Log granted/denied authorization requests
This commit is contained in:
parent
b20ef4fcb0
commit
fe57923c35
6 changed files with 60 additions and 1 deletions
|
@ -4,3 +4,6 @@ from django.apps import AppConfig
|
|||
class CoreConfig(AppConfig):
|
||||
default_auto_field = 'django.db.models.BigAutoField'
|
||||
name = 'core'
|
||||
|
||||
def ready(self):
|
||||
from . import receivers
|
27
core/migrations/0006_authorizationlog.py
Normal file
27
core/migrations/0006_authorizationlog.py
Normal file
|
@ -0,0 +1,27 @@
|
|||
# Generated by Django 3.2.15 on 2022-08-05 07:28
|
||||
|
||||
from django.conf import settings
|
||||
from django.db import migrations, models
|
||||
import django.db.models.deletion
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('oidc_provider', '0027_auto_20220801_1333'),
|
||||
('core', '0005_profile_last_name'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='AuthorizationLog',
|
||||
fields=[
|
||||
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
|
||||
('scope', models.TextField()),
|
||||
('granted', models.BooleanField()),
|
||||
('timestamp', models.DateTimeField(auto_now_add=True)),
|
||||
('client', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='oidc_provider.client')),
|
||||
('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
|
||||
],
|
||||
),
|
||||
]
|
|
@ -1,2 +1,3 @@
|
|||
from .auth import User
|
||||
from .profile import Profile
|
||||
from .profile import Profile
|
||||
from .logging import AuthorizationLog
|
12
core/models/logging.py
Normal file
12
core/models/logging.py
Normal file
|
@ -0,0 +1,12 @@
|
|||
from django.db import models
|
||||
from django.contrib.auth import get_user_model
|
||||
|
||||
from oidc_provider.models import Client
|
||||
|
||||
|
||||
class AuthorizationLog(models.Model):
|
||||
user = models.ForeignKey(get_user_model(), models.CASCADE)
|
||||
client = models.ForeignKey(Client, models.CASCADE)
|
||||
scope = models.TextField()
|
||||
granted = models.BooleanField()
|
||||
timestamp = models.DateTimeField(auto_now_add=True)
|
1
core/receivers/__init__.py
Normal file
1
core/receivers/__init__.py
Normal file
|
@ -0,0 +1 @@
|
|||
from .oidc import user_accept_consent, user_decline_consent
|
15
core/receivers/oidc.py
Normal file
15
core/receivers/oidc.py
Normal file
|
@ -0,0 +1,15 @@
|
|||
from django.dispatch import receiver
|
||||
|
||||
from oidc_provider.signals import user_accept_consent, user_decline_consent
|
||||
|
||||
from ..models import AuthorizationLog
|
||||
|
||||
|
||||
@receiver(user_accept_consent)
|
||||
def consent_granted(sender, **kwargs):
|
||||
AuthorizationLog.objects.create(user=kwargs["user"], client=kwargs["client"], scope=kwargs["scope"], granted=True)
|
||||
|
||||
|
||||
@receiver(user_decline_consent)
|
||||
def consent_denied(sender, **kwargs):
|
||||
AuthorizationLog.objects.create(user=kwargs["user"], client=kwargs["client"], scope=kwargs["scope"], granted=False)
|
Loading…
Reference in a new issue