Compare commits

...

3 commits

Author SHA1 Message Date
Cayo Puigdefabregas 533d749711 add comunication with id_provider 2023-09-27 14:03:14 +02:00
Cayo Puigdefabregas 01369ff737 add endpoint api-token-auth-v2 2023-09-27 14:02:29 +02:00
Cayo Puigdefabregas 99d31d5030 fix orchestra-admin 2023-09-27 14:01:43 +02:00
3 changed files with 39 additions and 4 deletions

View file

@ -150,9 +150,9 @@ function install_requirements () {
fi
# cracklib and lxml are excluded on the requirements.txt because they need unconvinient system dependencies
PIP="$(wget http://git.io/orchestra-requirements.txt -O - | tr '\n' ' ') \
PIP="$(cat requirements.txt -O - | tr '\n' ' ') \
cracklib \
lxml==3.3.5"
lxml==4.9.3"
if $testing; then
PIP="${PIP} \
selenium \

View file

@ -2,7 +2,7 @@ from django.contrib import admin
from django.conf.urls import include, url
from rest_framework.authtoken.views import obtain_auth_token
from orchestra.views import serve_private_media
from orchestra.views import serve_private_media, obtain_auth_token_v2
from . import api
from .utils.apps import isinstalled
@ -20,6 +20,7 @@ urlpatterns = [
url(r'^api/', include(api.router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
url(r'^api-token-auth/', obtain_auth_token, name='api-token-auth'),
url(r'^api-token-auth-v2/', obtain_auth_token_v2, name='api-token-auth-v2'),
url(r'^media/(.+)/(.+)/(.+)/(.+)/(.+)$', serve_private_media, name='private-media'),
# url(r'search', 'orchestra.views.search', name='search'),
]

View file

@ -1,9 +1,14 @@
import json
import requests
from django.apps import apps
from django.http import Http404
from django.http import Http404, JsonResponse
from django.contrib.admin.utils import unquote
from django.core.exceptions import PermissionDenied
from django.shortcuts import get_object_or_404
from django.views.static import serve
from django.views.decorators.csrf import csrf_exempt
from rest_framework.authtoken.models import Token
from orchestra.contrib.accounts.models import Account
def serve_private_media(request, app_label, model_name, field_name, object_id, filename):
@ -18,3 +23,32 @@ def serve_private_media(request, app_label, model_name, field_name, object_id, f
return serve(request, field.name, document_root=field.storage.location)
else:
raise PermissionDenied()
def get_user_info(token):
url = "http://localhost:5000/oauth/userinfo"
access_token = token['access_token']
token_type = token.get('token_type', 'Bearer')
headers = {"Authorization": f"{token_type} {access_token}"}
msg = requests.get(url, headers=headers)
userinfo = json.loads(msg.text)
username = userinfo.get('username')
return username
@csrf_exempt
def obtain_auth_token_v2(request):
oidc_token = request.POST.get('token')
if not oidc_token:
raise PermissionDenied()
oidc_token = json.loads(oidc_token)
username = get_user_info(oidc_token)
users = Account.objects.filter(username=username)
if not users:
raise PermissionDenied()
user = users[0]
token = Token.objects.get_or_create(user=user)
if len(token) == 2:
return JsonResponse({"token": token[0].key})