Rewrite OAuth Provider Models again

This commit is contained in:
Jens Langhammer 2018-11-24 22:26:53 +01:00
parent 32945250b6
commit cb46c70670
No known key found for this signature in database
GPG key ID: BEBC05297D92821B
6 changed files with 92 additions and 17 deletions

View file

@ -1,4 +0,0 @@
"""passbook oauth provider Admin"""
from passbook.lib.admin import admin_autoregister
admin_autoregister('passbook_oauth_provider')

View file

@ -1,6 +1,7 @@
# Generated by Django 2.1.3 on 2018-11-22 10:03
# Generated by Django 2.1.3 on 2018-11-24 10:27
import django.db.models.deletion
import oauth2_provider.generators
from django.conf import settings
from django.db import migrations, models
@ -10,8 +11,8 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
('passbook_core', '0001_initial'),
migrations.swappable_dependency(settings.OAUTH2_PROVIDER_APPLICATION_MODEL),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('passbook_core', '0002_application_skip_authorization'),
]
operations = [
@ -19,8 +20,20 @@ class Migration(migrations.Migration):
name='OAuth2Provider',
fields=[
('provider_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Provider')),
('oauth2_app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.OAUTH2_PROVIDER_APPLICATION_MODEL)),
('client_id', models.CharField(db_index=True, default=oauth2_provider.generators.generate_client_id, max_length=100, unique=True)),
('redirect_uris', models.TextField(blank=True, help_text='Allowed URIs list, space separated')),
('client_type', models.CharField(choices=[('confidential', 'Confidential'), ('public', 'Public')], max_length=32)),
('authorization_grant_type', models.CharField(choices=[('authorization-code', 'Authorization code'), ('implicit', 'Implicit'), ('password', 'Resource owner password-based'), ('client-credentials', 'Client credentials')], max_length=32)),
('client_secret', models.CharField(blank=True, db_index=True, default=oauth2_provider.generators.generate_client_secret, max_length=255)),
('name', models.CharField(blank=True, max_length=255)),
('skip_authorization', models.BooleanField(default=False)),
('created', models.DateTimeField(auto_now_add=True)),
('updated', models.DateTimeField(auto_now=True)),
('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='passbook_oauth_provider_oauth2provider', to=settings.AUTH_USER_MODEL)),
],
bases=('passbook_core.provider',),
options={
'abstract': False,
},
bases=('passbook_core.provider', models.Model),
),
]

View file

@ -1,12 +1,12 @@
"""Oauth2 provider product extension"""
from django.db import models
from oauth2_provider.models import Application
from oauth2_provider.models import AbstractApplication
from passbook.core.models import Provider
class OAuth2Provider(Provider):
class OAuth2Provider(Provider, AbstractApplication):
"""Associate an OAuth2 Application with a Product"""
oauth2_app = models.ForeignKey(Application, on_delete=models.CASCADE)
def __str__(self):
return self.name

View file

@ -7,10 +7,17 @@ MIDDLEWARE = [
'oauth2_provider.middleware.OAuth2TokenMiddleware',
'corsheaders.middleware.CorsMiddleware',
]
INSTALLED_APPS = [
'oauth2_provider',
'corsheaders',
]
AUTHENTICATION_BACKENDS = [
'oauth2_provider.backends.OAuth2Backend',
]
OAUTH2_PROVIDER_APPLICATION_MODEL = 'passbook_oauth_provider.OAuth2Provider'
OAUTH2_PROVIDER = {
# this is the list of available scopes
'SCOPES': {
'openid:userinfo': 'Access OpenID Userinfo',
# 'write': 'Write scope',
# 'groups': 'Access to your groups'
}
}

View file

@ -0,0 +1,58 @@
{% extends "login/base.html" %}
{% load utils %}
{% load i18n %}
{% block title %}
{% title 'SSO - Authorize External Source' %}
{% endblock %}
{% block card %}
<header class="login-pf-header">
<h1>{% trans 'SSO - Authorize External Source' %}</h1>
</header>
{% include 'partials/messages.html' %}
<form method="POST">
{% csrf_token %}
{% if not error %}
{% csrf_token %}
{% for field in form %}
{% if field.is_hidden %}
{{ field }}
{% endif %}
{% endfor %}
<div class="form-group">
<p class="subtitle">
{% blocktrans with remote=application.name %}
You're about to sign into {{ remote }}
{% endblocktrans %}
</p>
<p>{% trans "Application requires following permissions" %}</p>
<ul>
{% for scope in scopes_descriptions %}
<li>{{ scope }}</li>
{% endfor %}
</ul>
{{ form.errors }}
{{ form.non_field_errors }}
<p>
{% blocktrans with user=user %}
You are logged in as {{ user }}. Not you?
{% endblocktrans %}
<a href="{% url 'passbook_core:auth-logout' %}">{% trans 'Logout' %}</a>
</p>
<div class="form-group">
<button type="submit" class="btn btn-success btn-lg">{% trans 'Continue' %}</button>
<a href="{% back %}" class="btn btn-default btn-lg">{% trans "Cancel" %}</a>
</div>
</div>
{% else %}
<div class="login-group">
<p class="subtitle">
{% blocktrans with err=error.error %}Error: {{ err }}{% endblocktrans %}
</p>
<p>{{ error.description }}</p>
</div>
{% endif %}
</form>
{% endblock %}

View file

@ -0,0 +1 @@
{% extends "base/skeleton.html" %}