habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

start implementing openid connect discovery

Browse Source
This commit is contained in:
Jens Langhammer
2019-03-18 20:35:11 +01:00
parent bfa58be721
commit c9f73d718e
3 changed files with 37 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
passbook/oauth_client/forms.py
View File

@ -120,5 +120,5 @@ class AzureADOAuthSourceForm(OAuthSourceForm):
'request_token_url': '', 'request_token_url': '',
'authorization_url': 'https://login.microsoftonline.com/common/oauth2/authorize', 'authorization_url': 'https://login.microsoftonline.com/common/oauth2/authorize',
'access_token_url': 'https://login.microsoftonline.com/common/oauth2/token', 'access_token_url': 'https://login.microsoftonline.com/common/oauth2/token',
'profile_url': ' https://login.microsoftonline.com/common/openid/userinfo', 'profile_url': ' https://graph.windows.net/myorganization/me?api-version=1.6',
} }

8
passbook/oauth_provider/urls.py
View File

@ -3,7 +3,7 @@
from django.urls import path from django.urls import path
from oauth2_provider import views from oauth2_provider import views
from passbook.oauth_provider.views import oauth2 from passbook.oauth_provider.views import oauth2, openid
urlpatterns = [ urlpatterns = [
# Custom OAuth 2 Authorize View # Custom OAuth 2 Authorize View
@ -14,8 +14,12 @@ urlpatterns = [
path('authorize/permission_denied/', oauth2.OAuthPermissionDenied.as_view(), path('authorize/permission_denied/', oauth2.OAuthPermissionDenied.as_view(),
name='oauth2-permission-denied'), name='oauth2-permission-denied'),
# OAuth API # OAuth API
path("authorize/", views.AuthorizationView.as_view(), name="authorize"),
path("token/", views.TokenView.as_view(), name="token"), path("token/", views.TokenView.as_view(), name="token"),
path("revoke_token/", views.RevokeTokenView.as_view(), name="revoke-token"), path("revoke_token/", views.RevokeTokenView.as_view(), name="revoke-token"),
path("introspect/", views.IntrospectTokenView.as_view(), name="introspect"), path("introspect/", views.IntrospectTokenView.as_view(), name="introspect"),
# OpenID-Connect Discovery
path('.well-known/openid-configuration', openid.OpenIDConfigurationView.as_view(),
name='openid-discovery'),
path('.well-known/jwks.json', openid.JSONWebKeyView.as_view(),
name='openid-jwks'),
] ]

30
passbook/oauth_provider/views/openid.py Normal file
View File

@ -0,0 +1,30 @@
"""passbook oauth provider OpenID Views"""
from django.http import HttpRequest, JsonResponse
from django.shortcuts import reverse
from django.views.generic import View
class OpenIDConfigurationView(View):
"""Return OpenID Configuration"""
def get(self, request: HttpRequest):
"""Get Response conform to https://openid.net/specs/openid-connect-discovery-1_0.html"""
return JsonResponse({
'issuer': request.build_absolute_uri(),
'authorization_endpoint': request.build_absolute_uri(
reverse('passbook_oauth_provider:oauth2-authorize')),
'token_endpoint': request.build_absolute_uri(reverse('passbook_oauth_provider:token')),
"jwks_uri": request.build_absolute_uri(reverse('passbook_oauth_provider:openid-jwks')),
"scopes_supported": [
"openid:userinfo",
],
})
class JSONWebKeyView(View):
"""JSON Web Key View"""
def get(self, request: HttpRequest):
"""JSON Webkeys are not implemented yet, hence return an empty object"""
return JsonResponse({})