From d84ad8f47000901bec3ef6bcf8011f9a47cd0aa1 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Tue, 28 Nov 2023 17:33:24 +0100 Subject: [PATCH] first step of oidc --- idhub/user/forms.py | 6 ++---- idhub/user/views.py | 4 ++-- oidc4vp/models.py | 6 +----- oidc4vp/views.py | 29 +++++++++++++++++++++++------ 4 files changed, 28 insertions(+), 17 deletions(-) diff --git a/idhub/user/forms.py b/idhub/user/forms.py index 8bacf89..cce197c 100644 --- a/idhub/user/forms.py +++ b/idhub/user/forms.py @@ -81,10 +81,8 @@ class DemandAuthorizationForm(forms.Form): if commit: url = self.org.demand_authorization() auth = (self.org.client_id, self.org.client_secret) - # res = requests.get(url, auth=auth) - # import pdb; pdb.set_trace() - # if res.status == 200: - # return res.body + if url.status_code == 200: + return url.json().get('redirect_uri') return diff --git a/idhub/user/views.py b/idhub/user/views.py index f509016..09eae35 100644 --- a/idhub/user/views.py +++ b/idhub/user/views.py @@ -160,9 +160,9 @@ class DemandAuthorizationView(MyWallet, FormView): def form_valid(self, form): authorization = form.save() + # import pdb; pdb.set_trace() if authorization: - if authorization.get('redirect_uri'): - redirect(authorization.get('redirect_uri')) + redirect(authorization) else: messages.error(self.request, _("Error sending credential!")) return super().form_valid(form) diff --git a/oidc4vp/models.py b/oidc4vp/models.py index 2d0d224..83cdef1 100644 --- a/oidc4vp/models.py +++ b/oidc4vp/models.py @@ -112,15 +112,11 @@ class Authorization(models.Model): ) def authorize(self): - response_uri = self.__class__.objects.filter( - response_uri=settings.ALLOW_CODE_URI - ) data = { "response_type": "vp_token", "response_mode": "direct_post", "client_id": self.organization.client_id, - "response_uri": response_uri, - "presentation_definition": "...", + "presentation_definition": self.presentation_definition, "nonce": gen_salt(5), } query_dict = QueryDict('', mutable=True) diff --git a/oidc4vp/views.py b/oidc4vp/views.py index 6fe4623..77a97b6 100644 --- a/oidc4vp/views.py +++ b/oidc4vp/views.py @@ -1,9 +1,11 @@ import json +import base64 from django.views.generic.edit import View from oidc4vp.models import Authorization, Organization -from django.http import HttpResponse +from django.http import HttpResponse, Http404 +from django.shortcuts import get_object_or_404 # from django.core.mail import send_mail @@ -11,22 +13,37 @@ from django.http import HttpResponse # from utils.idhub_ssikit import verify_presentation # from oidc4vp.models import VPVerifyRequest -from django.shortcuts import get_object_or_404 # from more_itertools import flatten, unique_everseen class VerifyView(View): def get(self, request, *args, **kwargs): - org_url = request.GET.get('demand_uri') - org = get_object_or_404(Organization, response_uri=org_url) + org = self.validate(request) + if not org: + raise Http404("Page not Found!") + authorization = Authorization( organization=org, presentation_definition="MemberCredential" ) - import pdb; pdb.set_trace() - res = json.dumps({"redirect_uri": authorization.authorize()}) return HttpResponse(res) + def validate(self, request): + auth_header = request.headers.get('Authorization', b'') + auth_data = auth_header.split() + + if len(auth_data) == 2 and auth_data[0].lower() == b'basic': + decoded_auth = base64.b64decode(auth_data[1]).decode('utf-8') + client_id, client_secret = decoded_auth.split(':', 1) + org_url = request.GET.get('demand_uri') + org = get_object_or_404( + Organization, + response_uri=org_url, + client_id=client_id, + client_secret=client_secret + ) + return org + def post(self, request, *args, **kwargs): import pdb; pdb.set_trace() # # TODO: incorporate request.POST["presentation_submission"] as schema definition