58 lines
1.9 KiB
Python
58 lines
1.9 KiB
Python
import json
|
|
import requests
|
|
from django.apps import apps
|
|
from django.conf import settings
|
|
from django.http import Http404, JsonResponse
|
|
from django.contrib.admin.utils import unquote
|
|
from django.core.exceptions import PermissionDenied
|
|
from django.shortcuts import get_object_or_404
|
|
from django.views.static import serve
|
|
from django.views.decorators.csrf import csrf_exempt
|
|
from rest_framework.authtoken.models import Token
|
|
from orchestra.contrib.accounts.models import Account
|
|
|
|
|
|
def serve_private_media(request, app_label, model_name, field_name, object_id, filename):
|
|
model = apps.get_model(app_label, model_name)
|
|
if model is None:
|
|
raise Http404('')
|
|
instance = get_object_or_404(model, pk=unquote(object_id))
|
|
if not hasattr(instance, field_name):
|
|
raise Http404('')
|
|
field = getattr(instance, field_name)
|
|
if field.condition(request, instance):
|
|
return serve(request, field.name, document_root=field.storage.location)
|
|
else:
|
|
raise PermissionDenied()
|
|
|
|
|
|
def get_user_info(token):
|
|
# domain = settings.OIDC_PROVIDER.strip("/")
|
|
domain = "https://idp.demo.pangea.org"
|
|
url = f"{domain}/application/o/userinfo/"
|
|
access_token = token['access_token']
|
|
token_type = token.get('token_type', 'Bearer')
|
|
headers = {"Authorization": f"{token_type} {access_token}"}
|
|
msg = requests.get(url, headers=headers)
|
|
userinfo = json.loads(msg.text)
|
|
username = userinfo.get('username')
|
|
return username
|
|
|
|
|
|
@csrf_exempt
|
|
def obtain_auth_token_v2(request):
|
|
oidc_token = request.POST.get('token')
|
|
if not oidc_token:
|
|
raise PermissionDenied()
|
|
oidc_token = json.loads(oidc_token)
|
|
|
|
username = get_user_info(oidc_token)
|
|
users = Account.objects.filter(username=username)
|
|
if not users:
|
|
raise PermissionDenied()
|
|
|
|
user = users[0]
|
|
token = Token.objects.get_or_create(user=user)
|
|
if len(token) == 2:
|
|
return JsonResponse({"token": token[0].key})
|