2023-11-27 09:59:30 +00:00
|
|
|
import json
|
2023-11-28 16:33:24 +00:00
|
|
|
import base64
|
2023-11-24 15:36:05 +00:00
|
|
|
|
2023-11-29 11:06:53 +00:00
|
|
|
from django.conf import settings
|
2023-11-29 12:21:49 +00:00
|
|
|
from django.views.generic.edit import View, FormView
|
|
|
|
from django.http import HttpResponse, Http404
|
|
|
|
from django.shortcuts import get_object_or_404, redirect
|
|
|
|
from django.utils.translation import gettext_lazy as _
|
|
|
|
from django.urls import reverse_lazy
|
2023-11-24 15:36:05 +00:00
|
|
|
|
2023-11-28 11:49:28 +00:00
|
|
|
from oidc4vp.models import Authorization, Organization
|
2023-11-29 12:21:49 +00:00
|
|
|
from idhub.mixins import UserView
|
2023-11-28 09:48:57 +00:00
|
|
|
|
2023-11-29 16:29:31 +00:00
|
|
|
from oidc4vp.forms import AuthorizeForm
|
|
|
|
|
2023-11-28 08:39:02 +00:00
|
|
|
|
2023-11-28 09:48:57 +00:00
|
|
|
# from django.core.mail import send_mail
|
|
|
|
# from django.http import HttpResponse, HttpResponseRedirect
|
|
|
|
|
|
|
|
# from utils.idhub_ssikit import verify_presentation
|
|
|
|
# from oidc4vp.models import VPVerifyRequest
|
|
|
|
# from more_itertools import flatten, unique_everseen
|
2023-11-28 08:39:02 +00:00
|
|
|
|
|
|
|
|
2023-11-29 12:21:49 +00:00
|
|
|
class AuthorizeView(UserView, FormView):
|
|
|
|
title = _("My wallet")
|
|
|
|
section = "MyWallet"
|
|
|
|
template_name = "credentials_presentation.html"
|
|
|
|
subtitle = _('Credential presentation')
|
|
|
|
icon = 'bi bi-patch-check-fill'
|
2023-11-29 16:29:31 +00:00
|
|
|
form_class = AuthorizeForm
|
2023-11-29 12:21:49 +00:00
|
|
|
success_url = reverse_lazy('idhub:user_demand_authorization')
|
|
|
|
|
|
|
|
def get_form_kwargs(self):
|
|
|
|
kwargs = super().get_form_kwargs()
|
|
|
|
kwargs['user'] = self.request.user
|
2023-11-29 16:29:31 +00:00
|
|
|
vps = self.request.GET.get('presentation_definition')
|
|
|
|
# import pdb; pdb.set_trace()
|
|
|
|
kwargs['presentation_definition'] = json.loads(vps)
|
2023-11-29 12:21:49 +00:00
|
|
|
return kwargs
|
|
|
|
|
|
|
|
def form_valid(self, form):
|
|
|
|
authorization = form.save()
|
|
|
|
if authorization:
|
|
|
|
return redirect(authorization)
|
|
|
|
else:
|
|
|
|
messages.error(self.request, _("Error sending credential!"))
