oauth_client: cleanup

This commit is contained in:
Jens Langhammer 2018-12-18 13:24:26 +01:00
parent 76d70ed3b0
commit f6c5f10d65
8 changed files with 25 additions and 44 deletions

1
.gitignore vendored
View File

@ -190,3 +190,4 @@ pip-selfcheck.json
# End of https://www.gitignore.io/api/python,django # End of https://www.gitignore.io/api/python,django
/static/* /static/*
local.env.yml

View File

@ -1,11 +0,0 @@
"""passbook oauth_client Errors"""
class OAuthClientError(Exception):
"""Base error for all OAuth Client errors"""
pass
class OAuthClientEmailMissingError(OAuthClientError):
"""Error which is raised when user is missing email address from profile"""
pass

View File

@ -0,0 +1,17 @@
# Generated by Django 2.1.4 on 2018-12-18 10:19
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('passbook_oauth_client', '0001_initial'),
]
operations = [
migrations.AlterModelOptions(
name='oauthsource',
options={'verbose_name': 'Generic OAuth Source', 'verbose_name_plural': 'Generic OAuth Sources'},
),
]

View File

@ -2,7 +2,6 @@
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from passbook.oauth_client.errors import OAuthClientEmailMissingError
from passbook.oauth_client.source_types.manager import MANAGER, RequestKind from passbook.oauth_client.source_types.manager import MANAGER, RequestKind
from passbook.oauth_client.utils import user_get_or_create from passbook.oauth_client.utils import user_get_or_create
from passbook.oauth_client.views.core import OAuthCallback, OAuthRedirect from passbook.oauth_client.views.core import OAuthCallback, OAuthRedirect
@ -23,8 +22,6 @@ class FacebookOAuth2Callback(OAuthCallback):
"""Facebook OAuth2 Callback""" """Facebook OAuth2 Callback"""
def get_or_create_user(self, source, access, info): def get_or_create_user(self, source, access, info):
if 'email' not in info:
raise OAuthClientEmailMissingError()
user = get_user_model() user = get_user_model()
user_data = { user_data = {
user.USERNAME_FIELD: info.get('name'), user.USERNAME_FIELD: info.get('name'),

View File

@ -2,7 +2,6 @@
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from passbook.oauth_client.errors import OAuthClientEmailMissingError
from passbook.oauth_client.source_types.manager import MANAGER, RequestKind from passbook.oauth_client.source_types.manager import MANAGER, RequestKind
from passbook.oauth_client.utils import user_get_or_create from passbook.oauth_client.utils import user_get_or_create
from passbook.oauth_client.views.core import OAuthCallback from passbook.oauth_client.views.core import OAuthCallback
@ -13,10 +12,7 @@ class GitHubOAuth2Callback(OAuthCallback):
"""GitHub OAuth2 Callback""" """GitHub OAuth2 Callback"""
def get_or_create_user(self, source, access, info): def get_or_create_user(self, source, access, info):
if 'email' not in info or info['email'] == '':
raise OAuthClientEmailMissingError()
user = get_user_model() user = get_user_model()
print(info)
user_data = { user_data = {
user.USERNAME_FIELD: info.get('login'), user.USERNAME_FIELD: info.get('login'),
'email': info.get('email', ''), 'email': info.get('email', ''),

View File

@ -6,7 +6,6 @@ from django.contrib.auth import get_user_model
from requests.exceptions import RequestException from requests.exceptions import RequestException
from passbook.oauth_client.clients import OAuthClient from passbook.oauth_client.clients import OAuthClient
from passbook.oauth_client.errors import OAuthClientEmailMissingError
from passbook.oauth_client.source_types.manager import MANAGER, RequestKind from passbook.oauth_client.source_types.manager import MANAGER, RequestKind
from passbook.oauth_client.utils import user_get_or_create from passbook.oauth_client.utils import user_get_or_create
from passbook.oauth_client.views.core import OAuthCallback from passbook.oauth_client.views.core import OAuthCallback
@ -37,8 +36,6 @@ class TwitterOAuthCallback(OAuthCallback):
client_class = TwitterOAuthClient client_class = TwitterOAuthClient
def get_or_create_user(self, source, access, info): def get_or_create_user(self, source, access, info):
if 'email' not in info:
raise OAuthClientEmailMissingError()
user = get_user_model() user = get_user_model()
user_data = { user_data = {
user.USERNAME_FIELD: info.get('screen_name'), user.USERNAME_FIELD: info.get('screen_name'),

