Compare commits

...

3 Commits

Author SHA1 Message Date
Cayo Puigdefabregas 533d749711 add comunication with id_provider 2023-09-27 14:03:14 +02:00
Cayo Puigdefabregas 01369ff737 add endpoint api-token-auth-v2 2023-09-27 14:02:29 +02:00
Cayo Puigdefabregas 99d31d5030 fix orchestra-admin 2023-09-27 14:01:43 +02:00
3 changed files with 39 additions and 4 deletions

View File

@ -150,9 +150,9 @@ function install_requirements () {
fi fi
# cracklib and lxml are excluded on the requirements.txt because they need unconvinient system dependencies # cracklib and lxml are excluded on the requirements.txt because they need unconvinient system dependencies
PIP="$(wget http://git.io/orchestra-requirements.txt -O - | tr '\n' ' ') \ PIP="$(cat requirements.txt -O - | tr '\n' ' ') \
cracklib \ cracklib \
lxml==3.3.5" lxml==4.9.3"
if $testing; then if $testing; then
PIP="${PIP} \ PIP="${PIP} \
selenium \ selenium \

View File

@ -2,7 +2,7 @@ from django.contrib import admin
from django.conf.urls import include, url from django.conf.urls import include, url
from rest_framework.authtoken.views import obtain_auth_token from rest_framework.authtoken.views import obtain_auth_token
from orchestra.views import serve_private_media from orchestra.views import serve_private_media, obtain_auth_token_v2
from . import api from . import api
from .utils.apps import isinstalled from .utils.apps import isinstalled
@ -20,6 +20,7 @@ urlpatterns = [
url(r'^api/', include(api.router.urls)), url(r'^api/', include(api.router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')), url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
url(r'^api-token-auth/', obtain_auth_token, name='api-token-auth'), url(r'^api-token-auth/', obtain_auth_token, name='api-token-auth'),
url(r'^api-token-auth-v2/', obtain_auth_token_v2, name='api-token-auth-v2'),
url(r'^media/(.+)/(.+)/(.+)/(.+)/(.+)$', serve_private_media, name='private-media'), url(r'^media/(.+)/(.+)/(.+)/(.+)/(.+)$', serve_private_media, name='private-media'),
# url(r'search', 'orchestra.views.search', name='search'), # url(r'search', 'orchestra.views.search', name='search'),
] ]

View File

@ -1,9 +1,14 @@
import json
import requests
from django.apps import apps from django.apps import apps
from django.http import Http404 from django.http import Http404, JsonResponse
from django.contrib.admin.utils import unquote from django.contrib.admin.utils import unquote
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404
from django.views.static import serve from django.views.static import serve
from django.views.decorators.csrf import csrf_exempt
from rest_framework.authtoken.models import Token
from orchestra.contrib.accounts.models import Account
def serve_private_media(request, app_label, model_name, field_name, object_id, filename): def serve_private_media(request, app_label, model_name, field_name, object_id, filename):
@ -18,3 +23,32 @@ def serve_private_media(request, app_label, model_name, field_name, object_id, f
return serve(request, field.name, document_root=field.storage.location) return serve(request, field.name, document_root=field.storage.location)
else: else:
raise PermissionDenied() raise PermissionDenied()
def get_user_info(token):
url = "http://localhost:5000/oauth/userinfo"
access_token = token['access_token']
token_type = token.get('token_type', 'Bearer')
headers = {"Authorization": f"{token_type} {access_token}"}
msg = requests.get(url, headers=headers)
userinfo = json.loads(msg.text)
username = userinfo.get('username')
return username
@csrf_exempt
def obtain_auth_token_v2(request):
oidc_token = request.POST.get('token')
if not oidc_token:
raise PermissionDenied()
oidc_token = json.loads(oidc_token)
username = get_user_info(oidc_token)
users = Account.objects.filter(username=username)
if not users:
raise PermissionDenied()
user = users[0]
token = Token.objects.get_or_create(user=user)
if len(token) == 2:
return JsonResponse({"token": token[0].key})