first step of oidc

2023-11-28 17:33:24 +01:00 · 2023-11-28 17:33:24 +01:00 · d84ad8f470
parent 5e95d6b15c
commit d84ad8f470
4 changed files with 28 additions and 17 deletions
--- a/idhub/user/forms.py
+++ b/idhub/user/forms.py
@ -81,10 +81,8 @@ class DemandAuthorizationForm(forms.Form):
        if commit:
            url = self.org.demand_authorization()
            auth = (self.org.client_id, self.org.client_secret)
-            # res = requests.get(url, auth=auth)
-            # import pdb; pdb.set_trace()
-            # if res.status == 200:
-                # return res.body
+            if url.status_code == 200:
+                return url.json().get('redirect_uri')
        
        return 

--- a/idhub/user/views.py
+++ b/idhub/user/views.py
@ -160,9 +160,9 @@ class DemandAuthorizationView(MyWallet, FormView):
    
    def form_valid(self, form):
        authorization = form.save()
+        # import pdb; pdb.set_trace()
        if authorization:
-            if authorization.get('redirect_uri'):
-                redirect(authorization.get('redirect_uri'))
+            redirect(authorization)
        else:
            messages.error(self.request, _("Error sending credential!"))
        return super().form_valid(form)
--- a/oidc4vp/models.py
+++ b/oidc4vp/models.py
@ -112,15 +112,11 @@ class Authorization(models.Model):
    )

    def authorize(self):
-        response_uri = self.__class__.objects.filter(
-            response_uri=settings.ALLOW_CODE_URI
-        )
        data = {
            "response_type": "vp_token",
            "response_mode": "direct_post",
            "client_id": self.organization.client_id,
-            "response_uri": response_uri,
-            "presentation_definition": "...",
+            "presentation_definition": self.presentation_definition,
            "nonce": gen_salt(5),
        }
        query_dict = QueryDict('', mutable=True)
--- a/oidc4vp/views.py
+++ b/oidc4vp/views.py
@ -1,9 +1,11 @@
 import json
+import base64

 from django.views.generic.edit import View

 from oidc4vp.models import Authorization, Organization
-from django.http import HttpResponse
+from django.http import HttpResponse, Http404
+from django.shortcuts import get_object_or_404


 # from django.core.mail import send_mail
@ -11,22 +13,37 @@ from django.http import HttpResponse

 # from utils.idhub_ssikit import verify_presentation
 # from oidc4vp.models import VPVerifyRequest
-from django.shortcuts import get_object_or_404
 # from more_itertools import flatten, unique_everseen


 class VerifyView(View):
    def get(self, request, *args, **kwargs):
-        org_url = request.GET.get('demand_uri')
-        org = get_object_or_404(Organization, response_uri=org_url)
+        org = self.validate(request)
+        if not org:
+            raise Http404("Page not Found!")
+        
        authorization = Authorization(
            organization=org,
            presentation_definition="MemberCredential"
        )
-        import pdb; pdb.set_trace()
-        res = json.dumps({"redirect_uri": authorization.authorize()})
        return HttpResponse(res)

+    def validate(self, request):
+        auth_header = request.headers.get('Authorization', b'')
+        auth_data = auth_header.split()
+
+        if len(auth_data) == 2 and auth_data[0].lower() == b'basic':
+            decoded_auth = base64.b64decode(auth_data[1]).decode('utf-8')
+            client_id, client_secret = decoded_auth.split(':', 1)
+            org_url = request.GET.get('demand_uri')
+            org = get_object_or_404(
+                Organization,
+                response_uri=org_url,
+                client_id=client_id,
+                client_secret=client_secret
+            )
+            return org
+
    def post(self, request, *args, **kwargs):
        import pdb; pdb.set_trace()
        # # TODO: incorporate request.POST["presentation_submission"] as schema definition