View File

@ -1,6 +1,4 @@
""" """OAuth Client User Creation Utils"""
OAuth Client User Creation Utils
"""
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from django.db.utils import IntegrityError from django.db.utils import IntegrityError
@ -13,5 +11,6 @@ def user_get_or_create(user_model=None, **kwargs):
try: try:
new_user = user_model.objects.create_user(**kwargs) new_user = user_model.objects.create_user(**kwargs)
except IntegrityError: except IntegrityError:
# TODO: Fix potential username change vuln
new_user = user_model.objects.get(username=kwargs['username']) new_user = user_model.objects.get(username=kwargs['username'])
return new_user return new_user

View File

@ -14,14 +14,12 @@ from django.views.generic import RedirectView, View
from passbook.lib.utils.reflection import app from passbook.lib.utils.reflection import app
from passbook.oauth_client.clients import get_client from passbook.oauth_client.clients import get_client
from passbook.oauth_client.errors import (OAuthClientEmailMissingError,
OAuthClientError)
from passbook.oauth_client.models import OAuthSource, UserOAuthSourceConnection from passbook.oauth_client.models import OAuthSource, UserOAuthSourceConnection
LOGGER = getLogger(__name__) LOGGER = getLogger(__name__)
# pylint: disable=too-few-public-methods, too-many-locals # pylint: disable=too-few-public-methods
class OAuthClientMixin: class OAuthClientMixin:
"Mixin for getting OAuth client for a source." "Mixin for getting OAuth client for a source."
@ -48,7 +46,8 @@ class OAuthRedirect(OAuthClientMixin, RedirectView):
def get_callback_url(self, source): def get_callback_url(self, source):
"Return the callback url for this source." "Return the callback url for this source."
return reverse('oauth-client-callback', kwargs={'source_slug': source.slug}) return reverse('passbook_oauth_client:oauth-client-callback',
kwargs={'source_slug': source.slug})
def get_redirect_url(self, **kwargs): def get_redirect_url(self, **kwargs):
"Build redirect url for a given source." "Build redirect url for a given source."
@ -72,7 +71,6 @@ class OAuthCallback(OAuthClientMixin, View):
source_id = None source_id = None
source = None source = None
# pylint: disable=too-many-return-statements
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
"""View Get handler""" """View Get handler"""
slug = kwargs.get('source_slug', '') slug = kwargs.get('source_slug', '')
@ -115,20 +113,7 @@ class OAuthCallback(OAuthClientMixin, View):
) )
user = authenticate(source=self.source, identifier=identifier, request=request) user = authenticate(source=self.source, identifier=identifier, request=request)
if user is None: if user is None:
try:
return self.handle_new_user(self.source, connection, info) return self.handle_new_user(self.source, connection, info)
except OAuthClientEmailMissingError as exc:
return render(request, 'common/error.html', {
'code': 500,
'exc_message': _("source %(name)s didn't provide an E-Mail address." % {
'name': self.source.name
}),
})
except OAuthClientError as exc:
return render(request, 'common/error.html', {
'code': 500,
'exc_message': str(exc),
})
return self.handle_existing_user(self.source, user, connection, info) return self.handle_existing_user(self.source, user, connection, info)
# pylint: disable=unused-argument # pylint: disable=unused-argument
@ -144,7 +129,7 @@ class OAuthCallback(OAuthClientMixin, View):
# pylint: disable=unused-argument # pylint: disable=unused-argument
def get_login_redirect(self, source, user, access, new=False): def get_login_redirect(self, source, user, access, new=False):
"Return url to redirect authenticated users." "Return url to redirect authenticated users."
return 'overview' return 'passbook_core:overview'
def get_or_create_user(self, source, access, info): def get_or_create_user(self, source, access, info):
"Create a shell auth.User." "Create a shell auth.User."