7 changed files with 4 additions and 101 deletions
--- a/.env.example
+++ b/.env.example
@ -1,8 +1,4 @@
 SECRET_KEY='$omeR@nd0mSecr3tKeyWith4V3ryL0ng$tring!?'
 DEBUG=True
 ALLOWED_HOSTS=.localhost,127.0.0.1
-API_BASE_URL = 'http://localhost:9080/api/'
-STATIC_ROOT = 'musician/static/'
-CLIENT_ID = "ZjYHcERGfUKo26y41VLI4KHz"
-CLIENT_SECRET = "jjUfJq9vOomJaj8Zm5W6OweMG61wQ5G3VyKhBzxLqp5k5HVW"
-OIDC_PROVIDER = "http://localhost:5000"
+API_BASE_URL = 'https://api.examplea.org/'
--- a/musician/api.py
+++ b/musician/api.py
@ -14,7 +14,6 @@ TOKEN_PATH = '/api-token-auth/'
 API_PATHS = {
    # auth
    'token-auth': '/api-token-auth/',
-    'token-auth-v2': '/api-token-auth-v2/',
    'my-account': 'accounts/',

    # services
@ -38,16 +37,13 @@ API_PATHS = {


 class Orchestra(object):
-    def __init__(self, *args, username=None, password=None, token=None, **kwargs):
+    def __init__(self, *args, username=None, password=None, **kwargs):
        self.base_url = kwargs.pop('base_url', settings.API_BASE_URL)
        self.username = username
        self.session = requests.Session()
        self.auth_token = kwargs.pop("auth_token", None)

        if self.auth_token is None:
-            if token:
-                self.auth_token = self.authenticate_token(token)
-            else:
            self.auth_token = self.authenticate(self.username, password)

    def build_absolute_uri(self, path_name):
@ -67,15 +63,6 @@ class Orchestra(object):

        return response.json().get("token", None)

-    def authenticate_token(self, token):
-        url = self.build_absolute_uri('token-auth-v2')
-        response = self.session.post(
-            url,
-            data={"token": token},
-        )
-
-        return response.json().get("token", None)
-
    def request(self, verb, resource=None, url=None, data=None, render_as="json", querystring=None, raise_exception=True):
        assert verb in ["HEAD", "GET", "POST", "PATCH", "PUT", "DELETE"]
        if resource is not None:
--- a/musician/templates/auth/login.html
+++ b/musician/templates/auth/login.html
@ -64,9 +64,6 @@
            </div>
            <!--/#login-content-->
            <div id="login-footer">
-                {% if oidc_provider %}
-                <a href="{{ oidc_provider }}">{% trans "Identification with SSO" %}</a><br />
-                {% endif %}
                <a href="#password_reset" data-toggle="modal" data-target="#forgotPasswordModal">{% trans "Forgot your password? Click here to recover" %}</a>
            </div>
        </div><!-- /#login-wrapper -->
--- a/musician/urls.py
+++ b/musician/urls.py
@ -14,7 +14,6 @@ app_name = 'musician'
 urlpatterns = [
    path('auth/login/', views.LoginView.as_view(), name='login'),
    path('auth/logout/', views.LogoutView.as_view(), name='logout'),
-    path('allow_code', views.AllowCodeView.as_view(), name='allow-code'),
    path('dashboard/', views.DashboardView.as_view(), name='dashboard'),
    path('domains/<int:pk>/', views.DomainDetailView.as_view(), name='domain-detail'),
    path('billing/', views.BillingView.as_view(), name='billing'),
--- a/musician/views.py
+++ b/musician/views.py
@ -1,8 +1,6 @@
 import logging
 import smtplib
 import datetime
-import requests
-import json

 from django.conf import settings
 from django.contrib import messages
@ -22,7 +20,6 @@ from django.views.generic.list import ListView
 from requests.exceptions import HTTPError

 from . import get_version
-from . import api
 from .auth import login as auth_login
 from .auth import logout as auth_logout
 from .forms import LoginForm, MailboxChangePasswordForm, MailboxCreateForm, MailboxUpdateForm, MailForm
@ -36,7 +33,6 @@ from .utils import get_bootstraped_percent
 logger = logging.getLogger(__name__)


