Commit 5f0fb5f0 authored by Sharad Heft's avatar Sharad Heft

Add existing code from Minder.

parent e589d894
default_app_config = 'test_oauth.apps.TestOauthConfig'
from django.apps import AppConfig
from django.conf import settings
from django.core.exceptions import ImproperlyConfigured
class TestOauthConfig(AppConfig):
name = 'test_oauth'
verbose_name = "TEST OAuth"
def ready(self):
if (
not hasattr(settings, 'TEST_OAUTH_CLIENT_ID') or
type(settings.TEST_OAUTH_CLIENT_ID) != str or
len(settings.TEST_OAUTH_CLIENT_ID) == 0
raise ImproperlyConfigured(
'A non-empty TEST OAuth client ID string must be set as '
'TEST_OAUTH_CLIENT_ID in your Django settings.'
if (
not hasattr(settings, 'TEST_OAUTH_CLIENT_SECRET') or
type(settings.TEST_OAUTH_CLIENT_SECRET) != str or
len(settings.TEST_OAUTH_CLIENT_SECRET) == 0
raise ImproperlyConfigured(
'A non-empty TEST OAuth client secret string must be set as '
'TEST_OAUTH_CLIENT_SECRET in your Django settings.'
from django.contrib.auth import get_user_model
from django.contrib.auth.models import Group
from django.contrib.auth.backends import ModelBackend
from django.conf import settings
from django.db import transaction
UserModel = get_user_model()
class TESTOAuth2Backend(ModelBackend):
def authenticate(self, id=None, username=None, **profile):
if id is None or username is None:
return None
user, _ = UserModel.objects.get_or_create(
if getattr(settings, 'TEST_AUTH_CREATE_GROUPS', False):
for g in profile.get('groups', []):
group, _ = Group.objects.get_or_create(
id=g['id'], name=g['name']
# Adding carveout for Server Admin group
if g['name'] == "Server Admin":
user.is_staff = True
return user
def get_user(self, user_id):
return UserModel.objects.get(pk=user_id)
except UserModel.DoesNotExist:
return None
from django.conf import settings
from requests_oauthlib import OAuth2Session
class TESTOAuth2Session(OAuth2Session):
def __init__(self, **kwargs):
super(TESTOAuth2Session, self).__init__(
redirect_uri=getattr(settings, 'TEST_OAUTH_CLIENT_CALLBACK', None),
def authorization_url(self):
return super(TESTOAuth2Session, self).authorization_url(
def fetch_token(self, **kwargs):
return super(TESTOAuth2Session, self).fetch_token(
def profile(self):
return self.get('').json()
from django.conf.urls import url
from test_oauth import views
app_name = 'test_oauth'
urlpatterns = [
url(r'^login/$', views.login, name='login'),
url(r'^logout/$', views.logout, name='logout'),
url(r'^callback/$', views.callback, name='callback'),
from django.shortcuts import redirect
from django.contrib import auth
from django.views.decorators.cache import never_cache
from test_oauth.session import TESTOAuth2Session
def login(request, next=None):
authorization_url, request.session['oauth_state'] = TESTOAuth2Session(
return redirect(authorization_url)
def logout(request):
if request.user.is_authenticated():
return redirect("/")
def callback(request):
token = (
session = TESTOAuth2Session(token=token)
auth.login(request, auth.authenticate(**session.profile))
return redirect('/')
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment