first step of oidc
This commit is contained in:
parent
5e95d6b15c
commit
d84ad8f470
|
@ -81,10 +81,8 @@ class DemandAuthorizationForm(forms.Form):
|
||||||
if commit:
|
if commit:
|
||||||
url = self.org.demand_authorization()
|
url = self.org.demand_authorization()
|
||||||
auth = (self.org.client_id, self.org.client_secret)
|
auth = (self.org.client_id, self.org.client_secret)
|
||||||
# res = requests.get(url, auth=auth)
|
if url.status_code == 200:
|
||||||
# import pdb; pdb.set_trace()
|
return url.json().get('redirect_uri')
|
||||||
# if res.status == 200:
|
|
||||||
# return res.body
|
|
||||||
|
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
|
@ -160,9 +160,9 @@ class DemandAuthorizationView(MyWallet, FormView):
|
||||||
|
|
||||||
def form_valid(self, form):
|
def form_valid(self, form):
|
||||||
authorization = form.save()
|
authorization = form.save()
|
||||||
|
# import pdb; pdb.set_trace()
|
||||||
if authorization:
|
if authorization:
|
||||||
if authorization.get('redirect_uri'):
|
redirect(authorization)
|
||||||
redirect(authorization.get('redirect_uri'))
|
|
||||||
else:
|
else:
|
||||||
messages.error(self.request, _("Error sending credential!"))
|
messages.error(self.request, _("Error sending credential!"))
|
||||||
return super().form_valid(form)
|
return super().form_valid(form)
|
||||||
|
|
|
@ -112,15 +112,11 @@ class Authorization(models.Model):
|
||||||
)
|
)
|
||||||
|
|
||||||
def authorize(self):
|
def authorize(self):
|
||||||
response_uri = self.__class__.objects.filter(
|
|
||||||
response_uri=settings.ALLOW_CODE_URI
|
|
||||||
)
|
|
||||||
data = {
|
data = {
|
||||||
"response_type": "vp_token",
|
"response_type": "vp_token",
|
||||||
"response_mode": "direct_post",
|
"response_mode": "direct_post",
|
||||||
"client_id": self.organization.client_id,
|
"client_id": self.organization.client_id,
|
||||||
"response_uri": response_uri,
|
"presentation_definition": self.presentation_definition,
|
||||||
"presentation_definition": "...",
|
|
||||||
"nonce": gen_salt(5),
|
"nonce": gen_salt(5),
|
||||||
}
|
}
|
||||||
query_dict = QueryDict('', mutable=True)
|
query_dict = QueryDict('', mutable=True)
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
import json
|
import json
|
||||||
|
import base64
|
||||||
|
|
||||||
from django.views.generic.edit import View
|
from django.views.generic.edit import View
|
||||||
|
|
||||||
from oidc4vp.models import Authorization, Organization
|
from oidc4vp.models import Authorization, Organization
|
||||||
from django.http import HttpResponse
|
from django.http import HttpResponse, Http404
|
||||||
|
from django.shortcuts import get_object_or_404
|
||||||
|
|
||||||
|
|
||||||
# from django.core.mail import send_mail
|
# from django.core.mail import send_mail
|
||||||
|
@ -11,22 +13,37 @@ from django.http import HttpResponse
|
||||||
|
|
||||||
# from utils.idhub_ssikit import verify_presentation
|
# from utils.idhub_ssikit import verify_presentation
|
||||||
# from oidc4vp.models import VPVerifyRequest
|
# from oidc4vp.models import VPVerifyRequest
|
||||||
from django.shortcuts import get_object_or_404
|
|
||||||
# from more_itertools import flatten, unique_everseen
|
# from more_itertools import flatten, unique_everseen
|
||||||
|
|
||||||
|
|
||||||
class VerifyView(View):
|
class VerifyView(View):
|
||||||
def get(self, request, *args, **kwargs):
|
def get(self, request, *args, **kwargs):
|
||||||
org_url = request.GET.get('demand_uri')
|
org = self.validate(request)
|
||||||
org = get_object_or_404(Organization, response_uri=org_url)
|
if not org:
|
||||||
|
raise Http404("Page not Found!")
|
||||||
|
|
||||||
authorization = Authorization(
|
authorization = Authorization(
|
||||||
organization=org,
|
organization=org,
|
||||||
presentation_definition="MemberCredential"
|
presentation_definition="MemberCredential"
|
||||||
)
|
)
|
||||||
import pdb; pdb.set_trace()
|
|
||||||
res = json.dumps({"redirect_uri": authorization.authorize()})
|
|
||||||
return HttpResponse(res)
|
return HttpResponse(res)
|
||||||
|
|
||||||
|
def validate(self, request):
|
||||||
|
auth_header = request.headers.get('Authorization', b'')
|
||||||
|
auth_data = auth_header.split()
|
||||||
|
|
||||||
|
if len(auth_data) == 2 and auth_data[0].lower() == b'basic':
|
||||||
|
decoded_auth = base64.b64decode(auth_data[1]).decode('utf-8')
|
||||||
|
client_id, client_secret = decoded_auth.split(':', 1)
|
||||||
|
org_url = request.GET.get('demand_uri')
|
||||||
|
org = get_object_or_404(
|
||||||
|
Organization,
|
||||||
|
response_uri=org_url,
|
||||||
|
client_id=client_id,
|
||||||
|
client_secret=client_secret
|
||||||
|
)
|
||||||
|
return org
|
||||||
|
|
||||||
def post(self, request, *args, **kwargs):
|
def post(self, request, *args, **kwargs):
|
||||||
import pdb; pdb.set_trace()
|
import pdb; pdb.set_trace()
|
||||||
# # TODO: incorporate request.POST["presentation_submission"] as schema definition
|
# # TODO: incorporate request.POST["presentation_submission"] as schema definition
|
||||||
|
|
Loading…
Reference in New Issue