add oidc allow_code to views

musician/views.py

@@ -1,6 +1,8 @@
 import logging
 import smtplib
 import datetime
+import requests
+import json
 
 from django.conf import settings
 from django.contrib import messages
@@ -20,6 +22,7 @@ from django.views.generic.list import ListView
 from requests.exceptions import HTTPError
 
 from . import get_version
+from . import api
 from .auth import login as auth_login
 from .auth import logout as auth_logout
 from .forms import LoginForm, MailboxChangePasswordForm, MailboxCreateForm, MailboxUpdateForm, MailForm
@@ -33,6 +36,7 @@ from .utils import get_bootstraped_percent
 logger = logging.getLogger(__name__)
 
 
+
 class DashboardView(CustomContextMixin, UserTokenRequiredMixin, TemplateView):
     template_name = "musician/dashboard.html"
     extra_context = {
@@ -535,6 +539,61 @@ class DomainDetailView(CustomContextMixin, UserTokenRequiredMixin, DetailView):
         return domain
 
 
+class AllowCodeView(RedirectView):
+    """
+    Log in the user with OAuth2.
+    """
+    permanent = False
+    success_url = reverse_lazy('musician:dashboard')
+    userinfo = None
+
+    def get_token(self):
+        url = "http://localhost:5000/oauth/token"
+        client_id = settings.CLIENT_ID
+        client_secret = settings.CLIENT_SECRET
+        self.code = self.request.GET.get('code')
+        data = {'grant_type': 'authorization_code', 'code': self.code}
+        auth = (client_id, client_secret)
+        msg = requests.post(url, data=data, auth=auth)
+        self.token = msg.text
+
+    def get(self, request, *args, **kwargs):
+        """
+        Logs in the user.
+        """
+        self.get_token()
+        # self.get_user_info()
+        orchestra = api.Orchestra(token=self.token)
+        self.orchestra_token = orchestra.auth_token
+        self.user = orchestra.retrieve_profile()
+        username = self.user.username
+        auth_login(self.request, username, self.orchestra_token)
+
+        # set user language as active language
+        user_language = self.user.language
+        translation.activate(user_language)
+
+        response = HttpResponseRedirect(self.get_success_url())
+        response.set_cookie(settings.LANGUAGE_COOKIE_NAME, user_language)
+
+        return response
+        # return super().get(*args, **kwargs)
+
+    def get_success_url(self):
+        url = self.get_redirect_url()
+        return url or self.success_url
+
+    def get_redirect_url(self):
+        """Return the user-originating redirect URL if it's safe."""
+        redirect_to = self.success_url
+        url_is_safe = is_safe_url(
+            url=redirect_to,
+            allowed_hosts={self.request.get_host()},
+            require_https=self.request.is_secure(),
+        )
+        return redirect_to if url_is_safe else ''
+
+
 class LoginView(FormView):
     template_name = 'auth/login.html'
     form_class = LoginForm
@@ -551,6 +610,16 @@ class LoginView(FormView):
         kwargs['request'] = self.request
         return kwargs
 
+    def get_oidc_url(self):
+        client_id = settings.CLIENT_ID
+        domain = settings.OIDC_PROVIDER
+        if not client_id or not domain:
+            return
+
+        url = f'{domain}/oauth/authorize?client_id={client_id}'
+        url += '&scope=openid+profile&response_type=code&nonce=abc'
+        return url
+
     def form_valid(self, form):
         """Security check complete. Log the user in."""
         auth_login(self.request, form.username, form.token)
@@ -585,6 +654,7 @@ class LoginView(FormView):
         context = super().get_context_data(**kwargs)
         context.update({
             self.redirect_field_name: self.get_redirect_url(),
+            'oidc_provider': self.get_oidc_url(),
             **(self.extra_context or {})
         })
         return context