pangea
/
django-orchestra
7
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Projects Releases Wiki Activity

sso endpoint

This commit is contained in:
Cayo Puigdefabregas 2023-12-19 10:41:26 +01:00
parent f067732802
commit 5d58e1e55e
2 changed files with 37 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
orchestra/urls.py
View File

@ -2,7 +2,7 @@ from django.contrib import admin
from django.conf.urls import include, url from django.conf.urls import include, url
from rest_framework.authtoken.views import obtain_auth_token from rest_framework.authtoken.views import obtain_auth_token
from orchestra.views import serve_private_media from orchestra.views import serve_private_media, obtain_auth_token_v2
from . import api from . import api
from .utils.apps import isinstalled from .utils.apps import isinstalled
@ -20,6 +20,7 @@ urlpatterns = [
url(r'^api/', include(api.router.urls)), url(r'^api/', include(api.router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')), url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
url(r'^api-token-auth/', obtain_auth_token, name='api-token-auth'), url(r'^api-token-auth/', obtain_auth_token, name='api-token-auth'),
url(r'^api-token-auth-v2/', obtain_auth_token_v2, name='api-token-auth-v2'),
url(r'^media/(.+)/(.+)/(.+)/(.+)/(.+)$', serve_private_media, name='private-media'), url(r'^media/(.+)/(.+)/(.+)/(.+)/(.+)$', serve_private_media, name='private-media'),
# url(r'search', 'orchestra.views.search', name='search'), # url(r'search', 'orchestra.views.search', name='search'),
] ]

36
orchestra/views.py
View File

@ -1,9 +1,14 @@
import json
import requests
from django.apps import apps from django.apps import apps
from django.http import Http404 from django.http import Http404, JsonResponse
from django.contrib.admin.utils import unquote from django.contrib.admin.utils import unquote
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404
from django.views.static import serve from django.views.static import serve
from django.views.decorators.csrf import csrf_exempt
from rest_framework.authtoken.models import Token
from orchestra.contrib.accounts.models import Account
def serve_private_media(request, app_label, model_name, field_name, object_id, filename): def serve_private_media(request, app_label, model_name, field_name, object_id, filename):
@ -18,3 +23,32 @@ def serve_private_media(request, app_label, model_name, field_name, object_id, f
return serve(request, field.name, document_root=field.storage.location) return serve(request, field.name, document_root=field.storage.location)
else: else:
raise PermissionDenied() raise PermissionDenied()
def get_user_info(token):
url = "http://localhost:5000/oauth/userinfo"
access_token = token['access_token']
token_type = token.get('token_type', 'Bearer')
headers = {"Authorization": f"{token_type} {access_token}"}
msg = requests.get(url, headers=headers)
userinfo = json.loads(msg.text)
username = userinfo.get('username')
return username
@csrf_exempt
def obtain_auth_token_v2(request):
oidc_token = request.POST.get('token')
if not oidc_token:
raise PermissionDenied()
oidc_token = json.loads(oidc_token)
username = get_user_info(oidc_token)
users = Account.objects.filter(username=username)
if not users:
raise PermissionDenied()
user = users[0]
token = Token.objects.get_or_create(user=user)
if len(token) == 2:
return JsonResponse({"token": token[0].key})