diff --git a/invenio_oauthclient/admin.py b/invenio_oauthclient/admin.py
index 7ec6fad..1e61458 100644
--- a/invenio_oauthclient/admin.py
+++ b/invenio_oauthclient/admin.py
@@ -10,15 +10,10 @@
from flask_admin.contrib.sqla import ModelView
from invenio_accounts.admin import user_identity_adminview
-
+from invenio_i18n import lazy_gettext as _
from .models import RemoteAccount, RemoteToken
-def _(x):
- """Identity."""
- return x
-
-
class RemoteAccountView(ModelView):
"""Flask-Admin view to manage remote accounts from invenio-oauthclient."""
diff --git a/invenio_oauthclient/contrib/cern.py b/invenio_oauthclient/contrib/cern.py
index a84cd2c..4485a48 100644
--- a/invenio_oauthclient/contrib/cern.py
+++ b/invenio_oauthclient/contrib/cern.py
@@ -148,7 +148,7 @@
identity_loaded,
)
from invenio_db import db
-from invenio_i18n import gettext as _
+from invenio_i18n import gettext as _, lazy_gettext
from invenio_oauthclient.errors import OAuthCERNRejectedAccountError
from invenio_oauthclient.handlers.rest import response_handler
@@ -204,8 +204,8 @@
"""Cern oauth identityClass values that are allowed to be used."""
BASE_APP = dict(
- title="CERN",
- description="Connecting to CERN Organization.",
+ title=lazy_gettext("CERN"),
+ description=lazy_gettext("Connecting to CERN Organization."),
icon="",
logout_url="https://login.cern.ch/adfs/ls/?wa=wsignout1.0",
params=dict(
@@ -405,8 +405,10 @@ def _account_info(remote, resp):
identity_class = resource.get("IdentityClass", [None])[0]
if identity_class is None or identity_class not in valid_identities:
raise OAuthCERNRejectedAccountError(
- "Identity class {0} is not one of [{1}]".format(
- identity_class, "".join(valid_identities)
+ _(
+ "Identity class %(identity_class)s is not one of [%(valid_identities)s]",
+ identity_class=identity_class,
+ valid_identities="".join(valid_identities),
),
remote,
resp,
diff --git a/invenio_oauthclient/contrib/cern_openid.py b/invenio_oauthclient/contrib/cern_openid.py
index 3aa71ac..c3fa714 100644
--- a/invenio_oauthclient/contrib/cern_openid.py
+++ b/invenio_oauthclient/contrib/cern_openid.py
@@ -76,7 +76,7 @@
identity_loaded,
)
from invenio_db import db
-from invenio_i18n import gettext as _
+from invenio_i18n import gettext as _, lazy_gettext
from jwt import decode
from invenio_oauthclient.errors import OAuthCERNRejectedAccountError
@@ -99,8 +99,8 @@
"""CERN OAuth application role values that are allowed to be used."""
BASE_APP = dict(
- title="CERN",
- description="Connecting to CERN Organization.",
+ title=lazy_gettext("CERN"),
+ description=lazy_gettext("Connecting to CERN Organization."),
icon="",
logout_url="https://auth.cern.ch/auth/realms/cern/protocol/"
"openid-connect/logout",
@@ -273,7 +273,11 @@ def _account_info(remote, resp):
cern_roles = resource.get("cern_roles")
if cern_roles is None or not set(cern_roles).issubset(valid_roles):
raise OAuthCERNRejectedAccountError(
- "User roles {0} are not one of {1}".format(cern_roles, valid_roles),
+ _(
+ "User roles %(cern_roles)s are not one of %(valid_roles)s",
+ cern_roles=cern_roles,
+ valid_roles=valid_roles,
+ ),
remote,
resp,
)
diff --git a/invenio_oauthclient/contrib/github.py b/invenio_oauthclient/contrib/github.py
index 345bda6..ac728ab 100644
--- a/invenio_oauthclient/contrib/github.py
+++ b/invenio_oauthclient/contrib/github.py
@@ -74,6 +74,7 @@
from flask_login import current_user
from invenio_db import db
+from invenio_i18n import lazy_gettext as _
from invenio_oauthclient import current_oauthclient
from invenio_oauthclient.contrib.settings import OAuthSettingsHelper
from invenio_oauthclient.errors import OAuthResponseError
@@ -105,8 +106,8 @@ def __init__(
):
"""Constructor."""
super().__init__(
- title or "GitHub",
- description or "Software collaboration platform.",
+ title or _("GitHub"),
+ description or _("Software collaboration platform."),
base_url or "https://api.github.com/",
app_key or "GITHUB_APP_CREDENTIALS",
icon=icon or "fa fa-github",
@@ -261,7 +262,7 @@ def authorized(resp, remote):
return redirect(url_for("invenio_oauthclient.login", remote_app="github"))
elif resp["error"] in ["incorrect_client_credentials", "redirect_uri_mismatch"]:
raise OAuthResponseError(
- "Application mis-configuration in GitHub", remote, resp
+ _("Application mis-configuration in GitHub"), remote, resp
)
return authorized_signup_handler(resp, remote)
@@ -283,7 +284,7 @@ def authorized_rest(resp, remote):
)
elif resp["error"] in ["incorrect_client_credentials", "redirect_uri_mismatch"]:
raise OAuthResponseError(
- "Application mis-configuration in GitHub", remote, resp
+ _("Application mis-configuration in GitHub"), remote, resp
)
return authorized_signup_rest_handler(resp, remote)
diff --git a/invenio_oauthclient/contrib/globus.py b/invenio_oauthclient/contrib/globus.py
index 7552d63..7ecfc0a 100644
--- a/invenio_oauthclient/contrib/globus.py
+++ b/invenio_oauthclient/contrib/globus.py
@@ -68,6 +68,7 @@
from flask_login import current_user
from invenio_db import db
+from invenio_i18n import lazy_gettext as _
from invenio_oauthclient import current_oauthclient
from invenio_oauthclient.contrib.settings import OAuthSettingsHelper
from invenio_oauthclient.errors import OAuthResponseError
@@ -91,8 +92,8 @@ def __init__(
):
"""Constructor."""
super().__init__(
- title or "Globus",
- description or "Research data management simplified.",
+ title or _("Globus"),
+ description or _("Research data management simplified."),
base_url or "https://auth.globus.org/v2/",
app_key or "GLOBUS_APP_CREDENTIALS",
request_token_params={"scope": "openid email profile"},
@@ -164,7 +165,7 @@ def get_dict_from_response(response):
"""Check for errors in the response and return the resulting JSON."""
if getattr(response, "_resp") and response._resp.code > 400:
raise OAuthResponseError(
- "Application mis-configuration in Globus", None, response
+ _("Application mis-configuration in Globus"), None, response
)
return response.data
@@ -199,7 +200,7 @@ def get_user_id(remote, email):
# If we got here the response was successful but the data was invalid.
# It's likely the URL is wrong but possible the API has changed.
raise OAuthResponseError(
- "Failed to fetch user id, likely server " "mis-configuration", None, remote
+ _("Failed to fetch user id, likely server mis-configuration"), None, remote
)
diff --git a/invenio_oauthclient/contrib/keycloak/helpers.py b/invenio_oauthclient/contrib/keycloak/helpers.py
index f9b6530..a9479fd 100644
--- a/invenio_oauthclient/contrib/keycloak/helpers.py
+++ b/invenio_oauthclient/contrib/keycloak/helpers.py
@@ -11,6 +11,7 @@
import jwt
from flask import current_app
+from invenio_i18n import gettext as _
from ...errors import OAuthError, OAuthKeycloakUserInfoError
@@ -27,9 +28,12 @@ def _generate_config_prefix(remote):
app_name = remote.name
if not is_app_name_valid(app_name):
raise OAuthError(
- f"Invalid app name {app_name}. "
- "It should only contain letters, numbers, dashes "
- "and underscores",
+ _(
+ "Invalid app name %(app_name)s. "
+ "It should only contain letters, numbers, dashes "
+ "and underscores",
+ app_name=app_name,
+ ),
remote,
)
return f"OAUTHCLIENT_{app_name.upper()}"
diff --git a/invenio_oauthclient/contrib/openaire_aai.py b/invenio_oauthclient/contrib/openaire_aai.py
index 6e3866f..af775ca 100644
--- a/invenio_oauthclient/contrib/openaire_aai.py
+++ b/invenio_oauthclient/contrib/openaire_aai.py
@@ -73,6 +73,7 @@
from flask_login import current_user
from invenio_db import db
+from invenio_i18n import lazy_gettext as _
from invenio_oauthclient import current_oauthclient
from invenio_oauthclient.contrib.keycloak import KeycloakSettingsHelper
from invenio_oauthclient.contrib.settings import OAuthSettingsHelper
@@ -101,8 +102,8 @@ def __init__(
"send_register_msg": True,
}
super().__init__(
- title or "OpenAIRE",
- description or "Open Science Services.",
+ title or _("OpenAIRE"),
+ description or _("Open Science Services."),
base_url,
app_key or "OPENAIRE_APP_CREDENTIALS",
request_token_params={"scope": "openid profile email orcid"},
@@ -166,8 +167,8 @@ def get_rest_handlers(self):
# Sandbox
_openaire_aai_sandbox_app = KeycloakSettingsHelper(
- title="OpenAIRE",
- description="Open Science Services.",
+ title=_("OpenAIRE"),
+ description=_("Open Science Services."),
base_url="https://beta.aai.openaire.eu",
realm="openaire",
scopes="openid profile email eduperson_entitlement orcid",
diff --git a/invenio_oauthclient/contrib/orcid.py b/invenio_oauthclient/contrib/orcid.py
index 2d711d1..3244768 100644
--- a/invenio_oauthclient/contrib/orcid.py
+++ b/invenio_oauthclient/contrib/orcid.py
@@ -75,6 +75,7 @@
from flask_login import current_user
from invenio_db import db
+from invenio_i18n import lazy_gettext as _
from invenio_oauthclient import current_oauthclient
from invenio_oauthclient.contrib.settings import OAuthSettingsHelper
from invenio_oauthclient.handlers.rest import response_handler
@@ -109,8 +110,8 @@ def __init__(
}
super().__init__(
- title or "ORCID",
- description or "Connecting Research and Researchers.",
+ title or _("ORCID"),
+ description or _("Connecting Research and Researchers."),
base_url or "https://pub.orcid.org/v1.2/",
app_key or "ORCID_APP_CREDENTIALS",
request_token_params={"scope": "/authenticate", "show_login": "true"},
diff --git a/invenio_oauthclient/ext.py b/invenio_oauthclient/ext.py
index ab3d180..e27123f 100644
--- a/invenio_oauthclient/ext.py
+++ b/invenio_oauthclient/ext.py
@@ -154,7 +154,7 @@ def dummy_handler(remote, *args, **kargs):
if "cern" in self.oauth.remote_apps:
warnings.warn(
- "CERN Remote app is deprecated, use CERN OpenID instead.",
+ _("CERN Remote app is deprecated, use CERN OpenID instead."),
DeprecationWarning,
)
diff --git a/invenio_oauthclient/handlers/rest.py b/invenio_oauthclient/handlers/rest.py
index 08ba5f9..2ce7e8b 100644
--- a/invenio_oauthclient/handlers/rest.py
+++ b/invenio_oauthclient/handlers/rest.py
@@ -23,6 +23,7 @@
)
from flask_login import current_user
from invenio_db import db
+from invenio_i18n import gettext as _
from ..errors import (
AlreadyLinkedError,
@@ -86,16 +87,20 @@ def _oauth_error_handler(remote, f, *args, **kwargs):
return response_handler(
remote,
remote_app_config["error_redirect_url"],
- payload=dict(message="Authorization with remote service failed.", code=400),
+ payload=dict(
+ message=_("Authorization with remote service failed."), code=400
+ ),
)
except OAuthRejectedRequestError:
return response_handler(
remote,
remote_app_config["error_redirect_url"],
- payload=dict(message="You rejected the authentication request.", code=400),
+ payload=dict(
+ message=_("You rejected the authentication request."), code=400
+ ),
)
except AlreadyLinkedError:
- msg = "External service is already linked to another account."
+ msg = _("External service is already linked to another account.")
return response_handler(
remote,
remote_app_config["error_redirect_url"],
@@ -105,14 +110,14 @@ def _oauth_error_handler(remote, f, *args, **kwargs):
return response_handler(
remote,
remote_app_config["error_redirect_url"],
- payload=dict(message="Unauthorized.", code=401),
+ payload=dict(message=_("Unauthorized."), code=401),
)
except OAuthClientAlreadyAuthorized:
return response_handler(
remote,
remote_app_config["authorized_redirect_url"],
payload=dict(
- message="Successfully signed up.",
+ message=_("Successfully signed up."),
code=200,
),
)
@@ -121,14 +126,14 @@ def _oauth_error_handler(remote, f, *args, **kwargs):
remote,
remote_app_config["error_redirect_url"],
payload=dict(
- message="Token not found.",
+ message=_("Token not found."),
code=400,
),
)
except OAuthClientUserNotRegistered:
abort(make_response(jsonify(message="Form validation error."), 400))
except OAuthClientTokenNotSet:
- raise OAuthError("Could not create token for user.", remote)
+ raise OAuthError(_("Could not create token for user."), remote)
except OAuthClientMustRedirectSignup as e:
return redirect(
url_for(
@@ -208,7 +213,7 @@ def authorized_signup_handler(resp, remote, *args, **kwargs):
"""
remote_app_config = current_app.config["OAUTHCLIENT_REST_REMOTE_APPS"][remote.name]
next_url = authorized_handler(resp, remote, *args, **kwargs)
- response_payload = dict(message="Successfully authorized.", code=200)
+ response_payload = dict(message=_("Successfully authorized."), code=200)
if next_url:
response_payload["next_url"] = next_url
@@ -238,7 +243,7 @@ def disconnect_handler(remote, *args, **kwargs):
remote,
redirect_url,
payload=dict(
- message="Successfully disconnected.",
+ message=_("Successfully disconnected."),
code=200,
),
)
@@ -282,7 +287,7 @@ def signup_handler(remote, *args, **kwargs):
except OAuthClientUnAuthorized:
abort(401)
- response_payload = dict(message="Successfully signed up.", code=200)
+ response_payload = dict(message=_("Successfully signed up."), code=200)
if next_url:
response_payload["next_url"] = next_url
return jsonify(response_payload)
diff --git a/invenio_oauthclient/handlers/token.py b/invenio_oauthclient/handlers/token.py
index c632a84..bbdd84a 100644
--- a/invenio_oauthclient/handlers/token.py
+++ b/invenio_oauthclient/handlers/token.py
@@ -13,6 +13,7 @@
from flask import current_app, session
from flask_login import current_user
from invenio_db import db
+from invenio_i18n import gettext as _
from ..errors import OAuthClientError, OAuthRejectedRequestError, OAuthResponseError
from ..models import RemoteToken
@@ -58,7 +59,7 @@ def response_token_setter(remote, resp):
:returns: The token.
"""
if resp is None:
- raise OAuthRejectedRequestError("User rejected request.", remote, resp)
+ raise OAuthRejectedRequestError(_("User rejected request."), remote, resp)
else:
if "access_token" in resp:
return oauth2_token_setter(remote, resp)
@@ -67,11 +68,11 @@ def response_token_setter(remote, resp):
elif "error" in resp:
# Only OAuth2 specifies how to send error messages
raise OAuthClientError(
- "Authorization with remote service failed.",
+ _("Authorization with remote service failed."),
remote,
resp,
)
- raise OAuthResponseError("Bad OAuth authorized request", remote, resp)
+ raise OAuthResponseError(_("Bad OAuth authorized request"), remote, resp)
def oauth1_token_setter(remote, resp, token_type="", extra_data=None):
diff --git a/invenio_oauthclient/handlers/ui.py b/invenio_oauthclient/handlers/ui.py
index cf09b85..f4fb399 100644
--- a/invenio_oauthclient/handlers/ui.py
+++ b/invenio_oauthclient/handlers/ui.py
@@ -153,7 +153,9 @@ def authorized_signup_handler(resp, remote, *args, **kwargs):
do_flash(
Markup(
_(
- f"A confirmation email has already been sent to {exc.user.email}. Didn't receive it? Click here to resend it."
+ 'A confirmation email has already been sent to %(email)s. Didn\'t receive it? Click here to resend it.',
+ mail=exc.user.email,
+ url=url_for("security.send_confirmation"),
)
),
category="success",
diff --git a/invenio_oauthclient/handlers/utils.py b/invenio_oauthclient/handlers/utils.py
index 4690f09..5efea03 100644
--- a/invenio_oauthclient/handlers/utils.py
+++ b/invenio_oauthclient/handlers/utils.py
@@ -14,6 +14,7 @@
from flask_login import current_user
from invenio_accounts.models import Role
from invenio_accounts.proxies import current_datastore
+from invenio_i18n import gettext as _
from werkzeug.utils import import_string
from ..models import RemoteAccount
@@ -115,13 +116,19 @@ def create_or_update_roles(groups):
existing_role = current_datastore.find_role_by_id(group["id"])
if existing_role and existing_role.is_managed:
current_app.logger.exception(
- f'Error while syncing roles: A managed role with id: ${group["id"]} already exists'
+ _(
+ "Error while syncing roles: A managed role with id: %(group_id)s already exists",
+ group_id=group["id"],
+ )
)
continue
existing_role_by_name = current_datastore.find_role(group["name"])
if existing_role_by_name and existing_role_by_name.is_managed:
current_app.logger.exception(
- f'Error while syncing roles: A managed role with name: ${group["name"]} already exists'
+ _(
+ "Error while syncing roles: A managed role with name: %(group_name)s already exists",
+ group_name=group["name"],
+ )
)
continue
if not existing_role:
diff --git a/invenio_oauthclient/templates/semantic-ui/invenio_oauthclient/login_user.html b/invenio_oauthclient/templates/semantic-ui/invenio_oauthclient/login_user.html
index a140fdd..9801b34 100644
--- a/invenio_oauthclient/templates/semantic-ui/invenio_oauthclient/login_user.html
+++ b/invenio_oauthclient/templates/semantic-ui/invenio_oauthclient/login_user.html
@@ -23,7 +23,7 @@
{%- if config.ACCOUNTS_LOCAL_LOGIN_ENABLED %}
- {{ _("Or") }}
+ {{ _("OR") }}
{%- endif %}
{% endif %}