A few changes in settings. Add more variables to it.
This commit is contained in:
parent
be741e79e3
commit
97eef517b0
13
README.rst
13
README.rst
|
@ -54,13 +54,22 @@ Add required variables to your project settings.
|
|||
|
||||
.. code:: python
|
||||
|
||||
# REQUIRED. Your server provider url.
|
||||
# REQUIRED.
|
||||
|
||||
# Your server provider url.
|
||||
SITE_URL = 'http://localhost:8000'
|
||||
|
||||
# REQUIRED.
|
||||
# Used to log the user in.
|
||||
# See: https://docs.djangoproject.com/en/1.7/ref/settings/#login-url
|
||||
LOGIN_URL = '/accounts/login/'
|
||||
|
||||
# OPTIONAL.
|
||||
|
||||
DOP_CODE_EXPIRE = 60*10 # 10 min.
|
||||
DOP_IDTOKEN_EXPIRE = 60*10, # 10 min.
|
||||
DOP_TOKEN_EXPIRE = 60*60 # 1 hour.
|
||||
|
||||
|
||||
********************
|
||||
Create User & Client
|
||||
********************
|
||||
|
|
|
@ -1,13 +1,11 @@
|
|||
import uuid
|
||||
|
||||
from datetime import timedelta
|
||||
|
||||
from django.utils import timezone
|
||||
|
||||
from openid_provider.lib.errors import *
|
||||
from openid_provider.lib.utils.params import *
|
||||
from openid_provider.lib.utils.token import *
|
||||
from openid_provider.models import *
|
||||
from openid_provider import settings
|
||||
import uuid
|
||||
|
||||
|
||||
class AuthorizeEndpoint(object):
|
||||
|
@ -20,7 +18,8 @@ class AuthorizeEndpoint(object):
|
|||
|
||||
# Because in this endpoint we handle both GET
|
||||
# and POST request.
|
||||
self.query_dict = (self.request.POST if self.request.method == 'POST' else self.request.GET)
|
||||
self.query_dict = (self.request.POST if self.request.method == 'POST'
|
||||
else self.request.GET)
|
||||
|
||||
self._extract_params()
|
||||
|
||||
|
@ -91,14 +90,15 @@ class AuthorizeEndpoint(object):
|
|||
|
||||
try:
|
||||
self.validate_params()
|
||||
|
||||
|
||||
if self.grant_type == 'authorization_code':
|
||||
|
||||
code = Code()
|
||||
code.user = self.request.user
|
||||
code.client = self.client
|
||||
code.code = uuid.uuid4().hex
|
||||
code.expires_at = timezone.now() + timedelta(seconds=60*10) # TODO: Add this into settings.
|
||||
code.expires_at = timezone.now() + timedelta(
|
||||
seconds=settings.get('DOP_CODE_EXPIRE'))
|
||||
code.scope = self.params.scope
|
||||
code.save()
|
||||
|
||||
|
@ -108,7 +108,7 @@ class AuthorizeEndpoint(object):
|
|||
|
||||
id_token_dic = create_id_token_dic(
|
||||
self.request.user,
|
||||
'http://localhost:8000', # TODO: Add this into settings.
|
||||
settings.get('SITE_URL'),
|
||||
self.client.client_id)
|
||||
|
||||
token = create_token(
|
||||
|
@ -120,14 +120,15 @@ class AuthorizeEndpoint(object):
|
|||
# Store the token.
|
||||
token.save()
|
||||
|
||||
id_token = encode_id_token(id_token_dic, self.client.client_secret)
|
||||
|
||||
id_token = encode_id_token(
|
||||
id_token_dic, self.client.client_secret)
|
||||
|
||||
# TODO: Check if response_type is 'id_token token' then
|
||||
# add access_token to the fragment.
|
||||
uri = self.params.redirect_uri + '#token_type={0}&id_token={1}&expires_in={2}'.format(
|
||||
'bearer',
|
||||
id_token,
|
||||
60*10
|
||||
60 * 10
|
||||
)
|
||||
except:
|
||||
raise AuthorizeError(
|
||||
|
@ -136,6 +137,8 @@ class AuthorizeEndpoint(object):
|
|||
self.grant_type)
