improve OIDC compatibility
This commit is contained in:
Jens Langhammer
@ -71,7 +71,7 @@ class LoginView(UserPassesTestMixin, FormView):
|
|||||||
if not pre_user:
|
if not pre_user:
|
||||||
# No user found
|
# No user found
|
||||||
return self.invalid_login(self.request)
|
return self.invalid_login(self.request)
|
||||||
self.request.session.flush()
|
# self.request.session.flush()
|
||||||
self.request.session[AuthenticationView.SESSION_PENDING_USER] = pre_user.pk
|
self.request.session[AuthenticationView.SESSION_PENDING_USER] = pre_user.pk
|
||||||
return _redirect_with_qs('passbook_core:auth-process', self.request.GET)
|
return _redirect_with_qs('passbook_core:auth-process', self.request.GET)
|
||||||
|
|
||||||
|
|||||||
@ -20,6 +20,7 @@ OAUTH2_PROVIDER_APPLICATION_MODEL = 'passbook_oauth_provider.OAuth2Provider'
|
|||||||
OAUTH2_PROVIDER = {
|
OAUTH2_PROVIDER = {
|
||||||
# this is the list of available scopes
|
# this is the list of available scopes
|
||||||
'SCOPES': {
|
'SCOPES': {
|
||||||
|
'openid': 'Access OpenID Userinfo',
|
||||||
'openid:userinfo': 'Access OpenID Userinfo',
|
'openid:userinfo': 'Access OpenID Userinfo',
|
||||||
# 'write': 'Write scope',
|
# 'write': 'Write scope',
|
||||||
# 'groups': 'Access to your groups',
|
# 'groups': 'Access to your groups',
|
||||||
|
|||||||
@ -8,16 +8,21 @@ from django.views.generic import View
|
|||||||
class OpenIDConfigurationView(View):
|
class OpenIDConfigurationView(View):
|
||||||
"""Return OpenID Configuration"""
|
"""Return OpenID Configuration"""
|
||||||
|
|
||||||
|
def get_issuer_url(self, request):
|
||||||
|
"""Get correct issuer URL"""
|
||||||
|
full_url = request.build_absolute_uri(reverse('passbook_oauth_provider:openid-discovery'))
|
||||||
|
return full_url.replace(".well-known/openid-configuration", "")
|
||||||
|
|
||||||
def get(self, request: HttpRequest):
|
def get(self, request: HttpRequest):
|
||||||
"""Get Response conform to https://openid.net/specs/openid-connect-discovery-1_0.html"""
|
"""Get Response conform to https://openid.net/specs/openid-connect-discovery-1_0.html"""
|
||||||
return JsonResponse({
|
return JsonResponse({
|
||||||
'issuer': request.build_absolute_uri(reverse('passbook_core:overview')),
|
'issuer': self.get_issuer_url(rqeuest),
|
||||||
'authorization_endpoint': request.build_absolute_uri(
|
'authorization_endpoint': request.build_absolute_uri(
|
||||||
reverse('passbook_oauth_provider:oauth2-authorize')),
|
reverse('passbook_oauth_provider:oauth2-authorize')),
|
||||||
'token_endpoint': request.build_absolute_uri(reverse('passbook_oauth_provider:token')),
|
'token_endpoint': request.build_absolute_uri(reverse('passbook_oauth_provider:token')),
|
||||||
"jwks_uri": request.build_absolute_uri(reverse('passbook_oauth_provider:openid-jwks')),
|
"jwks_uri": request.build_absolute_uri(reverse('passbook_oauth_provider:openid-jwks')),
|
||||||
"scopes_supported": [
|
"scopes_supported": [
|
||||||
"openid:userinfo",
|
"openid",
|
||||||
],
|
],
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user