Commit 63b8c497 authored by Jean-Baptiste's avatar Jean-Baptiste

update: Add issuer to account

parent 91b75e1a
Pipeline #3328 passed with stage
in 32 seconds
......@@ -4,7 +4,9 @@ import validators
from django.conf import settings
from django.contrib.auth import login, get_user_model, authenticate
from django.urls import reverse
from oic.exception import CommunicationError
from djangoldp.models import Model
from djangoldp_account.auth.backends import ExternalUserBackend
from djangoldp_account.errors import LDPLoginError
from djangoldp_account.models import OPClient
......@@ -65,10 +67,13 @@ class RPLoginEndpoint(object):
if provider_info is None and subject.startswith("http"):
# assume that the subject is the provider
provider_info = self.client.provider_config(subject)
try:
provider_info = self.client.provider_config(subject)
except CommunicationError as error:
pass
if provider_info is None:
raise LDPLoginError(error="cannot_get_provider_info")
raise LDPLoginError(error="cannot_get_provider_info")
existing_op_client = OPClient.objects.filter(issuer=provider_info._dict['issuer']).first()
if existing_op_client is None:
......@@ -207,7 +212,7 @@ class RPLoginCallBackEndpoint(object):
def login(self, userinfo, webid):
if webid.startswith(settings.SITE_URL):
existing_user = get_user_model().objects.get(pk=userinfo['sub'])
existing_user = Model.resolve_id(userinfo['sub'][len(settings.SITE_URL):])
else:
try:
existing_user = get_user_model().objects.get(username=webid)
......@@ -220,4 +225,7 @@ class RPLoginCallBackEndpoint(object):
first_name=userinfo['given_name'],
last_name=userinfo['family_name'],
email=userinfo['email'])
user.account.issuer = self.client.issuer
user.account.save()
login(self.request, user, backend='djangoldp_account.auth.backends.ExternalUserBackend')
......@@ -61,7 +61,6 @@ class WebFingerEndpoint(object):
def response(self):
"""
This endpoint only reply to rel="http://openid.net/specs/connect/1.0/issuer"
If user is found, send the webid host ad the Issuer (which is not right, just a v0 shorcut)
:return: a dict representing the Json response
"""
......@@ -74,9 +73,14 @@ class WebFingerEndpoint(object):
user = get_user_model().objects.filter(email="{}@{}".format(self.acct.userinfo, self.acct.host)).first()
if user is not None:
url = urlparse(user.webid())
if user.account.issuer is None:
href = "{}://{}".format(url.scheme, url.netloc)
else:
href = user.account.issuer
dict['links'].append({
'rel': "http://openid.net/specs/connect/1.0/issuer",
'href': "{}://{}".format(url.scheme, url.netloc)
'href': href
})
return dict
# -*- coding: utf-8 -*-
# Generated by Django 1.11 on 2019-04-30 14:59
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('djangoldp_account', '0006_opclient_client_secret'),
]
operations = [
migrations.AddField(
model_name='account',
name='issuer',
field=models.URLField(blank=True, null=True),
),
]
......@@ -28,6 +28,7 @@ user_model.webid = webid
class Account(models.Model):
user = models.OneToOneField(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
picture = models.URLField(blank=True, null=True)
issuer = models.URLField(blank=True, null=True)
class Meta:
auto_author = 'user'
......
......@@ -2,6 +2,8 @@ import validators
from django.conf import settings
from django.urls import reverse_lazy
from djangoldp_account.models import webid
def userinfo(claims, user):
# Populate claims dict.
......@@ -10,3 +12,7 @@ def userinfo(claims, user):
claims['website'] = user.webid()
claims['webid'] = user.webid()
return claims
def sub_generator(user):
return webid(user)
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment