WIP Use Flows for Sources and Providers (#32)
* core: start migrating to flows for authorisation * sources/oauth: start type-hinting * core: create default user * core: only show user delete button if an unenrollment flow exists * flows: Correctly check initial policies on flow with context * policies: add more verbosity to engine * sources/oauth: migrate to flows * sources/oauth: fix typing errors * flows: add more tests * sources/oauth: start implementing unittests * sources/ldap: add option to disable user sync, move connection init to model * sources/ldap: re-add default PropertyMappings * providers/saml: re-add default PropertyMappings * admin: fix missing stage count * stages/identification: fix sources not being shown * crypto: fix being unable to save with private key * crypto: re-add default self-signed keypair * policies: rewrite cache_key to prevent wrong cache * sources/saml: migrate to flows for auth and enrollment * stages/consent: add new stage * admin: fix PropertyMapping widget not rendering properly * core: provider.authorization_flow is mandatory * flows: add support for "autosubmit" attribute on form * flows: add InMemoryStage for dynamic stages * flows: optionally allow empty flows from FlowPlanner * providers/saml: update to authorization_flow * sources/*: fix flow executor URL * flows: fix pylint error * flows: wrap responses in JSON object to easily handle redirects * flow: dont cache plan's context * providers/oauth: rewrite OAuth2 Provider to use flows * providers/*: update docstrings of models * core: fix forms not passing help_text through safe * flows: fix HttpResponses not being converted to JSON * providers/oidc: rewrite to use flows * flows: fix linting
This commit is contained in:
Jens L
@ -1,21 +1,32 @@
|
||||
"""passbook pretend GitHub Views"""
|
||||
from django.http import JsonResponse
|
||||
from django.core.exceptions import PermissionDenied
|
||||
from django.http import HttpRequest, HttpResponse, JsonResponse
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.views import View
|
||||
from oauth2_provider.models import AccessToken
|
||||
|
||||
from passbook.core.models import User
|
||||
|
||||
class GitHubUserView(View):
|
||||
|
||||
class GitHubPretendView(View):
|
||||
"""Emulate GitHub's API Endpoints"""
|
||||
|
||||
def verify_access_token(self) -> User:
|
||||
"""Verify access token manually since github uses /user?access_token=..."""
|
||||
if "HTTP_AUTHORIZATION" in self.request.META:
|
||||
full_token = self.request.META.get("HTTP_AUTHORIZATION")
|
||||
_, token = full_token.split(" ")
|
||||
elif "access_token" in self.request.GET:
|
||||
token = self.request.GET.get("access_token", "")
|
||||
else:
|
||||
raise PermissionDenied("No access token passed.")
|
||||
return get_object_or_404(AccessToken, token=token).user
|
||||
|
||||
|
||||
class GitHubUserView(GitHubPretendView):
|
||||
"""Emulate GitHub's /user API Endpoint"""
|
||||
|
||||
def verify_access_token(self):
|
||||
"""Verify access token manually since github uses /user?access_token=..."""
|
||||
token = get_object_or_404(
|
||||
AccessToken, token=self.request.GET.get("access_token", "")
|
||||
)
|
||||
return token.user
|
||||
|
||||
def get(self, request):
|
||||
def get(self, request: HttpRequest) -> HttpResponse:
|
||||
"""Emulate GitHub's /user API Endpoint"""
|
||||
user = self.verify_access_token()
|
||||
return JsonResponse(
|
||||
@ -65,3 +76,11 @@ class GitHubUserView(View):
|
||||
},
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
class GitHubUserTeamsView(GitHubPretendView):
|
||||
"""Emulate GitHub's /user/teams API Endpoint"""
|
||||
|
||||
def get(self, request: HttpRequest) -> HttpResponse:
|
||||
"""Emulate GitHub's /user/teams API Endpoint"""
|
||||
return JsonResponse([], safe=False)
|
||||
|
||||
Reference in New Issue
Block a user