Small refactoring in grants. Add more doc.

2015-01-06 16:29:31 -03:00 · 2015-01-06 16:29:31 -03:00 · 6469466546
parent 453902f5df
commit 6469466546
6 changed files with 39 additions and 25 deletions
--- a/README.rst
+++ b/README.rst
@ -59,7 +59,7 @@ Then let's create a Client. Start django shell: ``python manage.py shell``.
 .. code:: python

    >>> from openid_provider.models import Client
-    >>> c = Client(name='Some Client', client_id='123', client_secret='456', client_type='public', grant_type='authorization_code', response_type='code', _redirect_uris='http://example.com/')
+    >>> c = Client(name='Some Client', client_id='123', client_secret='456', client_type='public', grant_type='authorization_code', response_type='code', redirect_uris=['http://example.com/'])
    >>> from django.contrib.auth.models import User
    >>> c.user = User.objects.all()[0]
    >>> c.save()
--- a/openid_provider/lib/grants/authorization_code.py
+++ b/openid_provider/lib/grants/authorization_code.py
@ -183,7 +183,9 @@ class TokenEndpoint(object):

    @classmethod
    def response(self, dic, status=200):
-
+        '''
+        Create and return a response object.
+        '''
        response = JsonResponse(dic, status=status)
        response['Cache-Control'] = 'no-store'
        response['Pragma'] = 'no-cache'
@ -217,10 +219,12 @@ class UserInfoEndpoint(object):
            raise UserInfoError('invalid_token')

    def _get_access_token(self):
+        '''
+        Get the access token using Authorization Request Header Field method.
+        See: http://tools.ietf.org/html/rfc6750#section-2.1

-        # Using Authorization Request Header Field
-        # http://tools.ietf.org/html/rfc6750#section-2.1
-
+        Return a string.
+        '''
        auth_header = self.request.META.get('HTTP_AUTHORIZATION', '')

        if re.compile('^Bearer\s{1}.+$').match(auth_header):
@ -231,14 +235,19 @@ class UserInfoEndpoint(object):
        return access_token

    def create_response_dic(self):
+        '''
+        Create a diccionary with all the requested claims about the End-User.
+        See: http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse

+        Return a diccionary.
+        '''
        dic = {
            'sub': self.token.id_token.get('sub'),
        }

        standard_claims = StandardClaims(self.token.user, self.token.scope.split())
        
-        dic.update(standard_claims.response_dic)
+        dic.update(standard_claims.create_response_dic())

        return dic

--- a/openid_provider/lib/scopes.py
+++ b/openid_provider/lib/scopes.py
@ -18,8 +18,7 @@ class StandardClaims(object):
        except self.__model__.DoesNotExist:
            self.model = self.__model__()

-    @property
-    def response_dic(self):
+    def create_response_dic(self):

        dic = {}

--- a/openid_provider/models.py
+++ b/openid_provider/models.py
@ -29,25 +29,31 @@ class Client(models.Model):
    client_type = models.CharField(max_length=20, choices=CLIENT_TYPE_CHOICES)
    grant_type = models.CharField(max_length=30, choices=GRANT_TYPE_CHOICES)
    response_type = models.CharField(max_length=30, choices=RESPONSE_TYPE_CHOICES)
-    _redirect_uris = models.TextField()
-    _scope = models.TextField() # TODO: add getter and setter for this.
+    
+    # TODO: Need to be implemented.
+    # The list of scopes the client may request access to.
+    _scope = models.TextField(default='')
+    def scope():
+        def fget(self):
+            return self._scope.split()
+        def fset(self, value):
+            self._scope = ' '.join(value)
+        return locals()
+    scope = property(**scope())

-    @property
-    def redirect_uris(self):
-        if self._redirect_uris:
-            return self._redirect_uris.split()
-        return []
+    _redirect_uris = models.TextField(default='')
+    def redirect_uris():
+        def fget(self):
+            return self._redirect_uris.splitlines()
+        def fset(self, value):
+            self._redirect_uris = '\n'.join(value)
+        return locals()
+    redirect_uris = property(**redirect_uris())

    @property
    def default_redirect_uri(self):
        return self.redirect_uris[0]

-    @property
-    def scope(self):
-        if self._scopes:
-            return self._scopes.split()
-        return []
-
 class Code(models.Model):

    user = models.ForeignKey(User)
@ -64,11 +70,11 @@ class Token(models.Model):
    user = models.ForeignKey(User)
    client = models.ForeignKey(Client)
    access_token = models.CharField(max_length=255, unique=True)
-    _id_token = models.TextField()
    refresh_token = models.CharField(max_length=255, unique=True)
    expires_at = models.DateTimeField()
    scope = models.TextField() # TODO: add getter and setter for this.

+    _id_token = models.TextField()
    def id_token():
        def fget(self):
            return json.loads(self._id_token)
--- a/openid_provider/templates/openid_provider/base.html
+++ b/openid_provider/templates/openid_provider/base.html
@ -6,7 +6,7 @@
    <meta charset="utf-8">
    <title>OpenID Provider</title>

-    <link href="//maxcdn.bootstrapcdn.com/bootswatch/3.3.1/flatly/bootstrap.min.css" rel="stylesheet">
+    <link href="//maxcdn.bootstrapcdn.com/bootswatch/3.3.1/spacelab/bootstrap.min.css" rel="stylesheet">
    <style type="text/css">
        body {
            padding-top: 90px;
--- a/openid_provider/views.py
+++ b/openid_provider/views.py
@ -5,8 +5,8 @@ from django.shortcuts import render
 from django.views.decorators.http import require_http_methods
 from django.views.generic import View
 import urllib
-from .lib.errors import *
-from .lib.grants.authorization_code import *
+from openid_provider.lib.errors import *
+from openid_provider.lib.grants.authorization_code import *


 class AuthorizeView(View):