|
|
|
|
return super().form_valid(form)
|
2023-11-29 11:27:20 +00:00
|
|
|
|
|
|
|
|
2023-11-28 09:48:57 +00:00
|
|
|
class VerifyView(View):
|
|
|
|
def get(self, request, *args, **kwargs):
|
2023-11-28 16:33:24 +00:00
|
|
|
org = self.validate(request)
|
2023-11-29 11:06:53 +00:00
|
|
|
presentation_definition = json.dumps(settings.SUPPORTED_CREDENTIALS)
|
2023-11-28 11:49:28 +00:00
|
|
|
authorization = Authorization(
|
|
|
|
organization=org,
|
2023-11-29 10:18:12 +00:00
|
|
|
presentation_definition=presentation_definition
|
2023-11-28 11:49:28 +00:00
|
|
|
)
|
2023-11-29 10:18:12 +00:00
|
|
|
res = json.dumps({"redirect_uri": authorization.authorize()})
|
2023-11-28 09:48:57 +00:00
|
|
|
return HttpResponse(res)
|
2023-11-28 08:39:02 +00:00
|
|
|
|
2023-11-28 16:33:24 +00:00
|
|
|
def validate(self, request):
|
|
|
|
auth_header = request.headers.get('Authorization', b'')
|
|
|
|
auth_data = auth_header.split()
|
|
|
|
|
2023-11-29 10:42:20 +00:00
|
|
|
if len(auth_data) == 2 and auth_data[0].lower() == 'basic':
|
2023-11-28 16:33:24 +00:00
|
|
|
decoded_auth = base64.b64decode(auth_data[1]).decode('utf-8')
|
|
|
|
client_id, client_secret = decoded_auth.split(':', 1)
|
|
|
|
org_url = request.GET.get('demand_uri')
|
|
|
|
org = get_object_or_404(
|
|
|
|
Organization,
|
|
|
|
response_uri=org_url,
|
|
|
|
client_id=client_id,
|
|
|
|
client_secret=client_secret
|
|
|
|
)
|
|
|
|
return org
|
|
|
|
|
2023-11-29 12:21:49 +00:00
|
|
|
raise Http404("Organization not found!")
|
|
|
|
|
2023-11-28 11:49:28 +00:00
|
|
|
def post(self, request, *args, **kwargs):
|
2023-11-29 10:18:12 +00:00
|
|
|
org = self.validate(request)
|
2023-11-29 16:29:31 +00:00
|
|
|
# import pdb; pdb.set_trace()
|
2023-11-28 11:49:28 +00:00
|
|
|
# # TODO: incorporate request.POST["presentation_submission"] as schema definition
|
|
|
|
# (presentation_valid, _) = verify_presentation(request.POST["vp_token"])
|
|
|
|
# if not presentation_valid:
|
|
|
|
# raise Exception("Failed to verify signature on the given Verifiable Presentation.")
|
|
|
|
# vp = json.loads(request.POST["vp_token"])
|
|
|
|
# nonce = vp["nonce"]
|
|
|
|
# # "vr" = verification_request
|
|
|
|
# vr = get_object_or_404(VPVerifyRequest, nonce=nonce) # TODO: return meaningful error, not 404
|
|
|
|
# # Get a list of all included verifiable credential types
|
|
|
|
# included_credential_types = unique_everseen(flatten([
|
|
|
|
# vc["type"] for vc in vp["verifiableCredential"]
|
|
|
|
# ]))
|
|
|
|
# # Check that it matches what we requested
|
|
|
|
# for requested_vc_type in json.loads(vr.expected_credentials):
|
|
|
|
# if requested_vc_type not in included_credential_types:
|
|
|
|
# raise Exception("You're missing some credentials we requested!") # TODO: return meaningful error
|
|
|
|
# # Perform whatever action we have to do
|
|
|
|
# action = json.loads(vr.action)
|
|
|
|
# if action["action"] == "send_mail":
|
|
|
|
# subject = action["params"]["subject"]
|
|
|
|
# to_email = action["params"]["to"]
|
|
|
|
# from_email = "noreply@verifier-portal"
|
|
|
|
# body = request.POST["vp-token"]
|
|
|
|
# send_mail(
|
|
|
|
# subject,
|
|
|
|
# body,
|
|
|
|
# from_email,
|
|
|
|
# [to_email]
|
|
|
|
# )
|
|
|
|
# elif action["action"] == "something-else":
|
|
|
|
# pass
|
|
|
|
# else:
|
|
|
|
# raise Exception("Unknown action!")
|
|
|
|
# # OK! Your verifiable presentation was successfully presented.
|
|
|
|
# return HttpResponseRedirect(vr.response_or_redirect)
|