Summit

Merge lp:~vorlon/summit/oauth2-support into lp:summit

  1. oauth2-support
  2. Merge into trunk
Proposed by Steve Langasek
Status: Needs review
Proposed branch: lp:~vorlon/summit/oauth2-support
Merge into: lp:summit
Diff against target: 197 lines (+95/-2)
9 files modified
requirements.txt (+1/-0)
summit/common/context_processors.py (+4/-0)
summit/common/templates/base.html (+1/-1)
summit/common/templates/done.html (+10/-0)
summit/common/templates/login.html (+13/-0)
summit/schedule/templates/schedule/actions.html (+1/-1)
summit/settings.py (+5/-0)
summit/social-backends/debian.py (+55/-0)
summit/urls.py (+5/-0)
To merge this branch: bzr merge lp:~vorlon/summit/oauth2-support
Reviewer Review Type Date Requested Status
Summit Hackers Pending
Review via email: mp+215534@code.launchpad.net

Description of the change

Preliminary support for oauth2. This pulls in a new django module dependency, and also only works if you also register and add in oauth2 keys, which you need to get from your oauth2 provider.

To post a comment you must log in.
lp:~vorlon/summit/oauth2-support updated
226. By Steve Langasek

Replace another reference to /openid/login with login_url

Unmerged revisions

226. By Steve Langasek

Replace another reference to /openid/login with login_url

225. By Steve Langasek

Initial support for Debian SSO

224. By Steve Langasek

Simplify the oauth2 support

we don't actually need separate url handlers, we can just include the
upstream ones and set LOGIN_URL to whichever provider we want (e.g.,
/login/google-oauth2) in our individual django app. If someone really
wants to have multiple auth providers from the same app, they can figure
that out on their own, but currently it doesn't look like an interesting use
case.

223. By Steve Langasek

Make the 'login' link on the navbar configurable via LOGIN_URL in settings.

