state
        state = generate_token(
            str(request.remote_addr),
            current_app.config["SECRET_KEY"],
            current_app.config["DANGEROUS_SALT"],
        )
        state_key = f"login-state-{unquote(state)}"
        redis_client.set(state_key, state, ex=ttl)

        # make and store the nonce
        nonce = secrets.token_urlsafe()
        nonce_key = f"login-nonce-{unquote(nonce)}"
        redis_client.set(nonce_key, nonce, ex=ttl)  # save the nonce to redis.

        data["nonce"] = nonce  # This is passed to api for the invite url.
        data["state"] = state  # This is passed to api for the invite url.

        resp = self.post(url="/organization/{}/invite".format(org_id), data=data)

        invite_data_key = f"invitedata-{unquote(state)}"
        # For historical reasons 'invite' signifies a service invite
        # and 'data' signifies an org invite
        if resp.get("invite"):
            redis_invite_data = resp["invite"]
        else:
            redis_invite_data = resp["data"]
        redis_invite_data = json.dumps(redis_invite_data)
        redis_client.set(invite_data_key, redis_invite_data, ex=ttl)

        return resp["data"]

    def get_invites_for_organization(self, org_id):
        endpoint = "/organization/{}/invite".format(org_id)
        resp = self.get(endpoint)
        return resp["data"]

    def get_invited_user_for_org(self, org_id, invited_org_user_id):
        return self.get(f"/organization/{org_id}/invite/{invited_org_user_id}")["data"]

    def get_invited_user(self, invited_user_id):
        return self.get(f"/invite/organization/{invited_user_id}")["data"]

    def check_token(self, token):
        resp = self.get(url="/invite/organization/check/{}".format(token))
        return resp["data"]

    def cancel_invited_user(self, org_id, invited_user_id):
        data = {"status": InvitedOrgUserStatus.CANCELLED}
        data = _attach_current_user(data)
        self.post(
            url="/organization/{0}/invite/{1}".format(org_id, invited_user_id),
            data=data,
        )

    def accept_invite(self, org_id, invited_user_id):
        data = {"status": InvitedOrgUserStatus.ACCEPTED}
        self.post(
            url="/organization/{0}/invite/{1}".format(org_id, invited_user_id),
            data=data,
        )


org_invite_api_client = OrgInviteApiClient()
fix org invites 2025-09-08 08:23:04 -07:00			`import json`
			`import secrets`
			`from urllib.parse import unquote`

			`from flask import current_app, request`

			`from app import redis_client`
PART 1: Created and implemented enums throughout the codebase to replace hardcoded status strings, improving type safety and reducing the risk of typos. 2025-07-04 16:37:04 -07:00			`from app.enums import InvitedOrgUserStatus`
isort . 2025-07-04 17:52:03 -07:00			`from app.notify_client import NotifyAdminAPIClient, _attach_current_user`
fix org invites 2025-09-08 08:23:04 -07:00			`from notifications_utils.url_safe_token import generate_token`
invite-team-members 2018-02-19 16:53:29 +00:00

			`class OrgInviteApiClient(NotifyAdminAPIClient):`
			`def init_app(self, app):`
fix org invite api client 2018-03-07 18:09:33 +00:00			`super().init_app(app)`

notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`self.admin_url = app.config["ADMIN_BASE_URL"]`
invite-team-members 2018-02-19 16:53:29 +00:00
			`def create_invite(self, invite_from_id, org_id, email_address):`
			`data = {`
notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`"email_address": email_address,`
			`"invited_by": invite_from_id,`
			`"invite_link_host": self.admin_url,`
invite-team-members 2018-02-19 16:53:29 +00:00			`}`
			`data = _attach_current_user(data)`
fix org invites 2025-09-08 08:23:04 -07:00
			`ttl = 24 * 60 * 60`
			`# make and store the state`
			`state = generate_token(`
			`str(request.remote_addr),`
			`current_app.config["SECRET_KEY"],`
			`current_app.config["DANGEROUS_SALT"],`
			`)`
			`state_key = f"login-state-{unquote(state)}"`
			`redis_client.set(state_key, state, ex=ttl)`

			`# make and store the nonce`
			`nonce = secrets.token_urlsafe()`
			`nonce_key = f"login-nonce-{unquote(nonce)}"`
			`redis_client.set(nonce_key, nonce, ex=ttl) # save the nonce to redis.`

