Commit 5f0fb5f0 authored by Sharad Heft's avatar Sharad Heft

Add existing code from Minder.

parent e589d894
default_app_config = 'test_oauth.apps.TestOauthConfig'
from django.apps import AppConfig
from django.conf import settings
from django.core.exceptions import ImproperlyConfigured
class TestOauthConfig(AppConfig):
name = 'test_oauth'
verbose_name = "TEST OAuth"
def ready(self):
if (
not hasattr(settings, 'TEST_OAUTH_CLIENT_ID') or
type(settings.TEST_OAUTH_CLIENT_ID) != str or
len(settings.TEST_OAUTH_CLIENT_ID) == 0
):
raise ImproperlyConfigured(
'A non-empty TEST OAuth client ID string must be set as '
'TEST_OAUTH_CLIENT_ID in your Django settings.'
)
if (
not hasattr(settings, 'TEST_OAUTH_CLIENT_SECRET') or
type(settings.TEST_OAUTH_CLIENT_SECRET) != str or
len(settings.TEST_OAUTH_CLIENT_SECRET) == 0
):
raise ImproperlyConfigured(
'A non-empty TEST OAuth client secret string must be set as '
'TEST_OAUTH_CLIENT_SECRET in your Django settings.'
)
from django.contrib.auth import get_user_model
from django.contrib.auth.models import Group
from django.contrib.auth.backends import ModelBackend
from django.conf import settings
from django.db import transaction
UserModel = get_user_model()
class TESTOAuth2Backend(ModelBackend):
@transaction.atomic
def authenticate(self, id=None, username=None, **profile):
if id is None or username is None:
return None
user, _ = UserModel.objects.get_or_create(
pk=id,
username=username
)
user.groups.clear()
if getattr(settings, 'TEST_AUTH_CREATE_GROUPS', False):
for g in profile.get('groups', []):
group, _ = Group.objects.get_or_create(
id=g['id'], name=g['name']
)
user.groups.add(group)
# Adding carveout for Server Admin group
if g['name'] == "Server Admin":
user.is_staff = True
user.save()
return user
def get_user(self, user_id):
try:
return UserModel.objects.get(pk=user_id)
except UserModel.DoesNotExist:
return None
from django.conf import settings
from requests_oauthlib import OAuth2Session
AUTHORIZATION_URI = 'https://auth.pleaseignore.com/o2/authorize/'
TOKEN_URI = 'https://auth.pleaseignore.com/o2/token/'
class TESTOAuth2Session(OAuth2Session):
def __init__(self, **kwargs):
super(TESTOAuth2Session, self).__init__(
client_id=settings.TEST_OAUTH_CLIENT_ID,
redirect_uri=getattr(settings, 'TEST_OAUTH_CLIENT_CALLBACK', None),
**kwargs
)
def authorization_url(self):
return super(TESTOAuth2Session, self).authorization_url(
AUTHORIZATION_URI
)
def fetch_token(self, **kwargs):
return super(TESTOAuth2Session, self).fetch_token(
TOKEN_URI,
client_secret=settings.TEST_OAUTH_CLIENT_SECRET,
**kwargs
)
@property
def profile(self):
return self.get('https://auth.pleaseignore.com/api/3.0/profile').json()
from django.conf.urls import url
from test_oauth import views
app_name = 'test_oauth'
urlpatterns = [
url(r'^login/$', views.login, name='login'),
url(r'^logout/$', views.logout, name='logout'),
url(r'^callback/$', views.callback, name='callback'),
]
from django.shortcuts import redirect
from django.contrib import auth
from django.views.decorators.cache import never_cache
from test_oauth.session import TESTOAuth2Session
@never_cache
def login(request, next=None):
authorization_url, request.session['oauth_state'] = TESTOAuth2Session(
scope=['read_profile'],
).authorization_url()
return redirect(authorization_url)
@never_cache
def logout(request):
if request.user.is_authenticated():
auth.logout(request)
return redirect("/")
@never_cache
def callback(request):
token = (
TESTOAuth2Session(state=request.session['oauth_state'])
.fetch_token(code=request.GET['code'])
)
session = TESTOAuth2Session(token=token)
auth.login(request, auth.authenticate(**session.profile))
return redirect('/')
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment