first step of oidc

idhub/user/forms.py

@@ -81,10 +81,8 @@ class DemandAuthorizationForm(forms.Form):
         if commit:
             url = self.org.demand_authorization()
             auth = (self.org.client_id, self.org.client_secret)
-            # res = requests.get(url, auth=auth)
-            # import pdb; pdb.set_trace()
-            # if res.status == 200:
-                # return res.body
+            if url.status_code == 200:
+                return url.json().get('redirect_uri')
         
         return 
 

idhub/user/views.py

@@ -160,9 +160,9 @@ class DemandAuthorizationView(MyWallet, FormView):
     
     def form_valid(self, form):
         authorization = form.save()
+        # import pdb; pdb.set_trace()
         if authorization:
-            if authorization.get('redirect_uri'):
-                redirect(authorization.get('redirect_uri'))
+            redirect(authorization)
         else:
             messages.error(self.request, _("Error sending credential!"))
         return super().form_valid(form)

oidc4vp/models.py

@@ -112,15 +112,11 @@ class Authorization(models.Model):
     )
 
     def authorize(self):
-        response_uri = self.__class__.objects.filter(
-            response_uri=settings.ALLOW_CODE_URI
-        )
         data = {
             "response_type": "vp_token",
             "response_mode": "direct_post",
             "client_id": self.organization.client_id,
-            "response_uri": response_uri,
-            "presentation_definition": "...",
+            "presentation_definition": self.presentation_definition,
             "nonce": gen_salt(5),
         }
         query_dict = QueryDict('', mutable=True)

oidc4vp/views.py

@@ -1,9 +1,11 @@
 import json
+import base64
 
 from django.views.generic.edit import View
 
 from oidc4vp.models import Authorization, Organization
-from django.http import HttpResponse
+from django.http import HttpResponse, Http404
+from django.shortcuts import get_object_or_404
 
 
 # from django.core.mail import send_mail
@@ -11,22 +13,37 @@ from django.http import HttpResponse
 
 # from utils.idhub_ssikit import verify_presentation
 # from oidc4vp.models import VPVerifyRequest
-from django.shortcuts import get_object_or_404
 # from more_itertools import flatten, unique_everseen
 
 
 class VerifyView(View):
     def get(self, request, *args, **kwargs):
-        org_url = request.GET.get('demand_uri')
-        org = get_object_or_404(Organization, response_uri=org_url)
+        org = self.validate(request)
+        if not org:
+            raise Http404("Page not Found!")
+        
         authorization = Authorization(
             organization=org,
             presentation_definition="MemberCredential"
         )
-        import pdb; pdb.set_trace()
-        res = json.dumps({"redirect_uri": authorization.authorize()})
         return HttpResponse(res)
 
+    def validate(self, request):
+        auth_header = request.headers.get('Authorization', b'')
+        auth_data = auth_header.split()
+
+        if len(auth_data) == 2 and auth_data[0].lower() == b'basic':
+            decoded_auth = base64.b64decode(auth_data[1]).decode('utf-8')
+            client_id, client_secret = decoded_auth.split(':', 1)
+            org_url = request.GET.get('demand_uri')
+            org = get_object_or_404(
+                Organization,
+                response_uri=org_url,
+                client_id=client_id,
+                client_secret=client_secret
+            )
+            return org
+
     def post(self, request, *args, **kwargs):
         import pdb; pdb.set_trace()
         # # TODO: incorporate request.POST["presentation_submission"] as schema definition