django-oidc-provider/oidc_provider/lib/claims.py

160 lines
5.3 KiB
Python
Raw Normal View History

2015-01-30 20:20:36 +00:00
from django.utils.translation import ugettext as _
2015-08-11 18:58:52 +00:00
from oidc_provider import settings
2015-01-30 20:20:36 +00:00
2016-07-07 15:50:27 +00:00
STANDARD_CLAIMS = {
'name': '', 'given_name': '', 'family_name': '', 'middle_name': '', 'nickname': '',
'preferred_username': '', 'profile': '', 'picture': '', 'website': '', 'gender': '',
'birthdate': '', 'zoneinfo': '', 'locale': '', 'updated_at': '', 'email': '', 'email_verified': '',
'phone_number': '', 'phone_number_verified': '', 'address': { 'formatted': '',
'street_address': '', 'locality': '', 'region': '', 'postal_code': '', 'country': '', },
}
2016-05-30 16:28:07 +00:00
class ScopeClaims(object):
2015-01-30 20:20:36 +00:00
def __init__(self, token):
self.user = token.user
2016-07-07 15:50:27 +00:00
self.userinfo = settings.get('OIDC_USERINFO', import_str=True)(STANDARD_CLAIMS, self.user)
self.scopes = token.scope
self.client = token.client
2015-01-30 20:20:36 +00:00
def create_response_dic(self):
"""
Generate the dic that will be jsonify. Checking scopes given vs
registered.
Returns a dic.
"""
dic = {}
for scope in self.scopes:
if scope in self._scopes_registered():
2016-05-30 16:28:07 +00:00
dic.update(getattr(self, 'scope_' + scope)())
2015-01-30 20:20:36 +00:00
dic = self._clean_dic(dic)
return dic
def _scopes_registered(self):
"""
Return a list that contains all the scopes registered
in the class.
"""
scopes = []
for name in self.__class__.__dict__:
if name.startswith('scope_'):
scope = name.split('scope_')[1]
scopes.append(scope)
return scopes
def _clean_dic(self, dic):
"""
Clean recursively all empty or None values inside a dict.
"""
aux_dic = dic.copy()
for key, value in iter(dic.items()):
2015-01-30 20:20:36 +00:00
if value is None or value == '':
2015-01-30 20:20:36 +00:00
del aux_dic[key]
elif type(value) is dict:
2016-08-17 10:24:00 +00:00
cleaned_dict = self._clean_dic(value)
if not cleaned_dict:
2016-08-17 10:13:33 +00:00
del aux_dic[key]
continue
2016-08-17 10:24:00 +00:00
aux_dic[key] = cleaned_dict
2015-01-30 20:20:36 +00:00
return aux_dic
@classmethod
def get_scopes_info(cls, scopes=[]):
scopes_info = []
for name in cls.__dict__:
if name.startswith('info_'):
scope_name = name.split('info_')[1]
if scope_name in scopes:
touple_info = getattr(cls, name)
scopes_info.append({
'scope': scope_name,
'name': touple_info[0],
'description': touple_info[1],
})
return scopes_info
2015-08-11 18:58:52 +00:00
2016-05-30 16:28:07 +00:00
class StandardScopeClaims(ScopeClaims):
2015-01-30 20:20:36 +00:00
"""
Based on OpenID Standard Claims.
See: http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
"""
info_profile = (
_(u'Basic profile'),
_(u'Access to your basic information. Includes names, gender, birthdate and other information.'),
)
2016-05-30 16:28:07 +00:00
def scope_profile(self):
2015-01-30 20:20:36 +00:00
dic = {
2016-07-07 15:50:27 +00:00
'name': self.userinfo.get('name'),
'given_name': self.userinfo.get('given_name') or getattr(self.user, 'first_name', None),
'family_name': self.userinfo.get('family_name') or getattr(self.user, 'last_name', None),
2016-07-07 15:50:27 +00:00
'middle_name': self.userinfo.get('middle_name'),
'nickname': self.userinfo.get('nickname') or getattr(self.user, 'username', None),
2016-07-07 15:50:27 +00:00
'preferred_username': self.userinfo.get('preferred_username'),
'profile': self.userinfo.get('profile'),
'picture': self.userinfo.get('picture'),
'website': self.userinfo.get('website'),
'gender': self.userinfo.get('gender'),
'birthdate': self.userinfo.get('birthdate'),
'zoneinfo': self.userinfo.get('zoneinfo'),
'locale': self.userinfo.get('locale'),
'updated_at': self.userinfo.get('updated_at'),
2015-01-30 20:20:36 +00:00
}
return dic
info_email = (
_(u'Email'),
_(u'Access to your email address.'),
)
2016-05-30 16:28:07 +00:00
def scope_email(self):
2015-01-30 20:20:36 +00:00
dic = {
'email': self.userinfo.get('email') or getattr(self.user, 'email', None),
2016-07-07 15:50:27 +00:00
'email_verified': self.userinfo.get('email_verified'),
2015-01-30 20:20:36 +00:00
}
return dic
info_phone = (
_(u'Phone number'),
_(u'Access to your phone number.'),
)
2016-05-30 16:28:07 +00:00
def scope_phone(self):
2015-01-30 20:20:36 +00:00
dic = {
2016-07-07 15:50:27 +00:00
'phone_number': self.userinfo.get('phone_number'),
'phone_number_verified': self.userinfo.get('phone_number_verified'),
2015-01-30 20:20:36 +00:00
}
return dic
info_address = (
_(u'Address information'),
_(u'Access to your address. Includes country, locality, street and other information.'),
)
2016-05-30 16:28:07 +00:00
def scope_address(self):
2015-01-30 20:20:36 +00:00
dic = {
'address': {
2016-07-07 15:50:27 +00:00
'formatted': self.userinfo.get('address', {}).get('formatted'),
'street_address': self.userinfo.get('address', {}).get('street_address'),
'locality': self.userinfo.get('address', {}).get('locality'),
'region': self.userinfo.get('address', {}).get('region'),
'postal_code': self.userinfo.get('address', {}).get('postal_code'),
'country': self.userinfo.get('address', {}).get('country'),
2015-01-30 20:20:36 +00:00
}
}
return dic