			`data["nonce"] = nonce # This is passed to api for the invite url.`
			`data["state"] = state # This is passed to api for the invite url.`

notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`resp = self.post(url="/organization/{}/invite".format(org_id), data=data)`
fix org invites 2025-09-08 08:23:04 -07:00
			`invite_data_key = f"invitedata-{unquote(state)}"`
fix org invites 2025-09-08 11:57:43 -07:00			`# For historical reasons 'invite' signifies a service invite`
			`# and 'data' signifies an org invite`
			`if resp.get("invite"):`
			`redis_invite_data = resp["invite"]`
			`else:`
			`redis_invite_data = resp["data"]`
fix org invites 2025-09-08 08:23:04 -07:00			`redis_invite_data = json.dumps(redis_invite_data)`
			`redis_client.set(invite_data_key, redis_invite_data, ex=ttl)`

notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`return resp["data"]`
invite-team-members 2018-02-19 16:53:29 +00:00
blunt rename of org (#620) 2023-07-12 12:09:44 -04:00			`def get_invites_for_organization(self, org_id):`
notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`endpoint = "/organization/{}/invite".format(org_id)`
invite-team-members 2018-02-19 16:53:29 +00:00			`resp = self.get(endpoint)`
notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`return resp["data"]`
invite-team-members 2018-02-19 16:53:29 +00:00
rename get_invited_user funcs make it clear they're expecting a service/org id 2021-03-05 17:04:35 +00:00			`def get_invited_user_for_org(self, org_id, invited_org_user_id):`
notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`return self.get(f"/organization/{org_id}/invite/{invited_org_user_id}")["data"]`
Add confirmation banner when cancelling user invites This shows the green banner with a tick when cancelling a user's invitation to a service or organisation. The accessibility audit noted that 'When cancelling an invite a new page loads, however, there is no immediate indication that the invite has been cancelled.' In order to display the invited user's email address as part of the flash message, this adds new methods to the api clients for invites to get a single invite. 2020-08-17 14:30:09 +01:00
store invited org user ids in session first of a two step process to remove invited user objects from the session. we're removing them because they're of variable size, and with a lot of folder permissions they can cause the session to exceed the 4kb cookie size limit and not save properly. this commit looks at invited org users only. in this step, start saving the invited org user's id to the session alongside the session object. Then, if the invited_org_user_id is present in the next step of the invite flow, fetch the user object from the API instead of from the session. If it's not present (due to a session set by an older instance of the admin app), then just use the old code to get the entire object out of the session. For invites where the user is small enough to persist to the cookie, this will still save both the old and the new way, but will always make an extra check to the API, I think this minor performance hit is totally fine. For invites where the user is too big to persist, they'll still fail for now, and will need to wait until the next PR comes along and stops saving the large invited user object to the session entirely. 2021-03-08 10:01:12 +00:00			`def get_invited_user(self, invited_user_id):`
notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`return self.get(f"/invite/organization/{invited_user_id}")["data"]`
store invited org user ids in session first of a two step process to remove invited user objects from the session. we're removing them because they're of variable size, and with a lot of folder permissions they can cause the session to exceed the 4kb cookie size limit and not save properly. this commit looks at invited org users only. in this step, start saving the invited org user's id to the session alongside the session object. Then, if the invited_org_user_id is present in the next step of the invite flow, fetch the user object from the API instead of from the session. If it's not present (due to a session set by an older instance of the admin app), then just use the old code to get the entire object out of the session. For invites where the user is small enough to persist to the cookie, this will still save both the old and the new way, but will always make an extra check to the API, I think this minor performance hit is totally fine. For invites where the user is too big to persist, they'll still fail for now, and will need to wait until the next PR comes along and stops saving the large invited user object to the session entirely. 2021-03-08 10:01:12 +00:00
invite-team-members 2018-02-19 16:53:29 +00:00			`def check_token(self, token):`
notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`resp = self.get(url="/invite/organization/check/{}".format(token))`
			`return resp["data"]`
invite-team-members 2018-02-19 16:53:29 +00:00
			`def cancel_invited_user(self, org_id, invited_user_id):`
.value removed 2025-07-04 17:42:20 -07:00			`data = {"status": InvitedOrgUserStatus.CANCELLED}`
invite-team-members 2018-02-19 16:53:29 +00:00			`data = _attach_current_user(data)`
notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`self.post(`
			`url="/organization/{0}/invite/{1}".format(org_id, invited_user_id),`
			`data=data,`
			`)`
invite-team-members 2018-02-19 16:53:29 +00:00
			`def accept_invite(self, org_id, invited_user_id):`
.value removed 2025-07-04 17:42:20 -07:00			`data = {"status": InvitedOrgUserStatus.ACCEPTED}`
notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00			`self.post(`
			`url="/organization/{0}/invite/{1}".format(org_id, invited_user_id),`
			`data=data,`
			`)`
invite-team-members 2018-02-19 16:53:29 +00:00
Initialise clients outside the app This avoids the annoying problem where you can’t import a client unless the app has already been initialised. 2018-10-26 15:39:32 +01:00
			`org_invite_api_client = OrgInviteApiClient()`