From e511393fee57cb36de65a3a154c98431da1497c6 Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Mon, 4 Dec 2023 15:47:48 +0100 Subject: [PATCH] verify --- oidc4vp/models.py | 4 +-- oidc4vp/views.py | 63 +++++++++++++++++++++++++++++++++++++++-------- 2 files changed, 55 insertions(+), 12 deletions(-) diff --git a/oidc4vp/models.py b/oidc4vp/models.py index 4111c18..55fb327 100644 --- a/oidc4vp/models.py +++ b/oidc4vp/models.py @@ -71,8 +71,8 @@ class Organization(models.Model): url=self.response_uri.strip("/"), ) auth = (self.my_client_id, self.my_client_secret) - # import pdb; pdb.set_trace() - return requests.post(url, data=vp, auth=auth) + data = {"vp_token": vp} + return requests.post(url, data=data, auth=auth) def demand_authorization(self): """ diff --git a/oidc4vp/views.py b/oidc4vp/views.py index 5a28741..77598b4 100644 --- a/oidc4vp/views.py +++ b/oidc4vp/views.py @@ -5,6 +5,8 @@ from django.conf import settings from django.views.generic.edit import View, FormView from django.http import HttpResponse, Http404 from django.shortcuts import get_object_or_404, redirect +from django.views.decorators.csrf import csrf_exempt +from django.utils.decorators import method_decorator from django.utils.translation import gettext_lazy as _ from django.urls import reverse_lazy from django.contrib import messages @@ -13,12 +15,12 @@ from oidc4vp.models import Authorization, Organization from idhub.mixins import UserView from oidc4vp.forms import AuthorizeForm +from utils.idhub_ssikit import verify_presentation # from django.core.mail import send_mail # from django.http import HttpResponse, HttpResponseRedirect -# from utils.idhub_ssikit import verify_presentation # from oidc4vp.models import VPVerifyRequest # from more_itertools import flatten, unique_everseen @@ -43,10 +45,29 @@ class AuthorizeView(UserView, FormView): def form_valid(self, form): authorization = form.save() - if authorization: - return redirect(authorization) - else: + import pdb; pdb.set_trace() + if not authorization or authorization.status_code != 200: messages.error(self.request, _("Error sending credential!")) + return super().form_valid(form) + try: + authorization = json.loads(authorization.text) + except: + messages.error(self.request, _("Error sending credential!")) + return super().form_valid(form) + + verify = authorization.get('verify') + result, msg = verify.split(",") + if 'error' in result.lower(): + messages.error(self.request, msg) + if 'ok' in result.lower(): + messages.success(self.request, msg) + + if authorization.get('redirect_uri'): + return redirect(authorization.get('redirect_uri')) + elif authorization.get('response'): + txt = authorization.get('response') + messages.success(self.request, txt) + return super().form_valid(form) def get_org(self): @@ -61,6 +82,7 @@ class AuthorizeView(UserView, FormView): return org +@method_decorator(csrf_exempt, name='dispatch') class VerifyView(View): def get(self, request, *args, **kwargs): org = self.validate(request) @@ -73,6 +95,7 @@ class VerifyView(View): return HttpResponse(res) def validate(self, request): + # import pdb; pdb.set_trace() auth_header = request.headers.get('Authorization', b'') auth_data = auth_header.split() @@ -81,17 +104,37 @@ class VerifyView(View): client_id, client_secret = decoded_auth.split(':', 1) org_url = request.GET.get('demand_uri') org = get_object_or_404( - Organization, - response_uri=org_url, - client_id=client_id, - client_secret=client_secret - ) + Organization, + client_id=client_id, + client_secret=client_secret + ) return org - raise Http404("Organization not found!") + raise Http404("Page not Found!") def post(self, request, *args, **kwargs): org = self.validate(request) + vp_token = self.request.POST.get("vp_token") + if not vp_token: + raise Http404("Page not Found!") + + response = self.get_response_verify() + result = verify_presentation(request.POST["vp_token"]) + verification = json.loads(result) + if verification.get('errors') or verification.get('warnings'): + response["verify"] = "Error, Verification Failed" + return HttpResponse(response) + + response["verify"] = "Ok, Verification correct" + response["response"] = "Validation Code 255255255" + return HttpResponse(json.dumps(response)) + + def get_response_verify(self): + return { + "verify": ',', + "redirect_uri": "", + "response": "", + } # import pdb; pdb.set_trace() # # TODO: incorporate request.POST["presentation_submission"] as schema definition # (presentation_valid, _) = verify_presentation(request.POST["vp_token"])