Commit 835082d8 authored by Jean-Baptiste's avatar Jean-Baptiste

update: Use djangoldp extensible webfinger

parent eb830a25
Pipeline #4957 passed with stage
in 27 seconds
......@@ -10,7 +10,7 @@ from django.views.decorators.csrf import csrf_exempt
from djangoldp.permissions import LDPPermissions
from djangoldp.views import LDPViewSet
from .models import ChatProfile, Account
from .views import userinfocustom, RPLoginView, RPLoginCallBackView, WebFingerView, check_user
from .views import userinfocustom, RPLoginView, RPLoginCallBackView, check_user
user_model = get_user_model()
djangoldp_modules = list(settings.DJANGOLDP_PACKAGES)
......@@ -39,7 +39,6 @@ urlpatterns = [
url(r'^chat-profile/', LDPViewSet.urls(model=ChatProfile, permission_classes=[LDPPermissions])),
url(r'^oidc/login/callback/?$', RPLoginCallBackView.as_view(), name='oidc_login_callback'),
url(r'^oidc/login/?$', RPLoginView.as_view(), name='oidc_login'),
url(r'^\.well-known/webfinger/?$', WebFingerView.as_view()),
url(r'^userinfo/?$', csrf_exempt(userinfocustom)),
url(r'^check-user/?$', csrf_exempt(check_user)),
url(r'^', include('oidc_provider.urls', namespace='oidc_provider'))
......@@ -48,10 +47,10 @@ s_fields = []
s_fields.extend(user_fields)
s_fields.extend(user_nested_fields)
user_model._meta.serializer_fields = s_fields
user_model._meta.anonymous_perms=getattr(settings, 'USER_ANONYMOUS_PERMISSIONS', ['view'])
user_model._meta.authenticated_perms=getattr(settings, 'USER_AUTHENTICATED_PERMISSIONS', ['inherit'])
user_model._meta.owner_perms=getattr(settings, 'USER_OWNER_PERMISSIONS', ['inherit'])
user_model._meta.anonymous_perms = getattr(settings, 'USER_ANONYMOUS_PERMISSIONS', ['view'])
user_model._meta.authenticated_perms = getattr(settings, 'USER_AUTHENTICATED_PERMISSIONS', ['inherit'])
user_model._meta.owner_perms = getattr(settings, 'USER_OWNER_PERMISSIONS', ['inherit'])
Group._meta.serializer_fields = ['name']
Group._meta.anonymous_perms=getattr(settings, 'GROUP_ANONYMOUS_PERMISSIONS', ['view'])
Group._meta.authenticated_perms=getattr(settings, 'GROUP_AUTHENTICATED_PERMISSIONS', ['inherit']),
Group._meta.owner_perms=getattr(settings, 'GROUP_OWNER_PERMISSIONS', ['inherit']),
Group._meta.anonymous_perms = getattr(settings, 'GROUP_ANONYMOUS_PERMISSIONS', ['view'])
Group._meta.authenticated_perms = getattr(settings, 'GROUP_AUTHENTICATED_PERMISSIONS', ['inherit']),
Group._meta.owner_perms = getattr(settings, 'GROUP_OWNER_PERMISSIONS', ['inherit']),
......@@ -2,10 +2,8 @@ import re
from urllib.parse import urlparse
from django.contrib.auth import get_user_model
from oic.oic import Client
from oic.utils.authn.client import CLIENT_AUTHN_METHOD
from djangoldp_account.errors import WebFingerError
from djangoldp.endpoints.webfinger import WebFinger
ACCT_RE = re.compile(
r'(?:acct:)?(?P<userinfo>[\w.!#$%&\'*+-/=?^_`{|}~]+)@(?P<host>[\w.:-]+)')
......@@ -21,56 +19,11 @@ class Acct(object):
self.host = host
class WebFingerEndpoint(object):
"""
WebFinger endpoint
See https://tools.ietf.org/html/rfc7033
"""
client_class = Client
class AccountWebFinger(WebFinger):
def __init__(self, request):
self.request = request
self.params = {}
self.acct = None
self._extract_params()
self.client = self.client_class(client_authn_method=CLIENT_AUTHN_METHOD)
def _extract_params(self):
# Because in this endpoint we handle both GET
# and POST request.
query_dict = (self.request.POST if self.request.method == 'POST'
else self.request.GET)
self.params['resource'] = query_dict.get('resource', None)
self.params['rel'] = query_dict.get('rel', '')
def validate_params(self):
"""
A resource must be set.
"""
if self.params['resource'] is None:
raise WebFingerError('invalid_request')
try:
self.acct = Acct(self.params['resource'])
except ValueError:
raise WebFingerError('invalid_acct_format')
def response(self):
"""
This endpoint only reply to rel="http://openid.net/specs/connect/1.0/issuer"
:return: a dict representing the Json response
"""
dict = {
'subject': self.params['resource'],
'links': []
}
if "http://openid.net/specs/connect/1.0/issuer" in self.params['rel']:
user = get_user_model().objects.filter(email="{}@{}".format(self.acct.userinfo, self.acct.host)).first()
def response(self, response_dict, rel, acct):
if "http://openid.net/specs/connect/1.0/issuer" in rel:
user = get_user_model().objects.filter(email="{}@{}".format(acct.userinfo, acct.host)).first()
if user is not None:
url = urlparse(user.webid())
if user.account.issuer is None:
......
......@@ -25,26 +25,3 @@ class LDPLoginError(Exception):
}
return dic
class WebFingerError(Exception):
_errors = {
'invalid_request': "The request provider parameter must contains an url or an email",
'invalid_acct_format': "Invalid acct format"
}
def __init__(self, error=None, dict=None):
if dict is None:
self.error = error
self.description = self._errors.get(error)
else:
self.error = dict['error']
self.description = dict['error_description']
def create_dict(self):
dic = {
'error': self.error,
'error_description': self.description,
}
return dic
......@@ -3,8 +3,7 @@ from django.views import View
from djangoldp_account import settings
from djangoldp_account.endpoints.rp_login import RPLoginCallBackEndpoint, RPLoginEndpoint
from djangoldp_account.endpoints.webfinger import WebFingerEndpoint
from djangoldp_account.errors import LDPLoginError, WebFingerError
from djangoldp_account.errors import LDPLoginError
from oidc_provider.views import userinfo
......@@ -87,21 +86,3 @@ class RPLoginCallBackView(View):
return self.on_request(request)
class WebFingerView(View):
endpoint_class = WebFingerEndpoint
def get(self, request, *args, **kwargs):
return self.on_request(request)
def on_request(self, request):
endpoint = self.endpoint_class(request)
try:
endpoint.validate_params()
return JsonResponse(endpoint.response())
except WebFingerError as error:
return JsonResponse(error.create_dict(), status=400)
def post(self, request, *args, **kwargs):
return self.on_request(request)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment