authentik/passbook/providers/oauth2/views/provider.py

"""passbook OAuth2 OpenID well-known views"""
from typing import Any, Dict

from django.http import HttpRequest, HttpResponse, JsonResponse
from django.shortcuts import get_object_or_404, reverse
from django.views import View
from structlog import get_logger

from passbook.core.models import Application
from passbook.providers.oauth2.models import OAuth2Provider

LOGGER = get_logger()

PLAN_CONTEXT_PARAMS = "params"
PLAN_CONTEXT_SCOPES = "scopes"


class ProviderInfoView(View):
    """OpenID-compliant Provider Info"""

    def get_info(self, provider: OAuth2Provider) -> Dict[str, Any]:
        """Get dictionary for OpenID Connect information"""
        return {
            "issuer": provider.get_issuer(self.request),
            "authorization_endpoint": self.request.build_absolute_uri(
                reverse("passbook_providers_oauth2:authorize")
            ),
            "token_endpoint": self.request.build_absolute_uri(
                reverse("passbook_providers_oauth2:token")
            ),
            "userinfo_endpoint": self.request.build_absolute_uri(
                reverse("passbook_providers_oauth2:userinfo")
            ),
            "end_session_endpoint": self.request.build_absolute_uri(
                reverse(
                    "passbook_providers_oauth2:end-session",
                    kwargs={"application_slug": provider.application.slug},
                )
            ),
            "introspection_endpoint": self.request.build_absolute_uri(
                reverse("passbook_providers_oauth2:token-introspection")
            ),
            "response_types_supported": [provider.response_type],
            "jwks_uri": self.request.build_absolute_uri(
                reverse(
                    "passbook_providers_oauth2:jwks",
                    kwargs={"application_slug": provider.application.slug},
                )
            ),
            "id_token_signing_alg_values_supported": [provider.jwt_alg],
            # See: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
            "subject_types_supported": ["public"],
            "token_endpoint_auth_methods_supported": [
                "client_secret_post",
                "client_secret_basic",
            ],
        }

    # pylint: disable=unused-argument
    def get(
        self, request: HttpRequest, application_slug: str, *args, **kwargs
    ) -> HttpResponse:
        """OpenID-compliant Provider Info"""

        application = get_object_or_404(Application, slug=application_slug)
        provider: OAuth2Provider = get_object_or_404(
            OAuth2Provider, pk=application.provider_id
        )
        response = JsonResponse(
            self.get_info(provider), json_dumps_params={"indent": 2}
        )
        response["Access-Control-Allow-Origin"] = "*"

        return response
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`"""passbook OAuth2 OpenID well-known views"""`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`from typing import Any, Dict`

OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`from django.http import HttpRequest, HttpResponse, JsonResponse`
			`from django.shortcuts import get_object_or_404, reverse`
			`from django.views import View`
			`from structlog import get_logger`

			`from passbook.core.models import Application`
			`from passbook.providers.oauth2.models import OAuth2Provider`

			`LOGGER = get_logger()`

			`PLAN_CONTEXT_PARAMS = "params"`
			`PLAN_CONTEXT_SCOPES = "scopes"`


			`class ProviderInfoView(View):`
			`"""OpenID-compliant Provider Info"""`

Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`def get_info(self, provider: OAuth2Provider) -> Dict[str, Any]:`
			`"""Get dictionary for OpenID Connect information"""`
			`return {`
			`"issuer": provider.get_issuer(self.request),`
			`"authorization_endpoint": self.request.build_absolute_uri(`
			`reverse("passbook_providers_oauth2:authorize")`
			`),`
			`"token_endpoint": self.request.build_absolute_uri(`
			`reverse("passbook_providers_oauth2:token")`
			`),`
			`"userinfo_endpoint": self.request.build_absolute_uri(`
			`reverse("passbook_providers_oauth2:userinfo")`
			`),`
			`"end_session_endpoint": self.request.build_absolute_uri(`
providers/oauth2: fix end-session view not working, add tests 2020-09-17 19:55:01 +00:00			`reverse(`
			`"passbook_providers_oauth2:end-session",`
			`kwargs={"application_slug": provider.application.slug},`
			`)`
Proxy v2 (#189) 2020-09-02 22:04:12 +00:00			`),`
			`"introspection_endpoint": self.request.build_absolute_uri(`
			`reverse("passbook_providers_oauth2:token-introspection")`
			`),`
			`"response_types_supported": [provider.response_type],`
			`"jwks_uri": self.request.build_absolute_uri(`
			`reverse(`
			`"passbook_providers_oauth2:jwks",`
			`kwargs={"application_slug": provider.application.slug},`
			`)`
			`),`
			`"id_token_signing_alg_values_supported": [provider.jwt_alg],`
			`# See: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes`
			`"subject_types_supported": ["public"],`
			`"token_endpoint_auth_methods_supported": [`
			`"client_secret_post",`
			`"client_secret_basic",`
			`],`
			`}`

OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`# pylint: disable=unused-argument`
			`def get(`
			`self, request: HttpRequest, application_slug: str, args, *kwargs`
			`) -> HttpResponse:`
			`"""OpenID-compliant Provider Info"""`

			`application = get_object_or_404(Application, slug=application_slug)`
			`provider: OAuth2Provider = get_object_or_404(`
			`OAuth2Provider, pk=application.provider_id`
			`)`
providers/oauth2: make openid-configuration easily readable 2020-09-18 22:32:20 +00:00			`response = JsonResponse(`
			`self.get_info(provider), json_dumps_params={"indent": 2}`
			`)`
OAuth Provider Rewrite (#182) 2020-08-19 08:32:44 +00:00			`response["Access-Control-Allow-Origin"] = "*"`

			`return response`