|
||||
|
||||
# Add state if present.
|
||||
uri = uri + ('&state={0}'.format(self.params.state) if self.params.state else '')
|
||||
uri = uri + \
|
||||
('&state={0}'.format(self.params.state)
|
||||
if self.params.state else '')
|
||||
|
||||
return uri
|
||||
return uri
|
||||
|
|
|
@ -1,12 +1,10 @@
|
|||
import urllib
|
||||
|
||||
from django.http import JsonResponse
|
||||
|
||||
from openid_provider.lib.errors import *
|
||||
from openid_provider.lib.utils.params import *
|
||||
from openid_provider.lib.utils.token import *
|
||||
from openid_provider.models import *
|
||||
from openid_provider import settings
|
||||
import urllib
|
||||
|
||||
|
||||
class TokenEndpoint(object):
|
||||
|
@ -23,7 +21,8 @@ class TokenEndpoint(object):
|
|||
|
||||
self.params.client_id = query_dict.get('client_id', '')
|
||||
self.params.client_secret = query_dict.get('client_secret', '')
|
||||
self.params.redirect_uri = urllib.unquote(query_dict.get('redirect_uri', ''))
|
||||
self.params.redirect_uri = urllib.unquote(
|
||||
query_dict.get('redirect_uri', ''))
|
||||
self.params.grant_type = query_dict.get('grant_type', '')
|
||||
self.params.code = query_dict.get('code', '')
|
||||
self.params.state = query_dict.get('state', '')
|
||||
|
@ -44,7 +43,8 @@ class TokenEndpoint(object):
|
|||
|
||||
self.code = Code.objects.get(code=self.params.code)
|
||||
|
||||
if not (self.code.client == self.client) and not self.code.has_expired():
|
||||
if not (self.code.client == self.client) and \
|
||||
not self.code.has_expired():
|
||||
raise TokenError('invalid_grant')
|
||||
|
||||
except Client.DoesNotExist:
|
||||
|
@ -77,7 +77,7 @@ class TokenEndpoint(object):
|
|||
dic = {
|
||||
'access_token': token.access_token,
|
||||
'token_type': 'bearer',
|
||||
'expires_in': 60*60, # TODO: Add this into settings.
|
||||
'expires_in': settings.get('DOP_TOKEN_EXPIRE'),
|
||||
'id_token': id_token,
|
||||
}
|
||||
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
import time
|
||||
import jwt
|
||||
import uuid
|
||||
|
||||
from datetime import timedelta
|
||||
|
||||
from django.utils import timezone
|
||||
from openid_provider.models import *
|
||||
from openid_provider import settings
|
||||
import jwt
|
||||
import time
|
||||
import uuid
|
||||
|
||||
|
||||
def create_id_token_dic(user, iss, aud):
|
||||
|
@ -16,7 +15,7 @@ def create_id_token_dic(user, iss, aud):
|
|||
|
||||
Return a dic.
|
||||
"""
|
||||
expires_in = 60*10
|
||||
expires_in = settings.get('DOP_IDTOKEN_EXPIRE')
|
||||
|
||||
now = timezone.now()
|
||||
|
||||
|
@ -62,7 +61,8 @@ def create_token(user, client, id_token_dic, scope):
|
|||
token.id_token = id_token_dic
|
||||
|
||||
token.refresh_token = uuid.uuid4().hex
|
||||
token.expires_at = timezone.now() + timedelta(seconds=60*60) # TODO: Add this into settings.
|
||||
token.expires_at = timezone.now() + timedelta(
|
||||
seconds=settings.get('DOP_TOKEN_EXPIRE'))
|
||||
token.scope = scope
|
||||
|
||||
return token
|
||||
return token
|
||||
|
|
|
@ -1,20 +1,21 @@
|
|||
from django.conf import settings
|
||||
|
||||
|
||||
class default_settings(object):
|
||||
|
||||
# Here goes all the package default settings.
|
||||
|
||||
LOGIN_URL = None
|
||||
|
||||
SITE_URL = None
|
||||
# Here goes all the package default settings.
|
||||
default_settings = {
|
||||
'DOP_CODE_EXPIRE': 60*10, # 10 min.
|
||||
'DOP_IDTOKEN_EXPIRE': 60*10, # 10 min.
|
||||
'DOP_TOKEN_EXPIRE': 60*60, # 1 hour.
|
||||
'LOGIN_URL': None,
|
||||
'SITE_URL': None,
|
||||
}
|
||||
|
||||
def get(name):
|
||||
'''
|
||||
Helper function to use inside the package.
|
||||
'''
|
||||
try:
|
||||
value = getattr(default_settings, name)
|
||||
value = default_settings[name]
|
||||
value = getattr(settings, name)
|
||||
except AttributeError:
|
||||
if value == None:
|
||||
|
|
|
@ -5,7 +5,6 @@ from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
|
|||
from django.shortcuts import render
|
||||
from django.views.decorators.http import require_http_methods
|
||||
from django.views.generic import View
|
||||
|
||||
from openid_provider.lib.errors import *
|
||||
from openid_provider.lib.endpoints.authorize import *
|
||||
from openid_provider.lib.endpoints.token import *
|
||||
|
|
Loading…
Reference in a new issue