Commit 7513373f authored by Sofia Papagiannaki's avatar Sofia Papagiannaki
Browse files

astakos: Minor changes in oa2 app

parent 4172d729
......@@ -291,10 +291,10 @@ class SimpleBackend(object):
def get_client_authorization_code(self, client, code):
code_instance = self.get_authorization_code(code)
if not code_instance:
raise OA2Error("Invalid code", code)
raise OA2Error("Invalid code")
if client.get_id() != code_instance.client.get_id():
raise OA2Error("Invalid code for client", code, client)
raise OA2Error("Mismatching client with code client")
return code_instance
def client_id_exists(self, client_id):
......@@ -494,9 +494,9 @@ class SimpleBackend(object):
client = self.get_client_by_id(client_id)
if requires_auth and client.requires_auth:
if requires_auth and client.requires_auth():
if client_credentials is None:
raise OA2Error("Client authentication in required")
raise OA2Error("Client authentication is required")
if client_credentials is not None:
self.check_credentials(client, *client_credentials)
......@@ -515,6 +515,12 @@ class SimpleBackend(object):
raise OA2Error("Mismatching redirect uri")
if expected_value is not None and redirect_uri != expected_value:
raise OA2Error("Invalid redirect uri")
else:
try:
redirect_uri = client.redirecturl_set.values_list('url',
flat=True)[0]
except IndexError:
raise OA2Error("Unable to fallback to client redirect URI")
return redirect_uri
def validate_state(self, client, params, headers):
......@@ -542,6 +548,7 @@ class SimpleBackend(object):
client = self.validate_client(params, headers, requires_auth=False)
redirect_uri = self.validate_redirect_uri(client, params, headers)
scope = self.validate_scope(client, params, headers)
scope = scope or redirect_uri # set default
state = self.validate_state(client, params, headers)
return client, redirect_uri, scope, state
......@@ -549,6 +556,7 @@ class SimpleBackend(object):
client = self.validate_client(params, headers)
redirect_uri = self.validate_redirect_uri(client, params, headers)
scope = self.validate_scope(client, params, headers)
scope = scope or redirect_uri # set default
state = self.validate_state(client, params, headers)
return client, redirect_uri, scope, state
......@@ -581,11 +589,13 @@ class SimpleBackend(object):
auth_type, params = self.identify_authorize_request(request_params,
request.META)
if auth_type is None:
raise OA2Error("Missing authorization type")
if auth_type == 'code':
client, uri, scope, state = \
self.validate_code_request(params, request.META)
elif auth_type == 'token':
raise OA2Error("Unsupported response type")
raise OA2Error("Unsupported authorization type")
# client, uri, scope, state = \
# self.validate_token_request(params, request.META)
else:
......@@ -624,7 +634,9 @@ class SimpleBackend(object):
grant_type = self.identify_token_request(request.META, request.POST)
if grant_type == 'authorization_code':
if grant_type is None:
raise OA2Error("Missing grant type")
elif grant_type == 'authorization_code':
client, redirect_uri, code = \
self.validate_code_grant(request.POST, request.META)
token, token_type = \
......
......@@ -9,6 +9,7 @@ from django.core.exceptions import ValidationError
from django.core.validators import URLValidator
from django.core.urlresolvers import reverse
from django.conf.urls.defaults import patterns, url
from django.http import HttpResponseNotAllowed
from django.views.decorators.csrf import csrf_exempt
import logging
......@@ -24,6 +25,9 @@ class DjangoViewsMixin(object):
@csrf_exempt
def token_view(self, request):
if request.method != 'POST':
return HttpResponseNotAllowed(['POST'])
oa2request = self.build_request(request)
oa2response = self.grant_token(oa2request)
return self._build_response(oa2response)
......
......@@ -74,6 +74,9 @@ class Command(SynnefoCommand):
if len(args) != 1:
raise CommandError("Invalid number of arguments")
if not options['urls']:
raise CommandError("There should be at least one redirect URI")
identifier = args[0].decode('utf8')
try:
......@@ -85,8 +88,6 @@ class Command(SynnefoCommand):
c.save()
except BaseException, e:
import traceback
traceback.print_exc()
raise CommandError(e)
else:
self.stdout.write('Client created successfully\n')
# -*- coding: utf-8 -*-
import datetime
from south.db import db
from south.v2 import SchemaMigration
from django.db import models
class Migration(SchemaMigration):
def forwards(self, orm):
# Changing field 'AuthorizationCode.redirect_uri'
db.alter_column('oa2_authorizationcode', 'redirect_uri', self.gf('django.db.models.fields.CharField')(max_length=255, null=True))
def backwards(self, orm):
# Changing field 'AuthorizationCode.redirect_uri'
db.alter_column('oa2_authorizationcode', 'redirect_uri', self.gf('django.db.models.fields.CharField')(default=None, max_length=255))
models = {
'auth.group': {
'Meta': {'object_name': 'Group'},
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
},
'auth.permission': {
'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'},
'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}),
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
},
'auth.user': {
'Meta': {'object_name': 'User'},
'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}),
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}),
'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})
},
'contenttypes.contenttype': {
'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
},
'im.astakosuser': {
'Meta': {'object_name': 'AstakosUser', '_ormbases': ['auth.User']},
'accepted_email': ('django.db.models.fields.EmailField', [], {'default': 'None', 'max_length': '75', 'null': 'True', 'blank': 'True'}),
'accepted_policy': ('django.db.models.fields.CharField', [], {'default': 'None', 'max_length': '255', 'null': 'True', 'blank': 'True'}),
'activation_sent': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),
'affiliation': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True', 'blank': 'True'}),
'auth_token': ('django.db.models.fields.CharField', [], {'max_length': '64', 'unique': 'True', 'null': 'True', 'blank': 'True'}),
'auth_token_created': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),
'auth_token_expires': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),
