diff --git a/oidc4vp/views.py b/oidc4vp/views.py index 31332aa..93cde90 100644 --- a/oidc4vp/views.py +++ b/oidc4vp/views.py @@ -7,7 +7,7 @@ from django.template import loader from django.core.mail import EmailMultiAlternatives from django.conf import settings from django.views.generic.edit import View, FormView -from django.http import HttpResponse, Http404, JsonResponse +from django.http import HttpResponse, Http404, JsonResponse, QueryDict from django.shortcuts import get_object_or_404, redirect from django.views.decorators.csrf import csrf_exempt from django.utils.decorators import method_decorator @@ -150,16 +150,10 @@ class VerifyView(View): for user in User.objects.filter(is_admin=True): self.send_email(user) - self.send_api() response["response"] = "Validation Code {}".format(code) return JsonResponse(response) - def send_api(self): - data = {"vp": self.vp_token.vp_token, "code": self.vp_token.code} - url = self.vp_token.org.response_uri - requests.post(url, data=data) - def validate(self, request): auth_header = request.headers.get('Authorization', b'') auth_data = auth_header.split() @@ -228,6 +222,7 @@ class VerifyView(View): def get_verification(self): return self.vp_token.get_user_info_all() + class AllowCodeView(View): def get(self, request, *args, **kwargs): code = self.request.GET.get("code") @@ -239,6 +234,9 @@ class AllowCodeView(View): code=code, code_used=False ) + if self.request.session.get("response_uri"): + url = self.send_api() + return redirect(url) promotion = self.authorization.promotions.first() if not promotion: @@ -246,6 +244,40 @@ class AllowCodeView(View): return redirect(promotion.get_url(code)) + def send_api(self): + vp = self.get_vp_token() + if not vp: + return + + data = { + "vp_token": vp, + "code": self.authorization.code + } + url = self.request.session.get("response_uri") + result = requests.post(url, data=data) + return result.json().get('redirect_uri') + + def get_vp_token(self): + vp = self.authorization.vp_tokens.first() + if not vp: + return + return base64.b64encode(vp.vp_token.encode()).decode() + + def get_response_uri(self): + data = { + "code": self.authorization.code, + } + query_dict = QueryDict('', mutable=True) + query_dict.update(data) + + response_uri = self.request.session.get("response_uri") + + url = '{response_uri}?{params}'.format( + response_uri=response_uri, + params=query_dict.urlencode() + ) + return url + class ReceivedCodeView(View): template_name = "received_code.html" diff --git a/promotion/views.py b/promotion/views.py index 822e7ea..4b8aecb 100644 --- a/promotion/views.py +++ b/promotion/views.py @@ -106,9 +106,13 @@ class SelectWalletView(FormView): success_url = reverse_lazy('promotion:select_wallet') def get_form_kwargs(self): - self.get_response_uri() + presentation = self.get_response_uri() + if not presentation: + presentation = json.dumps( + settings.SUPPORTED_CREDENTIALS + ) kwargs = super().get_form_kwargs() - kwargs['presentation_definition'] = json.dumps(settings.SUPPORTED_CREDENTIALS) + kwargs['presentation_definition'] = presentation return kwargs def form_valid(self, form): @@ -120,9 +124,14 @@ class SelectWalletView(FormView): if len(path) < 2: return - args = path[1] - response_uri = dict( - [x.split("=") for x in args.split("&")] - ).get('response_uri') + args = dict( + [x.split("=") for x in path[1].split("&")] + ) + response_uri = args.get('response_uri') self.request.session["response_uri"] = response_uri + presentation = args.get('presentation_definition') + + for x in settings.SUPPORTED_CREDENTIALS: + if x in presentation: + return json.dumps([x])