Small refactoring in grants. Add more doc.
This commit is contained in:
parent
453902f5df
commit
6469466546
6 changed files with 39 additions and 25 deletions
|
@ -59,7 +59,7 @@ Then let's create a Client. Start django shell: ``python manage.py shell``.
|
|||
.. code:: python
|
||||
|
||||
>>> from openid_provider.models import Client
|
||||
>>> c = Client(name='Some Client', client_id='123', client_secret='456', client_type='public', grant_type='authorization_code', response_type='code', _redirect_uris='http://example.com/')
|
||||
>>> c = Client(name='Some Client', client_id='123', client_secret='456', client_type='public', grant_type='authorization_code', response_type='code', redirect_uris=['http://example.com/'])
|
||||
>>> from django.contrib.auth.models import User
|
||||
>>> c.user = User.objects.all()[0]
|
||||
>>> c.save()
|
||||
|
|
|
@ -183,7 +183,9 @@ class TokenEndpoint(object):
|
|||
|
||||
@classmethod
|
||||
def response(self, dic, status=200):
|
||||
|
||||
'''
|
||||
Create and return a response object.
|
||||
'''
|
||||
response = JsonResponse(dic, status=status)
|
||||
response['Cache-Control'] = 'no-store'
|
||||
response['Pragma'] = 'no-cache'
|
||||
|
@ -217,10 +219,12 @@ class UserInfoEndpoint(object):
|
|||
raise UserInfoError('invalid_token')
|
||||
|
||||
def _get_access_token(self):
|
||||
'''
|
||||
Get the access token using Authorization Request Header Field method.
|
||||
See: http://tools.ietf.org/html/rfc6750#section-2.1
|
||||
|
||||
# Using Authorization Request Header Field
|
||||
# http://tools.ietf.org/html/rfc6750#section-2.1
|
||||
|
||||
Return a string.
|
||||
'''
|
||||
auth_header = self.request.META.get('HTTP_AUTHORIZATION', '')
|
||||
|
||||
if re.compile('^Bearer\s{1}.+$').match(auth_header):
|
||||
|
@ -231,14 +235,19 @@ class UserInfoEndpoint(object):
|
|||
return access_token
|
||||
|
||||
def create_response_dic(self):
|
||||
'''
|
||||
Create a diccionary with all the requested claims about the End-User.
|
||||
See: http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
|
||||
|
||||
Return a diccionary.
|
||||
'''
|
||||
dic = {
|
||||
'sub': self.token.id_token.get('sub'),
|
||||
}
|
||||
|
||||
standard_claims = StandardClaims(self.token.user, self.token.scope.split())
|
||||
|
||||
dic.update(standard_claims.response_dic)
|
||||
dic.update(standard_claims.create_response_dic())
|
||||
|
||||
return dic
|
||||
|
||||
|
|
|
@ -18,8 +18,7 @@ class StandardClaims(object):
|
|||
except self.__model__.DoesNotExist:
|
||||
self.model = self.__model__()
|
||||
|
||||
@property
|
||||
def response_dic(self):
|
||||
def create_response_dic(self):
|
||||
|
||||
dic = {}
|
||||
|
||||
|
|
|
@ -29,25 +29,31 @@ class Client(models.Model):
|
|||
client_type = models.CharField(max_length=20, choices=CLIENT_TYPE_CHOICES)
|
||||
grant_type = models.CharField(max_length=30, choices=GRANT_TYPE_CHOICES)
|
||||
response_type = models.CharField(max_length=30, choices=RESPONSE_TYPE_CHOICES)
|
||||
_redirect_uris = models.TextField()
|
||||
_scope = models.TextField() # TODO: add getter and setter for this.
|
||||
|
||||
# TODO: Need to be implemented.
|
||||
# The list of scopes the client may request access to.
|
||||
_scope = models.TextField(default='')
|
||||
def scope():
|
||||
def fget(self):
|
||||
return self._scope.split()
|
||||
def fset(self, value):
|
||||
self._scope = ' '.join(value)
|
||||
return locals()
|
||||
scope = property(**scope())
|
||||
|
||||
@property
|
||||
def redirect_uris(self):
|
||||
if self._redirect_uris:
|
||||
return self._redirect_uris.split()
|
||||
return []
|
||||
_redirect_uris = models.TextField(default='')
|
||||
def redirect_uris():
|
||||
def fget(self):
|
||||
return self._redirect_uris.splitlines()
|
||||
def fset(self, value):
|
||||
self._redirect_uris = '\n'.join(value)
|
||||
return locals()
|
||||
redirect_uris = property(**redirect_uris())
|
||||
|
||||
@property
|
||||
def default_redirect_uri(self):
|
||||
return self.redirect_uris[0]
|
||||
|
||||
@property
|
||||
def scope(self):
|
||||
if self._scopes:
|
||||
return self._scopes.split()
|
||||
return []
|
||||
|
||||
class Code(models.Model):
|
||||
|
||||
user = models.ForeignKey(User)
|
||||
|
@ -64,11 +70,11 @@ class Token(models.Model):
|
|||
user = models.ForeignKey(User)
|
||||
client = models.ForeignKey(Client)
|
||||
access_token = models.CharField(max_length=255, unique=True)
|
||||
_id_token = models.TextField()
|
||||
refresh_token = models.CharField(max_length=255, unique=True)
|
||||
expires_at = models.DateTimeField()
|
||||
scope = models.TextField() # TODO: add getter and setter for this.
|
||||
|
||||
_id_token = models.TextField()
|
||||
def id_token():
|
||||
def fget(self):
|
||||
return json.loads(self._id_token)
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
<meta charset="utf-8">
|
||||
<title>OpenID Provider</title>
|
||||
|
||||
<link href="//maxcdn.bootstrapcdn.com/bootswatch/3.3.1/flatly/bootstrap.min.css" rel="stylesheet">
|
||||
<link href="//maxcdn.bootstrapcdn.com/bootswatch/3.3.1/spacelab/bootstrap.min.css" rel="stylesheet">
|
||||
<style type="text/css">
|
||||
body {
|
||||
padding-top: 90px;
|
||||
|
|
|
@ -5,8 +5,8 @@ from django.shortcuts import render
|
|||
from django.views.decorators.http import require_http_methods
|
||||
from django.views.generic import View
|
||||
import urllib
|
||||
from .lib.errors import *
|
||||
from .lib.grants.authorization_code import *
|
||||
from openid_provider.lib.errors import *
|
||||
from openid_provider.lib.grants.authorization_code import *
|
||||
|
||||
|
||||
class AuthorizeView(View):
|
||||
|
|
Loading…
Reference in a new issue