start implementing openid connect discovery

2019-03-18 20:35:11 +01:00 · 2019-03-18 20:35:11 +01:00 · c9f73d718e
parent bfa58be721
commit c9f73d718e
3 changed files with 37 additions and 3 deletions
--- a/passbook/oauth_client/forms.py
+++ b/passbook/oauth_client/forms.py
@ -120,5 +120,5 @@ class AzureADOAuthSourceForm(OAuthSourceForm):
            'request_token_url': '',
            'authorization_url': 'https://login.microsoftonline.com/common/oauth2/authorize',
            'access_token_url': 'https://login.microsoftonline.com/common/oauth2/token',
-            'profile_url': ' https://login.microsoftonline.com/common/openid/userinfo',
+            'profile_url': ' https://graph.windows.net/myorganization/me?api-version=1.6',
        }
--- a/passbook/oauth_provider/urls.py
+++ b/passbook/oauth_provider/urls.py
@ -3,7 +3,7 @@
 from django.urls import path
 from oauth2_provider import views
-from passbook.oauth_provider.views import oauth2
+from passbook.oauth_provider.views import oauth2, openid
 urlpatterns = [
    # Custom OAuth 2 Authorize View
@ -14,8 +14,12 @@ urlpatterns = [
    path('authorize/permission_denied/', oauth2.OAuthPermissionDenied.as_view(),
         name='oauth2-permission-denied'),
    # OAuth API
    path("authorize/", views.AuthorizationView.as_view(), name="authorize"),
    path("token/", views.TokenView.as_view(), name="token"),
    path("revoke_token/", views.RevokeTokenView.as_view(), name="revoke-token"),
    path("introspect/", views.IntrospectTokenView.as_view(), name="introspect"),
    # OpenID-Connect Discovery
    path('.well-known/openid-configuration', openid.OpenIDConfigurationView.as_view(),
         name='openid-discovery'),
    path('.well-known/jwks.json', openid.JSONWebKeyView.as_view(),
         name='openid-jwks'),
 ]
--- a/passbook/oauth_provider/views/openid.py
+++ b/passbook/oauth_provider/views/openid.py
@ -0,0 +1,30 @@
 """passbook oauth provider OpenID Views"""
 from django.http import HttpRequest, JsonResponse
 from django.shortcuts import reverse
 from django.views.generic import View
 class OpenIDConfigurationView(View):
    """Return OpenID Configuration"""
    def get(self, request: HttpRequest):
        """Get Response conform to https://openid.net/specs/openid-connect-discovery-1_0.html"""
        return JsonResponse({
            'issuer': request.build_absolute_uri(),
            'authorization_endpoint': request.build_absolute_uri(
                reverse('passbook_oauth_provider:oauth2-authorize')),
            'token_endpoint': request.build_absolute_uri(reverse('passbook_oauth_provider:token')),
            "jwks_uri": request.build_absolute_uri(reverse('passbook_oauth_provider:openid-jwks')),
            "scopes_supported": [
                "openid:userinfo",
            ],
        })
 class JSONWebKeyView(View):
    """JSON Web Key View"""
    def get(self, request: HttpRequest):
        """JSON Webkeys are not implemented yet, hence return an empty object"""
        return JsonResponse({})