Rewrite OAuth Provider Models again
This commit is contained in:
parent
32945250b6
commit
cb46c70670
|
@ -1,4 +0,0 @@
|
||||||
"""passbook oauth provider Admin"""
|
|
||||||
from passbook.lib.admin import admin_autoregister
|
|
||||||
|
|
||||||
admin_autoregister('passbook_oauth_provider')
|
|
|
@ -1,6 +1,7 @@
|
||||||
# Generated by Django 2.1.3 on 2018-11-22 10:03
|
# Generated by Django 2.1.3 on 2018-11-24 10:27
|
||||||
|
|
||||||
import django.db.models.deletion
|
import django.db.models.deletion
|
||||||
|
import oauth2_provider.generators
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.db import migrations, models
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
@ -10,8 +11,8 @@ class Migration(migrations.Migration):
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
('passbook_core', '0001_initial'),
|
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
|
||||||
migrations.swappable_dependency(settings.OAUTH2_PROVIDER_APPLICATION_MODEL),
|
('passbook_core', '0002_application_skip_authorization'),
|
||||||
]
|
]
|
||||||
|
|
||||||
operations = [
|
operations = [
|
||||||
|
@ -19,8 +20,20 @@ class Migration(migrations.Migration):
|
||||||
name='OAuth2Provider',
|
name='OAuth2Provider',
|
||||||
fields=[
|
fields=[
|
||||||
('provider_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Provider')),
|
('provider_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Provider')),
|
||||||
('oauth2_app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.OAUTH2_PROVIDER_APPLICATION_MODEL)),
|
('client_id', models.CharField(db_index=True, default=oauth2_provider.generators.generate_client_id, max_length=100, unique=True)),
|
||||||
|
('redirect_uris', models.TextField(blank=True, help_text='Allowed URIs list, space separated')),
|
||||||
|
('client_type', models.CharField(choices=[('confidential', 'Confidential'), ('public', 'Public')], max_length=32)),
|
||||||
|
('authorization_grant_type', models.CharField(choices=[('authorization-code', 'Authorization code'), ('implicit', 'Implicit'), ('password', 'Resource owner password-based'), ('client-credentials', 'Client credentials')], max_length=32)),
|
||||||
|
('client_secret', models.CharField(blank=True, db_index=True, default=oauth2_provider.generators.generate_client_secret, max_length=255)),
|
||||||
|
('name', models.CharField(blank=True, max_length=255)),
|
||||||
|
('skip_authorization', models.BooleanField(default=False)),
|
||||||
|
('created', models.DateTimeField(auto_now_add=True)),
|
||||||
|
('updated', models.DateTimeField(auto_now=True)),
|
||||||
|
('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='passbook_oauth_provider_oauth2provider', to=settings.AUTH_USER_MODEL)),
|
||||||
],
|
],
|
||||||
bases=('passbook_core.provider',),
|
options={
|
||||||
|
'abstract': False,
|
||||||
|
},
|
||||||
|
bases=('passbook_core.provider', models.Model),
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
"""Oauth2 provider product extension"""
|
"""Oauth2 provider product extension"""
|
||||||
|
|
||||||
from django.db import models
|
from oauth2_provider.models import AbstractApplication
|
||||||
from oauth2_provider.models import Application
|
|
||||||
|
|
||||||
from passbook.core.models import Provider
|
from passbook.core.models import Provider
|
||||||
|
|
||||||
|
|
||||||
class OAuth2Provider(Provider):
|
class OAuth2Provider(Provider, AbstractApplication):
|
||||||
"""Associate an OAuth2 Application with a Product"""
|
"""Associate an OAuth2 Application with a Product"""
|
||||||
|
|
||||||
oauth2_app = models.ForeignKey(Application, on_delete=models.CASCADE)
|
def __str__(self):
|
||||||
|
return self.name
|
||||||
|
|
|
@ -7,10 +7,17 @@ MIDDLEWARE = [
|
||||||
'oauth2_provider.middleware.OAuth2TokenMiddleware',
|
'oauth2_provider.middleware.OAuth2TokenMiddleware',
|
||||||
'corsheaders.middleware.CorsMiddleware',
|
'corsheaders.middleware.CorsMiddleware',
|
||||||
]
|
]
|
||||||
INSTALLED_APPS = [
|
|
||||||
'oauth2_provider',
|
|
||||||
'corsheaders',
|
|
||||||
]
|
|
||||||
AUTHENTICATION_BACKENDS = [
|
AUTHENTICATION_BACKENDS = [
|
||||||
'oauth2_provider.backends.OAuth2Backend',
|
'oauth2_provider.backends.OAuth2Backend',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
OAUTH2_PROVIDER_APPLICATION_MODEL = 'passbook_oauth_provider.OAuth2Provider'
|
||||||
|
|
||||||
|
OAUTH2_PROVIDER = {
|
||||||
|
# this is the list of available scopes
|
||||||
|
'SCOPES': {
|
||||||
|
'openid:userinfo': 'Access OpenID Userinfo',
|
||||||
|
# 'write': 'Write scope',
|
||||||
|
# 'groups': 'Access to your groups'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,58 @@
|
||||||
|
{% extends "login/base.html" %}
|
||||||
|
|
||||||
|
{% load utils %}
|
||||||
|
{% load i18n %}
|
||||||
|
|
||||||
|
{% block title %}
|
||||||
|
{% title 'SSO - Authorize External Source' %}
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block card %}
|
||||||
|
<header class="login-pf-header">
|
||||||
|
<h1>{% trans 'SSO - Authorize External Source' %}</h1>
|
||||||
|
</header>
|
||||||
|
{% include 'partials/messages.html' %}
|
||||||
|
<form method="POST">
|
||||||
|
{% csrf_token %}
|
||||||
|
{% if not error %}
|
||||||
|
{% csrf_token %}
|
||||||
|
{% for field in form %}
|
||||||
|
{% if field.is_hidden %}
|
||||||
|
{{ field }}
|
||||||
|
{% endif %}
|
||||||
|
{% endfor %}
|
||||||
|
<div class="form-group">
|
||||||
|
<p class="subtitle">
|
||||||
|
{% blocktrans with remote=application.name %}
|
||||||
|
You're about to sign into {{ remote }}
|
||||||
|
{% endblocktrans %}
|
||||||
|
</p>
|
||||||
|
<p>{% trans "Application requires following permissions" %}</p>
|
||||||
|
<ul>
|
||||||
|
{% for scope in scopes_descriptions %}
|
||||||
|
<li>{{ scope }}</li>
|
||||||
|
{% endfor %}
|
||||||
|
</ul>
|
||||||
|
{{ form.errors }}
|
||||||
|
{{ form.non_field_errors }}
|
||||||
|
<p>
|
||||||
|
{% blocktrans with user=user %}
|
||||||
|
You are logged in as {{ user }}. Not you?
|
||||||
|
{% endblocktrans %}
|
||||||
|
<a href="{% url 'passbook_core:auth-logout' %}">{% trans 'Logout' %}</a>
|
||||||
|
</p>
|
||||||
|
<div class="form-group">
|
||||||
|
<button type="submit" class="btn btn-success btn-lg">{% trans 'Continue' %}</button>
|
||||||
|
<a href="{% back %}" class="btn btn-default btn-lg">{% trans "Cancel" %}</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{% else %}
|
||||||
|
<div class="login-group">
|
||||||
|
<p class="subtitle">
|
||||||
|
{% blocktrans with err=error.error %}Error: {{ err }}{% endblocktrans %}
|
||||||
|
</p>
|
||||||
|
<p>{{ error.description }}</p>
|
||||||
|
</div>
|
||||||
|
{% endif %}
|
||||||
|
</form>
|
||||||
|
{% endblock %}
|
|
@ -0,0 +1 @@
|
||||||
|
{% extends "base/skeleton.html" %}
|
Reference in a new issue