Add custom template errors. (ClientID and RedirectURI)
This commit is contained in:
parent
c24f0ccc29
commit
977a5cf7be
|
@ -7,7 +7,7 @@ Django OpenID Provider
|
||||||
Important things that you should know:
|
Important things that you should know:
|
||||||
|
|
||||||
- Although OpenID was built on top of OAuth2, this isn't an OAuth2 server. Maybe in a future it will be.
|
- Although OpenID was built on top of OAuth2, this isn't an OAuth2 server. Maybe in a future it will be.
|
||||||
- This cover ``authorization_code`` flow and ``implicit`` flow, NO support for ``hibrid`` flow at this moment.
|
- This cover ``authorization_code`` flow and ``implicit`` flow, NO support for ``hybrid`` flow at this moment.
|
||||||
- Only support for requesting Claims using Scope Values.
|
- Only support for requesting Claims using Scope Values.
|
||||||
|
|
||||||
************
|
************
|
||||||
|
|
|
@ -13,7 +13,7 @@ class AuthorizeEndpoint(object):
|
||||||
|
|
||||||
self.request = request
|
self.request = request
|
||||||
|
|
||||||
self.params = Params
|
self.params = Params()
|
||||||
|
|
||||||
# Because in this endpoint we handle both GET
|
# Because in this endpoint we handle both GET
|
||||||
# and POST request.
|
# and POST request.
|
||||||
|
@ -52,22 +52,6 @@ class AuthorizeEndpoint(object):
|
||||||
'''
|
'''
|
||||||
self.params.nonce = self.query_dict.get('nonce', '')
|
self.params.nonce = self.query_dict.get('nonce', '')
|
||||||
|
|
||||||
def is_code_flow(self):
|
|
||||||
'''
|
|
||||||
True if the client is using Authorization Code Flow.
|
|
||||||
|
|
||||||
Return a boolean.
|
|
||||||
'''
|
|
||||||
return self.grant_type == 'authorization_code'
|
|
||||||
|
|
||||||
def is_implicit_flow(self):
|
|
||||||
'''
|
|
||||||
True if the client is using Implicit Flow.
|
|
||||||
|
|
||||||
Return a boolean.
|
|
||||||
'''
|
|
||||||
return self.grant_type == 'implicit'
|
|
||||||
|
|
||||||
def validate_params(self):
|
def validate_params(self):
|
||||||
|
|
||||||
if not self.params.redirect_uri:
|
if not self.params.redirect_uri:
|
||||||
|
@ -96,7 +80,7 @@ class AuthorizeEndpoint(object):
|
||||||
try:
|
try:
|
||||||
self.validate_params()
|
self.validate_params()
|
||||||
|
|
||||||
if self.is_code_flow():
|
if (self.grant_type == 'authorization_code'):
|
||||||
|
|
||||||
code = Code()
|
code = Code()
|
||||||
code.user = self.request.user
|
code.user = self.request.user
|
||||||
|
@ -107,7 +91,8 @@ class AuthorizeEndpoint(object):
|
||||||
code.save()
|
code.save()
|
||||||
|
|
||||||
uri = self.params.redirect_uri + '?code={0}'.format(code.code)
|
uri = self.params.redirect_uri + '?code={0}'.format(code.code)
|
||||||
else:
|
|
||||||
|
else: # Implicit Flow
|
||||||
|
|
||||||
id_token_dic = create_id_token_dic(
|
id_token_dic = create_id_token_dic(
|
||||||
self.request.user,
|
self.request.user,
|
||||||
|
|
|
@ -11,7 +11,7 @@ class TokenEndpoint(object):
|
||||||
def __init__(self, request):
|
def __init__(self, request):
|
||||||
|
|
||||||
self.request = request
|
self.request = request
|
||||||
self.params = Params
|
self.params = Params()
|
||||||
self._extract_params()
|
self._extract_params()
|
||||||
|
|
||||||
def _extract_params(self):
|
def _extract_params(self):
|
||||||
|
|
|
@ -11,7 +11,7 @@ class UserInfoEndpoint(object):
|
||||||
def __init__(self, request):
|
def __init__(self, request):
|
||||||
|
|
||||||
self.request = request
|
self.request = request
|
||||||
self.params = Params
|
self.params = Params()
|
||||||
self._extract_params()
|
self._extract_params()
|
||||||
|
|
||||||
def _extract_params(self):
|
def _extract_params(self):
|
||||||
|
|
|
@ -3,21 +3,14 @@ import urllib
|
||||||
|
|
||||||
class RedirectUriError(Exception):
|
class RedirectUriError(Exception):
|
||||||
|
|
||||||
error = None
|
error = 'Redirect URI Error'
|
||||||
description = 'The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).'
|
description = 'The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).'
|
||||||
|
|
||||||
|
|
||||||
class ClientIdError(Exception):
|
class ClientIdError(Exception):
|
||||||
|
|
||||||
error = None
|
error = 'Client ID Error'
|
||||||
description = 'The client identifier (client_id) is missing or invalid.'
|
description = 'The client identifier (client_id) is missing or invalid.'
|
||||||
|
|
||||||
class MissingScopeError(Exception):
|
|
||||||
|
|
||||||
error = 'openid scope'
|
|
||||||
description = 'The openid scope value is missing.'
|
|
||||||
|
|
||||||
|
|
||||||
class AuthorizeError(Exception):
|
class AuthorizeError(Exception):
|
||||||
|
|
||||||
_errors = {
|
_errors = {
|
||||||
|
@ -72,7 +65,6 @@ class AuthorizeError(Exception):
|
||||||
def response(self):
|
def response(self):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class TokenError(Exception):
|
class TokenError(Exception):
|
||||||
|
|
||||||
_errors = {
|
_errors = {
|
||||||
|
|
20
openid_provider/templates/openid_provider/error.html
Normal file
20
openid_provider/templates/openid_provider/error.html
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
{% extends "openid_provider/base.html" %}
|
||||||
|
|
||||||
|
{% load i18n %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-6 col-md-offset-3">
|
||||||
|
<div class="panel panel-danger">
|
||||||
|
<div class="panel-heading">
|
||||||
|
<h3 class="panel-title">{{ error }}</h3>
|
||||||
|
</div>
|
||||||
|
<div class="panel-body">
|
||||||
|
<p>{{ description }}</p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{% endblock %}
|
|
@ -34,7 +34,12 @@ class AuthorizeView(View):
|
||||||
return HttpResponseRedirect(login_url)
|
return HttpResponseRedirect(login_url)
|
||||||
|
|
||||||
except (ClientIdError, RedirectUriError) as error:
|
except (ClientIdError, RedirectUriError) as error:
|
||||||
return HttpResponse(error.description)
|
data = {
|
||||||
|
'error': error.error,
|
||||||
|
'description': error.description,
|
||||||
|
}
|
||||||
|
|
||||||
|
return render(request, 'openid_provider/error.html', data)
|
||||||
|
|
||||||
except (AuthorizeError) as error:
|
except (AuthorizeError) as error:
|
||||||
uri = error.create_uri(authorize.params.redirect_uri, authorize.params.state)
|
uri = error.create_uri(authorize.params.redirect_uri, authorize.params.state)
|
||||||
|
|
Loading…
Reference in a new issue