sources/oauth: directly call AuthorizedServiceBackend instead of authenticate()
This commit is contained in:
		| @ -1,24 +1,23 @@ | |||||||
| """passbook oauth_client Authorization backend""" | """passbook oauth_client Authorization backend""" | ||||||
| 
 |  | ||||||
| from django.contrib.auth.backends import ModelBackend | from django.contrib.auth.backends import ModelBackend | ||||||
| from django.db.models import Q | from django.db.models import Q | ||||||
|  | from django.http import HttpRequest | ||||||
| 
 | 
 | ||||||
|  | from passbook.core.models import User | ||||||
| from passbook.sources.oauth.models import OAuthSource, UserOAuthSourceConnection | from passbook.sources.oauth.models import OAuthSource, UserOAuthSourceConnection | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| class AuthorizedServiceBackend(ModelBackend): | class AuthorizedServiceBackend(ModelBackend): | ||||||
|     "Authentication backend for users registered with remote OAuth provider." |     "Authentication backend for users registered with remote OAuth provider." | ||||||
| 
 | 
 | ||||||
|     def authenticate(self, request, source=None, identifier=None): |     def authenticate( | ||||||
|  |         self, request: HttpRequest, source: OAuthSource, identifier: str | ||||||
|  |     ) -> User: | ||||||
|         "Fetch user for a given source by id." |         "Fetch user for a given source by id." | ||||||
|         source_q = Q(source__name=source) |         source_q = Q(source__name=source) | ||||||
|         if isinstance(source, OAuthSource): |         if isinstance(source, OAuthSource): | ||||||
|             source_q = Q(source=source) |             source_q = Q(source=source) | ||||||
|         try: |         access = UserOAuthSourceConnection.objects.filter( | ||||||
|             access = UserOAuthSourceConnection.objects.filter( |             source_q, identifier=identifier | ||||||
|                 source_q, identifier=identifier |         ).select_related("user")[0] | ||||||
|             ).select_related("user")[0] |         return access.user | ||||||
|         except IndexError: |  | ||||||
|             return None |  | ||||||
|         else: |  | ||||||
|             return access.user |  | ||||||
| @ -1,9 +1,5 @@ | |||||||
| """Oauth2 Client Settings""" | """Oauth2 Client Settings""" | ||||||
|  |  | ||||||
| AUTHENTICATION_BACKENDS = [ |  | ||||||
|     "passbook.sources.oauth.backends.AuthorizedServiceBackend", |  | ||||||
| ] |  | ||||||
|  |  | ||||||
| PASSBOOK_SOURCES_OAUTH_TYPES = [ | PASSBOOK_SOURCES_OAUTH_TYPES = [ | ||||||
|     "passbook.sources.oauth.types.discord", |     "passbook.sources.oauth.types.discord", | ||||||
|     "passbook.sources.oauth.types.facebook", |     "passbook.sources.oauth.types.facebook", | ||||||
|  | |||||||
| @ -3,7 +3,6 @@ from typing import Any, Callable, Dict, Optional | |||||||
|  |  | ||||||
| from django.conf import settings | from django.conf import settings | ||||||
| from django.contrib import messages | from django.contrib import messages | ||||||
| from django.contrib.auth import authenticate |  | ||||||
| from django.contrib.auth.mixins import LoginRequiredMixin | from django.contrib.auth.mixins import LoginRequiredMixin | ||||||
| from django.http import Http404, HttpRequest, HttpResponse | from django.http import Http404, HttpRequest, HttpResponse | ||||||
| from django.shortcuts import get_object_or_404, redirect, render | from django.shortcuts import get_object_or_404, redirect, render | ||||||
| @ -22,6 +21,7 @@ from passbook.flows.planner import ( | |||||||
| ) | ) | ||||||
| from passbook.flows.views import SESSION_KEY_PLAN | from passbook.flows.views import SESSION_KEY_PLAN | ||||||
| from passbook.lib.utils.urls import redirect_with_qs | from passbook.lib.utils.urls import redirect_with_qs | ||||||
|  | from passbook.sources.oauth.auth import AuthorizedServiceBackend | ||||||
| from passbook.sources.oauth.clients import BaseOAuthClient, get_client | from passbook.sources.oauth.clients import BaseOAuthClient, get_client | ||||||
| from passbook.sources.oauth.models import OAuthSource, UserOAuthSourceConnection | from passbook.sources.oauth.models import OAuthSource, UserOAuthSourceConnection | ||||||
| from passbook.stages.password.stage import PLAN_CONTEXT_AUTHENTICATION_BACKEND | from passbook.stages.password.stage import PLAN_CONTEXT_AUTHENTICATION_BACKEND | ||||||
| @ -134,7 +134,7 @@ class OAuthCallback(OAuthClientMixin, View): | |||||||
|                     identifier=identifier, |                     identifier=identifier, | ||||||
|                     access_token=token.get("access_token"), |                     access_token=token.get("access_token"), | ||||||
|                 ) |                 ) | ||||||
|             user = authenticate( |             user = AuthorizedServiceBackend().authenticate( | ||||||
|                 source=self.source, identifier=identifier, request=request |                 source=self.source, identifier=identifier, request=request | ||||||
|             ) |             ) | ||||||
|             if user is None: |             if user is None: | ||||||
| @ -181,7 +181,8 @@ class OAuthCallback(OAuthClientMixin, View): | |||||||
|             self.request, |             self.request, | ||||||
|             { |             { | ||||||
|                 PLAN_CONTEXT_PENDING_USER: user, |                 PLAN_CONTEXT_PENDING_USER: user, | ||||||
|                 PLAN_CONTEXT_AUTHENTICATION_BACKEND: user.backend, |                 # Since we authenticate the user by their token, they have no backend set | ||||||
|  |                 PLAN_CONTEXT_AUTHENTICATION_BACKEND: "django.contrib.auth.backends.ModelBackend", | ||||||
|                 PLAN_CONTEXT_SSO: True, |                 PLAN_CONTEXT_SSO: True, | ||||||
|             }, |             }, | ||||||
|         ) |         ) | ||||||
| @ -206,7 +207,7 @@ class OAuthCallback(OAuthClientMixin, View): | |||||||
|                 % {"source": self.source.name} |                 % {"source": self.source.name} | ||||||
|             ), |             ), | ||||||
|         ) |         ) | ||||||
|         user = authenticate( |         user = AuthorizedServiceBackend().authenticate( | ||||||
|             source=access.source, identifier=access.identifier, request=self.request |             source=access.source, identifier=access.identifier, request=self.request | ||||||
|         ) |         ) | ||||||
|         return self.handle_login_flow(source.authentication_flow, user) |         return self.handle_login_flow(source.authentication_flow, user) | ||||||
| @ -249,7 +250,7 @@ class OAuthCallback(OAuthClientMixin, View): | |||||||
|                 ) |                 ) | ||||||
|             ) |             ) | ||||||
|         # User was not authenticated, new user has been created |         # User was not authenticated, new user has been created | ||||||
|         user = authenticate( |         user = AuthorizedServiceBackend().authenticate( | ||||||
|             source=access.source, identifier=access.identifier, request=self.request |             source=access.source, identifier=access.identifier, request=self.request | ||||||
|         ) |         ) | ||||||
|         messages.success( |         messages.success( | ||||||
|  | |||||||
		Reference in New Issue
	
	Block a user
	 Jens Langhammer
					Jens Langhammer