Add existing code from Minder.

5f0fb5f0 · Sharad Heft · e589d894 · 5f0fb5f0 · 5f0fb5f0 · 5f0fb5f0
Commit 5f0fb5f0 authored Nov 05, 2017 by Sharad Heft
--- a/test_oauth/__init__.py
+++ b/test_oauth/__init__.py
+default_app_config = 'test_oauth.apps.TestOauthConfig'
--- a/test_oauth/apps.py
+++ b/test_oauth/apps.py
+from django.apps import AppConfig
+from django.conf import settings
+from django.core.exceptions import ImproperlyConfigured
+
+
+class TestOauthConfig(AppConfig):
+    name = 'test_oauth'
+    verbose_name = "TEST OAuth"
+
+    def ready(self):
+        if (
+            not hasattr(settings, 'TEST_OAUTH_CLIENT_ID') or
+            type(settings.TEST_OAUTH_CLIENT_ID) != str or
+            len(settings.TEST_OAUTH_CLIENT_ID) == 0
+        ):
+            raise ImproperlyConfigured(
+                'A non-empty TEST OAuth client ID string must be set as '
+                'TEST_OAUTH_CLIENT_ID in your Django settings.'
+            )
+
+        if (
+            not hasattr(settings, 'TEST_OAUTH_CLIENT_SECRET') or
+            type(settings.TEST_OAUTH_CLIENT_SECRET) != str or
+            len(settings.TEST_OAUTH_CLIENT_SECRET) == 0
+        ):
+            raise ImproperlyConfigured(
+                'A non-empty TEST OAuth client secret string must be set as '
+                'TEST_OAUTH_CLIENT_SECRET in your Django settings.'
+            )
--- a/test_oauth/backend.py
+++ b/test_oauth/backend.py
+from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group
+from django.contrib.auth.backends import ModelBackend
+from django.conf import settings
+from django.db import transaction
+
+
+UserModel = get_user_model()
+
+
+class TESTOAuth2Backend(ModelBackend):
+    @transaction.atomic
+    def authenticate(self, id=None, username=None, **profile):
+        if id is None or username is None:
+            return None
+
+        user, _ = UserModel.objects.get_or_create(
+            pk=id,
+            username=username
+        )
+
+        user.groups.clear()
+
+        if getattr(settings, 'TEST_AUTH_CREATE_GROUPS', False):
+            for g in profile.get('groups', []):
+                group, _ = Group.objects.get_or_create(
+                    id=g['id'], name=g['name']
+                )
+
+                user.groups.add(group)
+
+                # Adding carveout for Server Admin group
+                if g['name'] == "Server Admin":
+                    user.is_staff = True
+
+        user.save()
+
+        return user
+
+    def get_user(self, user_id):
+        try:
+            return UserModel.objects.get(pk=user_id)
+        except UserModel.DoesNotExist:
+            return None
--- a/test_oauth/session.py
+++ b/test_oauth/session.py
+from django.conf import settings
+from requests_oauthlib import OAuth2Session
+
+
+AUTHORIZATION_URI = 'https://auth.pleaseignore.com/o2/authorize/'
+TOKEN_URI = 'https://auth.pleaseignore.com/o2/token/'
+
+
+class TESTOAuth2Session(OAuth2Session):
+    def __init__(self, **kwargs):
+        super(TESTOAuth2Session, self).__init__(
+            client_id=settings.TEST_OAUTH_CLIENT_ID,
+            redirect_uri=getattr(settings, 'TEST_OAUTH_CLIENT_CALLBACK', None),
+            **kwargs
+        )
+
+    def authorization_url(self):
+        return super(TESTOAuth2Session, self).authorization_url(
+            AUTHORIZATION_URI
+        )
+
+    def fetch_token(self, **kwargs):
+        return super(TESTOAuth2Session, self).fetch_token(
+            TOKEN_URI,
+            client_secret=settings.TEST_OAUTH_CLIENT_SECRET,
+            **kwargs
+        )
+
+    @property
+    def profile(self):
+        return self.get('https://auth.pleaseignore.com/api/3.0/profile').json()
--- a/test_oauth/urls.py
+++ b/test_oauth/urls.py
+from django.conf.urls import url
+from test_oauth import views
+
+app_name = 'test_oauth'
+
+urlpatterns = [
+    url(r'^login/$', views.login, name='login'),
+    url(r'^logout/$', views.logout, name='logout'),
+    url(r'^callback/$', views.callback, name='callback'),
+]
--- a/test_oauth/views.py
+++ b/test_oauth/views.py
+from django.shortcuts import redirect
+from django.contrib import auth
+from django.views.decorators.cache import never_cache
+
+from test_oauth.session import TESTOAuth2Session
+
+
+@never_cache
+def login(request, next=None):
+    authorization_url, request.session['oauth_state'] = TESTOAuth2Session(
+        scope=['read_profile'],
+    ).authorization_url()
+
+    return redirect(authorization_url)
+
+
+@never_cache
+def logout(request):
+    if request.user.is_authenticated():
+        auth.logout(request)
+    return redirect("/")
+
+
+@never_cache
+def callback(request):
+    token = (
+        TESTOAuth2Session(state=request.session['oauth_state'])
+        .fetch_token(code=request.GET['code'])
+    )
+
+    session = TESTOAuth2Session(token=token)
+
+    auth.login(request, auth.authenticate(**session.profile))
+
+    return redirect('/')