From 6469466546e8f6ec1262151a8d2b2583c797e9f2 Mon Sep 17 00:00:00 2001
From: juanifioren <juanifioren@gmail.com>
Date: Tue, 6 Jan 2015 16:29:31 -0300
Subject: [PATCH] Small refactoring in grants. Add more doc.

---
 README.rst                                    |  2 +-
 .../lib/grants/authorization_code.py          | 19 ++++++++---
 openid_provider/lib/scopes.py                 |  3 +-
 openid_provider/models.py                     | 34 +++++++++++--------
 .../templates/openid_provider/base.html       |  2 +-
 openid_provider/views.py                      |  4 +--
 6 files changed, 39 insertions(+), 25 deletions(-)

diff --git a/README.rst b/README.rst
index d209d5b..849b4ae 100644
--- a/README.rst
+++ b/README.rst
@@ -59,7 +59,7 @@ Then let's create a Client. Start django shell: ``python manage.py shell``.
 .. code:: python
 
     >>> from openid_provider.models import Client
-    >>> c = Client(name='Some Client', client_id='123', client_secret='456', client_type='public', grant_type='authorization_code', response_type='code', _redirect_uris='http://example.com/')
+    >>> c = Client(name='Some Client', client_id='123', client_secret='456', client_type='public', grant_type='authorization_code', response_type='code', redirect_uris=['http://example.com/'])
     >>> from django.contrib.auth.models import User
     >>> c.user = User.objects.all()[0]
     >>> c.save()
diff --git a/openid_provider/lib/grants/authorization_code.py b/openid_provider/lib/grants/authorization_code.py
index 4e987d3..9a35b52 100644
--- a/openid_provider/lib/grants/authorization_code.py
+++ b/openid_provider/lib/grants/authorization_code.py
@@ -183,7 +183,9 @@ class TokenEndpoint(object):
 
     @classmethod
     def response(self, dic, status=200):
-
+        '''
+        Create and return a response object.
+        '''
         response = JsonResponse(dic, status=status)
         response['Cache-Control'] = 'no-store'
         response['Pragma'] = 'no-cache'
@@ -217,10 +219,12 @@ class UserInfoEndpoint(object):
             raise UserInfoError('invalid_token')
 
     def _get_access_token(self):
+        '''
+        Get the access token using Authorization Request Header Field method.
+        See: http://tools.ietf.org/html/rfc6750#section-2.1
 
-        # Using Authorization Request Header Field
-        # http://tools.ietf.org/html/rfc6750#section-2.1
-
+        Return a string.
+        '''
         auth_header = self.request.META.get('HTTP_AUTHORIZATION', '')
 
         if re.compile('^Bearer\s{1}.+$').match(auth_header):
@@ -231,14 +235,19 @@ class UserInfoEndpoint(object):
         return access_token
 
     def create_response_dic(self):
+        '''
+        Create a diccionary with all the requested claims about the End-User.
+        See: http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
 
+        Return a diccionary.
+        '''
         dic = {
             'sub': self.token.id_token.get('sub'),
         }
 
         standard_claims = StandardClaims(self.token.user, self.token.scope.split())
         
-        dic.update(standard_claims.response_dic)
+        dic.update(standard_claims.create_response_dic())
 
         return dic
 
diff --git a/openid_provider/lib/scopes.py b/openid_provider/lib/scopes.py
index dd96760..0472d8d 100644
--- a/openid_provider/lib/scopes.py
+++ b/openid_provider/lib/scopes.py
@@ -18,8 +18,7 @@ class StandardClaims(object):
         except self.__model__.DoesNotExist:
             self.model = self.__model__()
 
-    @property
-    def response_dic(self):
+    def create_response_dic(self):
 
         dic = {}
 
diff --git a/openid_provider/models.py b/openid_provider/models.py
index 856e1f5..363ffac 100644
--- a/openid_provider/models.py
+++ b/openid_provider/models.py
@@ -29,25 +29,31 @@ class Client(models.Model):
     client_type = models.CharField(max_length=20, choices=CLIENT_TYPE_CHOICES)
     grant_type = models.CharField(max_length=30, choices=GRANT_TYPE_CHOICES)
     response_type = models.CharField(max_length=30, choices=RESPONSE_TYPE_CHOICES)
-    _redirect_uris = models.TextField()
-    _scope = models.TextField() # TODO: add getter and setter for this.
+    
+    # TODO: Need to be implemented.
+    # The list of scopes the client may request access to.
+    _scope = models.TextField(default='')
+    def scope():
+        def fget(self):
+            return self._scope.split()
+        def fset(self, value):
+            self._scope = ' '.join(value)
+        return locals()
+    scope = property(**scope())
 
-    @property
-    def redirect_uris(self):
-        if self._redirect_uris:
-            return self._redirect_uris.split()
-        return []
+    _redirect_uris = models.TextField(default='')
+    def redirect_uris():
+        def fget(self):
+            return self._redirect_uris.splitlines()
+        def fset(self, value):
+            self._redirect_uris = '\n'.join(value)
+        return locals()
+    redirect_uris = property(**redirect_uris())
 
     @property
     def default_redirect_uri(self):
         return self.redirect_uris[0]
 
-    @property
-    def scope(self):
-        if self._scopes:
-            return self._scopes.split()
-        return []
-
 class Code(models.Model):
 
     user = models.ForeignKey(User)
@@ -64,11 +70,11 @@ class Token(models.Model):
     user = models.ForeignKey(User)
     client = models.ForeignKey(Client)
     access_token = models.CharField(max_length=255, unique=True)
-    _id_token = models.TextField()
     refresh_token = models.CharField(max_length=255, unique=True)
     expires_at = models.DateTimeField()
     scope = models.TextField() # TODO: add getter and setter for this.
 
+    _id_token = models.TextField()
     def id_token():
         def fget(self):
             return json.loads(self._id_token)
diff --git a/openid_provider/templates/openid_provider/base.html b/openid_provider/templates/openid_provider/base.html
index 4b8534d..cfdd022 100644
--- a/openid_provider/templates/openid_provider/base.html
+++ b/openid_provider/templates/openid_provider/base.html
@@ -6,7 +6,7 @@
     <meta charset="utf-8">
     <title>OpenID Provider</title>
 
-    <link href="//maxcdn.bootstrapcdn.com/bootswatch/3.3.1/flatly/bootstrap.min.css" rel="stylesheet">
+    <link href="//maxcdn.bootstrapcdn.com/bootswatch/3.3.1/spacelab/bootstrap.min.css" rel="stylesheet">
     <style type="text/css">
         body {
             padding-top: 90px;
diff --git a/openid_provider/views.py b/openid_provider/views.py
index 70d16e4..c75b693 100644
--- a/openid_provider/views.py
+++ b/openid_provider/views.py
@@ -5,8 +5,8 @@ from django.shortcuts import render
 from django.views.decorators.http import require_http_methods
 from django.views.generic import View
 import urllib
-from .lib.errors import *
-from .lib.grants.authorization_code import *
+from openid_provider.lib.errors import *
+from openid_provider.lib.grants.authorization_code import *
 
 
 class AuthorizeView(View):