start implementing openid connect discovery

2019-03-18 20:35:11 +01:00
parent bfa58be721
commit c9f73d718e
3 changed files with 37 additions and 3 deletions
--- a/passbook/oauth_client/forms.py
+++ b/passbook/oauth_client/forms.py
@ -120,5 +120,5 @@ class AzureADOAuthSourceForm(OAuthSourceForm):
            'request_token_url': '',
            'authorization_url': 'https://login.microsoftonline.com/common/oauth2/authorize',
            'access_token_url': 'https://login.microsoftonline.com/common/oauth2/token',
-            'profile_url': ' https://login.microsoftonline.com/common/openid/userinfo',
+            'profile_url': ' https://graph.windows.net/myorganization/me?api-version=1.6',
        }
--- a/passbook/oauth_provider/urls.py
+++ b/passbook/oauth_provider/urls.py
@ -3,7 +3,7 @@
 from django.urls import path
 from oauth2_provider import views

-from passbook.oauth_provider.views import oauth2
+from passbook.oauth_provider.views import oauth2, openid

 urlpatterns = [
    # Custom OAuth 2 Authorize View
@ -14,8 +14,12 @@ urlpatterns = [
    path('authorize/permission_denied/', oauth2.OAuthPermissionDenied.as_view(),
         name='oauth2-permission-denied'),
    # OAuth API
-    path("authorize/", views.AuthorizationView.as_view(), name="authorize"),
    path("token/", views.TokenView.as_view(), name="token"),
    path("revoke_token/", views.RevokeTokenView.as_view(), name="revoke-token"),
    path("introspect/", views.IntrospectTokenView.as_view(), name="introspect"),
+    # OpenID-Connect Discovery
+    path('.well-known/openid-configuration', openid.OpenIDConfigurationView.as_view(),
+         name='openid-discovery'),
+    path('.well-known/jwks.json', openid.JSONWebKeyView.as_view(),
+         name='openid-jwks'),
 ]
--- a/passbook/oauth_provider/views/openid.py
+++ b/passbook/oauth_provider/views/openid.py
@ -0,0 +1,30 @@
+"""passbook oauth provider OpenID Views"""
+
+from django.http import HttpRequest, JsonResponse
+from django.shortcuts import reverse
+from django.views.generic import View
+
+
+class OpenIDConfigurationView(View):
+    """Return OpenID Configuration"""
+
+    def get(self, request: HttpRequest):
+        """Get Response conform to https://openid.net/specs/openid-connect-discovery-1_0.html"""
+        return JsonResponse({
+            'issuer': request.build_absolute_uri(),
+            'authorization_endpoint': request.build_absolute_uri(
+                reverse('passbook_oauth_provider:oauth2-authorize')),
+            'token_endpoint': request.build_absolute_uri(reverse('passbook_oauth_provider:token')),
+            "jwks_uri": request.build_absolute_uri(reverse('passbook_oauth_provider:openid-jwks')),
+            "scopes_supported": [
+                "openid:userinfo",
+            ],
+        })
+
+
+class JSONWebKeyView(View):
+    """JSON Web Key View"""
+
+    def get(self, request: HttpRequest):
+        """JSON Webkeys are not implemented yet, hence return an empty object"""
+        return JsonResponse({})