A few changes in settings. Add more variables to it.

This commit is contained in:
juanifioren 2015-01-28 17:00:04 -03:00
parent be741e79e3
commit 97eef517b0
6 changed files with 50 additions and 38 deletions

View file

@ -54,13 +54,22 @@ Add required variables to your project settings.
.. code:: python .. code:: python
# REQUIRED. Your server provider url. # REQUIRED.
# Your server provider url.
SITE_URL = 'http://localhost:8000' SITE_URL = 'http://localhost:8000'
# REQUIRED. # Used to log the user in.
# See: https://docs.djangoproject.com/en/1.7/ref/settings/#login-url # See: https://docs.djangoproject.com/en/1.7/ref/settings/#login-url
LOGIN_URL = '/accounts/login/' LOGIN_URL = '/accounts/login/'
# OPTIONAL.
DOP_CODE_EXPIRE = 60*10 # 10 min.
DOP_IDTOKEN_EXPIRE = 60*10, # 10 min.
DOP_TOKEN_EXPIRE = 60*60 # 1 hour.
******************** ********************
Create User & Client Create User & Client
******************** ********************

View file

@ -1,13 +1,11 @@
import uuid
from datetime import timedelta from datetime import timedelta
from django.utils import timezone from django.utils import timezone
from openid_provider.lib.errors import * from openid_provider.lib.errors import *
from openid_provider.lib.utils.params import * from openid_provider.lib.utils.params import *
from openid_provider.lib.utils.token import * from openid_provider.lib.utils.token import *
from openid_provider.models import * from openid_provider.models import *
from openid_provider import settings
import uuid
class AuthorizeEndpoint(object): class AuthorizeEndpoint(object):
@ -20,7 +18,8 @@ class AuthorizeEndpoint(object):
# Because in this endpoint we handle both GET # Because in this endpoint we handle both GET
# and POST request. # and POST request.
self.query_dict = (self.request.POST if self.request.method == 'POST' else self.request.GET) self.query_dict = (self.request.POST if self.request.method == 'POST'
else self.request.GET)
self._extract_params() self._extract_params()
@ -98,7 +97,8 @@ class AuthorizeEndpoint(object):
code.user = self.request.user code.user = self.request.user
code.client = self.client code.client = self.client
code.code = uuid.uuid4().hex code.code = uuid.uuid4().hex
code.expires_at = timezone.now() + timedelta(seconds=60*10) # TODO: Add this into settings. code.expires_at = timezone.now() + timedelta(
seconds=settings.get('DOP_CODE_EXPIRE'))
code.scope = self.params.scope code.scope = self.params.scope
code.save() code.save()
@ -108,7 +108,7 @@ class AuthorizeEndpoint(object):
id_token_dic = create_id_token_dic( id_token_dic = create_id_token_dic(
self.request.user, self.request.user,
'http://localhost:8000', # TODO: Add this into settings. settings.get('SITE_URL'),
self.client.client_id) self.client.client_id)
token = create_token( token = create_token(
@ -120,14 +120,15 @@ class AuthorizeEndpoint(object):
# Store the token. # Store the token.
token.save() token.save()
id_token = encode_id_token(id_token_dic, self.client.client_secret) id_token = encode_id_token(
id_token_dic, self.client.client_secret)
# TODO: Check if response_type is 'id_token token' then # TODO: Check if response_type is 'id_token token' then
# add access_token to the fragment. # add access_token to the fragment.
uri = self.params.redirect_uri + '#token_type={0}&id_token={1}&expires_in={2}'.format( uri = self.params.redirect_uri + '#token_type={0}&id_token={1}&expires_in={2}'.format(
'bearer', 'bearer',
id_token, id_token,
60*10 60 * 10
) )
except: except:
raise AuthorizeError( raise AuthorizeError(
@ -136,6 +137,8 @@ class AuthorizeEndpoint(object):
self.grant_type) self.grant_type)
# Add state if present. # Add state if present.
uri = uri + ('&state={0}'.format(self.params.state) if self.params.state else '') uri = uri + \
('&state={0}'.format(self.params.state)
if self.params.state else '')
return uri return uri

View file

@ -1,12 +1,10 @@
import urllib
from django.http import JsonResponse from django.http import JsonResponse
from openid_provider.lib.errors import * from openid_provider.lib.errors import *
from openid_provider.lib.utils.params import * from openid_provider.lib.utils.params import *
from openid_provider.lib.utils.token import * from openid_provider.lib.utils.token import *
from openid_provider.models import * from openid_provider.models import *
from openid_provider import settings from openid_provider import settings
import urllib
class TokenEndpoint(object): class TokenEndpoint(object):
@ -23,7 +21,8 @@ class TokenEndpoint(object):
self.params.client_id = query_dict.get('client_id', '') self.params.client_id = query_dict.get('client_id', '')
self.params.client_secret = query_dict.get('client_secret', '') self.params.client_secret = query_dict.get('client_secret', '')
self.params.redirect_uri = urllib.unquote(query_dict.get('redirect_uri', '')) self.params.redirect_uri = urllib.unquote(
query_dict.get('redirect_uri', ''))
self.params.grant_type = query_dict.get('grant_type', '') self.params.grant_type = query_dict.get('grant_type', '')
self.params.code = query_dict.get('code', '') self.params.code = query_dict.get('code', '')
self.params.state = query_dict.get('state', '') self.params.state = query_dict.get('state', '')
@ -44,7 +43,8 @@ class TokenEndpoint(object):
self.code = Code.objects.get(code=self.params.code) self.code = Code.objects.get(code=self.params.code)
if not (self.code.client == self.client) and not self.code.has_expired(): if not (self.code.client == self.client) and \
not self.code.has_expired():
raise TokenError('invalid_grant') raise TokenError('invalid_grant')
except Client.DoesNotExist: except Client.DoesNotExist:
@ -77,7 +77,7 @@ class TokenEndpoint(object):
dic = { dic = {
'access_token': token.access_token, 'access_token': token.access_token,
'token_type': 'bearer', 'token_type': 'bearer',
'expires_in': 60*60, # TODO: Add this into settings. 'expires_in': settings.get('DOP_TOKEN_EXPIRE'),
'id_token': id_token, 'id_token': id_token,
} }

View file

@ -1,11 +1,10 @@
import time
import jwt
import uuid
from datetime import timedelta from datetime import timedelta
from django.utils import timezone from django.utils import timezone
from openid_provider.models import * from openid_provider.models import *
from openid_provider import settings
import jwt
import time
import uuid
def create_id_token_dic(user, iss, aud): def create_id_token_dic(user, iss, aud):
@ -16,7 +15,7 @@ def create_id_token_dic(user, iss, aud):
Return a dic. Return a dic.
""" """
expires_in = 60*10 expires_in = settings.get('DOP_IDTOKEN_EXPIRE')
now = timezone.now() now = timezone.now()
@ -62,7 +61,8 @@ def create_token(user, client, id_token_dic, scope):
token.id_token = id_token_dic token.id_token = id_token_dic
token.refresh_token = uuid.uuid4().hex token.refresh_token = uuid.uuid4().hex
token.expires_at = timezone.now() + timedelta(seconds=60*60) # TODO: Add this into settings. token.expires_at = timezone.now() + timedelta(
seconds=settings.get('DOP_TOKEN_EXPIRE'))
token.scope = scope token.scope = scope
return token return token

View file

@ -1,20 +1,21 @@
from django.conf import settings from django.conf import settings
class default_settings(object): # Here goes all the package default settings.
default_settings = {
# Here goes all the package default settings. 'DOP_CODE_EXPIRE': 60*10, # 10 min.
'DOP_IDTOKEN_EXPIRE': 60*10, # 10 min.
LOGIN_URL = None 'DOP_TOKEN_EXPIRE': 60*60, # 1 hour.
'LOGIN_URL': None,
SITE_URL = None 'SITE_URL': None,
}
def get(name): def get(name):
''' '''
Helper function to use inside the package. Helper function to use inside the package.
''' '''
try: try:
value = getattr(default_settings, name) value = default_settings[name]
value = getattr(settings, name) value = getattr(settings, name)
except AttributeError: except AttributeError:
if value == None: if value == None:

View file

@ -5,7 +5,6 @@ from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
from django.shortcuts import render from django.shortcuts import render
from django.views.decorators.http import require_http_methods from django.views.decorators.http import require_http_methods
from django.views.generic import View from django.views.generic import View
from openid_provider.lib.errors import * from openid_provider.lib.errors import *
from openid_provider.lib.endpoints.authorize import * from openid_provider.lib.endpoints.authorize import *
from openid_provider.lib.endpoints.token import * from openid_provider.lib.endpoints.token import *