-
 class DashboardView(CustomContextMixin, UserTokenRequiredMixin, TemplateView):
    template_name = "musician/dashboard.html"
    extra_context = {
@ -539,61 +535,6 @@ class DomainDetailView(CustomContextMixin, UserTokenRequiredMixin, DetailView):
        return domain


-class AllowCodeView(RedirectView):
-    """
-    Log in the user with OAuth2.
-    """
-    permanent = False
-    success_url = reverse_lazy('musician:dashboard')
-    userinfo = None
-
-    def get_token(self):
-        url = "http://localhost:5000/oauth/token"
-        client_id = settings.CLIENT_ID
-        client_secret = settings.CLIENT_SECRET
-        self.code = self.request.GET.get('code')
-        data = {'grant_type': 'authorization_code', 'code': self.code}
-        auth = (client_id, client_secret)
-        msg = requests.post(url, data=data, auth=auth)
-        self.token = msg.text
-
-    def get(self, request, *args, **kwargs):
-        """
-        Logs in the user.
-        """
-        self.get_token()
-        # self.get_user_info()
-        orchestra = api.Orchestra(token=self.token)
-        self.orchestra_token = orchestra.auth_token
-        self.user = orchestra.retrieve_profile()
-        username = self.user.username
-        auth_login(self.request, username, self.orchestra_token)
-
-        # set user language as active language
-        user_language = self.user.language
-        translation.activate(user_language)
-
-        response = HttpResponseRedirect(self.get_success_url())
-        response.set_cookie(settings.LANGUAGE_COOKIE_NAME, user_language)
-
-        return response
-        # return super().get(*args, **kwargs)
-
-    def get_success_url(self):
-        url = self.get_redirect_url()
-        return url or self.success_url
-
-    def get_redirect_url(self):
-        """Return the user-originating redirect URL if it's safe."""
-        redirect_to = self.success_url
-        url_is_safe = is_safe_url(
-            url=redirect_to,
-            allowed_hosts={self.request.get_host()},
-            require_https=self.request.is_secure(),
-        )
-        return redirect_to if url_is_safe else ''
-
-
 class LoginView(FormView):
    template_name = 'auth/login.html'
    form_class = LoginForm
@ -610,16 +551,6 @@ class LoginView(FormView):
        kwargs['request'] = self.request
        return kwargs

-    def get_oidc_url(self):
-        client_id = settings.CLIENT_ID
-        domain = settings.OIDC_PROVIDER
-        if not client_id or not domain:
-            return
-
-        url = f'{domain}/oauth/authorize?client_id={client_id}'
-        url += '&scope=openid+profile&response_type=code&nonce=abc'
-        return url
-
    def form_valid(self, form):
        """Security check complete. Log the user in."""
        auth_login(self.request, form.username, form.token)
@ -654,7 +585,6 @@ class LoginView(FormView):
        context = super().get_context_data(**kwargs)
        context.update({
            self.redirect_field_name: self.get_redirect_url(),
-            'oidc_provider': self.get_oidc_url(),
            **(self.extra_context or {})
        })
        return context
--- a/requirements.txt
+++ b/requirements.txt
@ -1,5 +1,4 @@
-# django==2.2.27
-django==3.2
+django==2.2.27
 python-decouple==3.1
 django-bootstrap4
 django-extensions
--- a/userpanel/settings.py
+++ b/userpanel/settings.py
@ -175,11 +175,6 @@ URL_SAAS_OWNCLOUD = config('URL_SAAS_OWNCLOUD', None)

 URL_SAAS_WORDPRESS = config('URL_SAAS_WORDPRESS', None)

-CLIENT_ID = config('CLIENT_ID')
-
-CLIENT_SECRET = config('CLIENT_SECRET')
-
-OIDC_PROVIDER = config('OIDC_PROVIDER')

 # Managers: who should get notifications about services changes that
 # may require human actions (e.g. deleted mailboxes)