'date_signed_terms': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),
'deactivated_at': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),
'deactivated_reason': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),
'disturbed_quota': ('django.db.models.fields.BooleanField', [], {'default': 'False', 'db_index': 'True'}),
'email_verified': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'has_credits': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'has_signed_terms': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'invitations': ('django.db.models.fields.IntegerField', [], {'default': '0'}),
'is_rejected': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'is_verified': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'level': ('django.db.models.fields.IntegerField', [], {'default': '4'}),
'moderated': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'moderated_at': ('django.db.models.fields.DateTimeField', [], {'default': 'None', 'null': 'True', 'blank': 'True'}),
'moderated_data': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True', 'blank': 'True'}),
'policy': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['im.Resource']", 'null': 'True', 'through': "orm['im.AstakosUserQuota']", 'symmetrical': 'False'}),
'rejected_reason': ('django.db.models.fields.TextField', [], {'null': 'True', 'blank': 'True'}),
'updated': ('django.db.models.fields.DateTimeField', [], {}),
'user_ptr': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.User']", 'unique': 'True', 'primary_key': 'True'}),
'uuid': ('django.db.models.fields.CharField', [], {'max_length': '255', 'unique': 'True', 'null': 'True'}),
'verification_code': ('django.db.models.fields.CharField', [], {'max_length': '255', 'unique': 'True', 'null': 'True'}),
'verified_at': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'})
},
'im.astakosuserquota': {
'Meta': {'unique_together': "(('resource', 'user'),)", 'object_name': 'AstakosUserQuota'},
'capacity': ('snf_django.lib.db.fields.IntDecimalField', [], {'max_digits': '38', 'decimal_places': '0'}),
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'resource': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['im.Resource']"}),
'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['im.AstakosUser']"})
},
'im.resource': {
'Meta': {'object_name': 'Resource'},
'allow_in_projects': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
'desc': ('django.db.models.fields.TextField', [], {'null': 'True'}),
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '255'}),
'service_origin': ('django.db.models.fields.CharField', [], {'max_length': '255', 'db_index': 'True'}),
'service_type': ('django.db.models.fields.CharField', [], {'max_length': '255'}),
'unit': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True'}),
'uplimit': ('snf_django.lib.db.fields.IntDecimalField', [], {'default': '0', 'max_digits': '38', 'decimal_places': '0'})
},
'oa2.authorizationcode': {
'Meta': {'object_name': 'AuthorizationCode'},
'client': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['oa2.Client']", 'on_delete': 'models.PROTECT'}),
'code': ('django.db.models.fields.TextField', [], {}),
'created_at': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime(2013, 11, 22, 0, 0)'}),
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'redirect_uri': ('django.db.models.fields.CharField', [], {'default': 'None', 'max_length': '255', 'null': 'True'}),
'scope': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),
'state': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),
'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['im.AstakosUser']", 'on_delete': 'models.PROTECT'})
},
'oa2.client': {
'Meta': {'object_name': 'Client'},
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'identifier': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '255'}),
'is_trusted': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
'secret': ('django.db.models.fields.CharField', [], {'default': 'None', 'max_length': '255', 'null': 'True'}),
'type': ('django.db.models.fields.CharField', [], {'default': "'confidential'", 'max_length': '100'}),
'url': ('django.db.models.fields.CharField', [], {'max_length': '255'})
},
'oa2.redirecturl': {
'Meta': {'ordering': "('is_default',)", 'unique_together': "(('client', 'url'),)", 'object_name': 'RedirectUrl'},
'client': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['oa2.Client']", 'on_delete': 'models.PROTECT'}),
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'is_default': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
'url': ('django.db.models.fields.URLField', [], {'unique': 'True', 'max_length': '200'})
},
'oa2.token': {
'Meta': {'object_name': 'Token'},
'client': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['oa2.Client']", 'on_delete': 'models.PROTECT'}),
'code': ('django.db.models.fields.TextField', [], {}),
'created_at': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime(2013, 11, 22, 0, 0)'}),
'expires_at': ('django.db.models.fields.DateTimeField', [], {}),
'grant_type': ('django.db.models.fields.CharField', [], {'default': "'authorization_code'", 'max_length': '100'}),
'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
'redirect_uri': ('django.db.models.fields.CharField', [], {'max_length': '255'}),
'scope': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),
'state': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),
'token_type': ('django.db.models.fields.CharField', [], {'default': "'Bearer'", 'max_length': '100'}),
'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['im.AstakosUser']", 'on_delete': 'models.PROTECT'})
}
}
complete_apps = ['oa2']
\ No newline at end of file
......@@ -68,7 +68,7 @@ class Client(models.Model):
class AuthorizationCode(models.Model):
user = models.ForeignKey('im.AstakosUser', on_delete=models.PROTECT)
code = models.TextField()
redirect_uri = models.CharField(max_length=255)
redirect_uri = models.CharField(max_length=255, null=True, default=None)
client = models.ForeignKey('oa2.Client', on_delete=models.PROTECT)
scope = models.TextField(null=True, default=None)
created_at = models.DateTimeField(default=datetime.datetime.now())
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment