From cb46c70670257b51bfc5e34ac46d2b1449989988 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 24 Nov 2018 22:26:53 +0100 Subject: [PATCH] Rewrite OAuth Provider Models again --- passbook/oauth_provider/admin.py | 4 -- .../oauth_provider/migrations/0001_initial.py | 23 ++++++-- passbook/oauth_provider/models.py | 8 +-- passbook/oauth_provider/settings.py | 15 +++-- .../templates/oauth2_provider/authorize.html | 58 +++++++++++++++++++ .../templates/oauth2_provider/base.html | 1 + 6 files changed, 92 insertions(+), 17 deletions(-) delete mode 100644 passbook/oauth_provider/admin.py create mode 100644 passbook/oauth_provider/templates/oauth2_provider/authorize.html create mode 100644 passbook/oauth_provider/templates/oauth2_provider/base.html diff --git a/passbook/oauth_provider/admin.py b/passbook/oauth_provider/admin.py deleted file mode 100644 index ee01aa799..000000000 --- a/passbook/oauth_provider/admin.py +++ /dev/null @@ -1,4 +0,0 @@ -"""passbook oauth provider Admin""" -from passbook.lib.admin import admin_autoregister - -admin_autoregister('passbook_oauth_provider') diff --git a/passbook/oauth_provider/migrations/0001_initial.py b/passbook/oauth_provider/migrations/0001_initial.py index 8b17a1f33..483ca9af7 100644 --- a/passbook/oauth_provider/migrations/0001_initial.py +++ b/passbook/oauth_provider/migrations/0001_initial.py @@ -1,6 +1,7 @@ -# Generated by Django 2.1.3 on 2018-11-22 10:03 +# Generated by Django 2.1.3 on 2018-11-24 10:27 import django.db.models.deletion +import oauth2_provider.generators from django.conf import settings from django.db import migrations, models @@ -10,8 +11,8 @@ class Migration(migrations.Migration): initial = True dependencies = [ - ('passbook_core', '0001_initial'), - migrations.swappable_dependency(settings.OAUTH2_PROVIDER_APPLICATION_MODEL), + migrations.swappable_dependency(settings.AUTH_USER_MODEL), + ('passbook_core', '0002_application_skip_authorization'), ] operations = [ @@ -19,8 +20,20 @@ class Migration(migrations.Migration): name='OAuth2Provider', fields=[ ('provider_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Provider')), - ('oauth2_app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.OAUTH2_PROVIDER_APPLICATION_MODEL)), + ('client_id', models.CharField(db_index=True, default=oauth2_provider.generators.generate_client_id, max_length=100, unique=True)), + ('redirect_uris', models.TextField(blank=True, help_text='Allowed URIs list, space separated')), + ('client_type', models.CharField(choices=[('confidential', 'Confidential'), ('public', 'Public')], max_length=32)), + ('authorization_grant_type', models.CharField(choices=[('authorization-code', 'Authorization code'), ('implicit', 'Implicit'), ('password', 'Resource owner password-based'), ('client-credentials', 'Client credentials')], max_length=32)), + ('client_secret', models.CharField(blank=True, db_index=True, default=oauth2_provider.generators.generate_client_secret, max_length=255)), + ('name', models.CharField(blank=True, max_length=255)), + ('skip_authorization', models.BooleanField(default=False)), + ('created', models.DateTimeField(auto_now_add=True)), + ('updated', models.DateTimeField(auto_now=True)), + ('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='passbook_oauth_provider_oauth2provider', to=settings.AUTH_USER_MODEL)), ], - bases=('passbook_core.provider',), + options={ + 'abstract': False, + }, + bases=('passbook_core.provider', models.Model), ), ] diff --git a/passbook/oauth_provider/models.py b/passbook/oauth_provider/models.py index 24ae516f4..79c46b72d 100644 --- a/passbook/oauth_provider/models.py +++ b/passbook/oauth_provider/models.py @@ -1,12 +1,12 @@ """Oauth2 provider product extension""" -from django.db import models -from oauth2_provider.models import Application +from oauth2_provider.models import AbstractApplication from passbook.core.models import Provider -class OAuth2Provider(Provider): +class OAuth2Provider(Provider, AbstractApplication): """Associate an OAuth2 Application with a Product""" - oauth2_app = models.ForeignKey(Application, on_delete=models.CASCADE) + def __str__(self): + return self.name diff --git a/passbook/oauth_provider/settings.py b/passbook/oauth_provider/settings.py index 79072e0d2..5cd3c28b6 100644 --- a/passbook/oauth_provider/settings.py +++ b/passbook/oauth_provider/settings.py @@ -7,10 +7,17 @@ MIDDLEWARE = [ 'oauth2_provider.middleware.OAuth2TokenMiddleware', 'corsheaders.middleware.CorsMiddleware', ] -INSTALLED_APPS = [ - 'oauth2_provider', - 'corsheaders', -] AUTHENTICATION_BACKENDS = [ 'oauth2_provider.backends.OAuth2Backend', ] + +OAUTH2_PROVIDER_APPLICATION_MODEL = 'passbook_oauth_provider.OAuth2Provider' + +OAUTH2_PROVIDER = { + # this is the list of available scopes + 'SCOPES': { + 'openid:userinfo': 'Access OpenID Userinfo', + # 'write': 'Write scope', + # 'groups': 'Access to your groups' + } +} diff --git a/passbook/oauth_provider/templates/oauth2_provider/authorize.html b/passbook/oauth_provider/templates/oauth2_provider/authorize.html new file mode 100644 index 000000000..cf7ae5cd0 --- /dev/null +++ b/passbook/oauth_provider/templates/oauth2_provider/authorize.html @@ -0,0 +1,58 @@ +{% extends "login/base.html" %} + +{% load utils %} +{% load i18n %} + +{% block title %} +{% title 'SSO - Authorize External Source' %} +{% endblock %} + +{% block card %} +
+

{% trans 'SSO - Authorize External Source' %}

+
+{% include 'partials/messages.html' %} +
+ {% csrf_token %} + {% if not error %} + {% csrf_token %} + {% for field in form %} + {% if field.is_hidden %} + {{ field }} + {% endif %} + {% endfor %} +
+

+ {% blocktrans with remote=application.name %} + You're about to sign into {{ remote }} + {% endblocktrans %} +

+

{% trans "Application requires following permissions" %}

+
    + {% for scope in scopes_descriptions %} +
  • {{ scope }}
  • + {% endfor %} +
+ {{ form.errors }} + {{ form.non_field_errors }} +

+ {% blocktrans with user=user %} + You are logged in as {{ user }}. Not you? + {% endblocktrans %} + {% trans 'Logout' %} +

+
+ + {% trans "Cancel" %} +
+
+ {% else %} + + {% endif %} +
+{% endblock %} diff --git a/passbook/oauth_provider/templates/oauth2_provider/base.html b/passbook/oauth_provider/templates/oauth2_provider/base.html new file mode 100644 index 000000000..8759a6fae --- /dev/null +++ b/passbook/oauth_provider/templates/oauth2_provider/base.html @@ -0,0 +1 @@ +{% extends "base/skeleton.html" %} \ No newline at end of file