fix url for get userinfo

orchestra/urls.py

@@ -2,7 +2,7 @@ from django.contrib import admin
 from django.conf.urls import include, url
 from rest_framework.authtoken.views import obtain_auth_token
 
-from orchestra.views import serve_private_media
+from orchestra.views import serve_private_media, obtain_auth_token_v2
 
 from . import api
 from .utils.apps import isinstalled
@@ -20,6 +20,7 @@ urlpatterns = [
     url(r'^api/', include(api.router.urls)),
     url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
     url(r'^api-token-auth/', obtain_auth_token, name='api-token-auth'),
+    url(r'^api-token-auth-v2/', obtain_auth_token_v2, name='api-token-auth-v2'),
     url(r'^media/(.+)/(.+)/(.+)/(.+)/(.+)$', serve_private_media, name='private-media'),
 #    url(r'search', 'orchestra.views.search', name='search'),
 ]

orchestra/views.py

@@ -1,9 +1,15 @@
+import json
+import requests
 from django.apps import apps
-from django.http import Http404
+from django.conf import settings
+from django.http import Http404, JsonResponse
 from django.contrib.admin.utils import unquote
 from django.core.exceptions import PermissionDenied
 from django.shortcuts import get_object_or_404
 from django.views.static import serve
+from django.views.decorators.csrf import csrf_exempt
+from rest_framework.authtoken.models import Token
+from orchestra.contrib.accounts.models import Account
 
 
 def serve_private_media(request, app_label, model_name, field_name, object_id, filename):
@@ -18,3 +24,34 @@ def serve_private_media(request, app_label, model_name, field_name, object_id, f
         return serve(request, field.name, document_root=field.storage.location)
     else:
         raise PermissionDenied()
+
+
+def get_user_info(token):
+    # domain = settings.OIDC_PROVIDER.strip("/")
+    domain = "https://idp.demo.pangea.org"
+    url = f"{domain}/application/o/userinfo/"
+    access_token = token['access_token']
+    token_type = token.get('token_type', 'Bearer')
+    headers = {"Authorization": f"{token_type} {access_token}"}
+    msg = requests.get(url, headers=headers)
+    userinfo = json.loads(msg.text)
+    username = userinfo.get('username')
+    return username
+
+
+@csrf_exempt
+def obtain_auth_token_v2(request):
+    oidc_token = request.POST.get('token')
+    if not oidc_token:
+        raise PermissionDenied()
+    oidc_token = json.loads(oidc_token)
+
+    username = get_user_info(oidc_token)
+    users = Account.objects.filter(username=username)
+    if not users:
+        raise PermissionDenied()
+
+    user = users[0]
+    token = Token.objects.get_or_create(user=user)
+    if len(token) == 2:
+        return JsonResponse({"token": token[0].key})