222. By Steve Langasek

Initial support for oauth2 (using the Google backend for testing)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'requirements.txt'
--- requirements.txt 2014-05-04 14:00:34 +0000
+++ requirements.txt 2014-05-18 00:12:52 +0000
@@ -12,6 +12,7 @@
12bzr>=2.4b12bzr>=2.4b
13distribute==0.6.1013distribute==0.6.10
14django-openid-auth==0.514django-openid-auth==0.5
15python-social-auth
15# psycopg2==2.0.13 - only needed for production like environments16# psycopg2==2.0.13 - only needed for production like environments
16python-openid==2.2.417python-openid==2.2.4
17pytz==2010b18pytz==2010b
1819
=== modified file 'summit/common/context_processors.py'
--- summit/common/context_processors.py 2013-03-07 01:48:40 +0000
+++ summit/common/context_processors.py 2014-05-18 00:12:52 +0000
@@ -38,6 +38,10 @@
38 return {'login_next': request.get_full_path()}38 return {'login_next': request.get_full_path()}
3939
4040
41def login_url(request):
42 return {'login_url': settings.LOGIN_URL}
43
44
41def summit_version(request):45def summit_version(request):
42 """46 """
43 add The Summit Scheduler version to template context processor.47 add The Summit Scheduler version to template context processor.
4448
=== modified file 'summit/common/templates/base.html'
--- summit/common/templates/base.html 2013-08-28 10:37:08 +0000
+++ summit/common/templates/base.html 2014-05-18 00:12:52 +0000
@@ -35,7 +35,7 @@
35 {% endif %}35 {% endif %}
36 <a class="top-login-item" href="{% url logout %}" title="Log Out: {{ user.username }}">Log out</a>36 <a class="top-login-item" href="{% url logout %}" title="Log Out: {{ user.username }}">Log out</a>
37 {% else %}37 {% else %}
38 <a class="top-login-item" href="/openid/login/?next={{login_next}}" title="Log In">Log in</a>38 <a class="top-login-item" href="{{login_url}}?next={{login_next}}" title="Log In">Log in</a>
39 {% endif %}39 {% endif %}
40{% endblock %}40{% endblock %}
41{% block main_nav_links %}41{% block main_nav_links %}
4242
=== added file 'summit/common/templates/done.html'
--- summit/common/templates/done.html 1970-01-01 00:00:00 +0000
+++ summit/common/templates/done.html 2014-05-18 00:12:52 +0000
@@ -0,0 +1,10 @@
1{% extends "website_base.html" %}
2{% load url from future %}
3
4{% block title %}Logged In{% endblock %}
5
6{% block content %}
7 <p>
8 You are logged in as {{ user.username }}! (<a href="/logout/">Logout</a>)
9 </p>
10{% endblock %}
011
=== added file 'summit/common/templates/login.html'
--- summit/common/templates/login.html 1970-01-01 00:00:00 +0000
+++ summit/common/templates/login.html 2014-05-18 00:12:52 +0000
@@ -0,0 +1,13 @@
1{% extends "website_base.html" %}
2{% load url from future %}
3
4{% block title %}Login{% endblock %}
5
6{% block content %}
7 <form action="{% url 'social:begin' 'google-oauth2' %}" method="post">
8 {% csrf_token %}
9 <div>
10 <input type="submit" value="Log in through Google"/>
11 </div>
12 </form>
13{% endblock %}
014
=== modified file 'summit/schedule/templates/schedule/actions.html'
--- summit/schedule/templates/schedule/actions.html 2013-05-09 23:50:37 +0000
+++ summit/schedule/templates/schedule/actions.html 2014-05-18 00:12:52 +0000
@@ -38,7 +38,7 @@
38 {% endif %}38 {% endif %}
39{% else %}39{% else %}
40 {% if not user.is_authenticated %}40 {% if not user.is_authenticated %}
41 <p><a href="/openid/login?next={{login_next}}">Log in now</a></p>41 <p><a href="{{login_url}}?next={{login_next}}">Log in now</a></p>
42 {% endif %}42 {% endif %}
43{% endifequal %}43{% endifequal %}
4444
4545
=== modified file 'summit/settings.py'
--- summit/settings.py 2013-11-15 14:54:49 +0000
+++ summit/settings.py 2014-05-18 00:12:52 +0000
@@ -95,10 +95,13 @@
95 "django.contrib.messages.context_processors.messages",95 "django.contrib.messages.context_processors.messages",
96 "common.context_processors.next_summit",96 "common.context_processors.next_summit",
97 "common.context_processors.login_redirect",97 "common.context_processors.login_redirect",
98 "common.context_processors.login_url",
98 "common.context_processors.url_base",99 "common.context_processors.url_base",
99 "common.context_processors.summit_version",100 "common.context_processors.summit_version",
100 "common.context_processors.site_menu",101 "common.context_processors.site_menu",
101 "common.context_processors.track_display_name",102 "common.context_processors.track_display_name",
103 "social.apps.django_app.context_processors.backends",
104 "social.apps.django_app.context_processors.login_redirect",
102)105)
103106
104MIDDLEWARE_CLASSES = (107MIDDLEWARE_CLASSES = (
@@ -123,6 +126,7 @@
123 'django.contrib.messages',126 'django.contrib.messages',
124 'django.contrib.sessions',127 'django.contrib.sessions',
125 'django_openid_auth',128 'django_openid_auth',
129 'social.apps.django_app.default',
126 'django.contrib.admin',130 'django.contrib.admin',
127 'django.contrib.sites',131 'django.contrib.sites',
128 'django.contrib.staticfiles',132 'django.contrib.staticfiles',
@@ -140,6 +144,7 @@
140TEST_RUNNER = "local_tests.LocalAppsTestSuiteRunner"144TEST_RUNNER = "local_tests.LocalAppsTestSuiteRunner"
141145
142AUTHENTICATION_BACKENDS = (146AUTHENTICATION_BACKENDS = (
147 'social-backends.debian.DebianOAuth2',
143 'django_openid_auth.auth.OpenIDBackend',148 'django_openid_auth.auth.OpenIDBackend',
144 'django.contrib.auth.backends.ModelBackend',149 'django.contrib.auth.backends.ModelBackend',
145)150)
146151
=== added directory 'summit/social-backends'
=== added file 'summit/social-backends/__init__.py'
=== added file 'summit/social-backends/debian.py'
--- summit/social-backends/debian.py 1970-01-01 00:00:00 +0000
+++ summit/social-backends/debian.py 2014-05-18 00:12:52 +0000
@@ -0,0 +1,55 @@
1"""
2Debian OAuth2 SSO backend
3Based on the Google backend for python-social-auth
4"""
5from requests import HTTPError
6
7from social.backends.oauth import BaseOAuth2
8from social.exceptions import AuthMissingParameter, AuthCanceled
9
10
11class DebianOAuth2(BaseOAuth2):
12 """Debian OAuth2 authentication backend"""
13 name = 'debian-oauth2'
14 REDIRECT_STATE = False
15 AUTHORIZATION_URL = 'https://sso.debian.org/o/authorize'
16 ACCESS_TOKEN_URL = 'https://sso.debian.org/o/token/'
17 ACCESS_TOKEN_METHOD = 'POST'
18 # FIXME: unconfirmed
19 REVOKE_TOKEN_URL = 'https://sso.debian.org/o/revoke'
20 REVOKE_TOKEN_METHOD = 'GET'
21 DEFAULT_SCOPE = ['openid email profile']
22 EXTRA_DATA = [
23 ('refresh_token', 'refresh_token', True),
24 ('expires_in', 'expires'),
25 ('token_type', 'token_type', True)
26 ]
27
28 def revoke_token_params(self, token, uid):
29 return {'token': token}
30
31 def revoke_token_headers(self, token, uid):
32 return {'Content-type': 'application/json'}
33
34 def get_user_id(self, details, response):
35 """Use Debian email as unique id"""
36 if self.setting('USE_UNIQUE_USER_ID', False):
37 return response['id']
38 else:
39 return details['email']
40
41 def get_user_details(self, response):
42 """Return user details from Debian account"""
43 email = response.get('email', '')
44 return {'username': email.split('@', 1)[0],
45 'email': email,
46 'fullname': response.get('name', ''),
47 'first_name': response.get('given_name', ''),
48 'last_name': response.get('family_name', '')}
49
50 def user_data(self, access_token, *args, **kwargs):
51 """Return user data from Debian SSO API"""
52 return self.get_json(
53 'https://sso.debian.org/api/v1/people/getOpenIdConnect',
54 params={'access_token': access_token, 'alt': 'json'}
55 )
056
=== modified file 'summit/urls.py'
--- summit/urls.py 2013-05-10 14:45:54 +0000
+++ summit/urls.py 2014-05-18 00:12:52 +0000
@@ -61,6 +61,11 @@
61)61)
6262
63urlpatterns += patterns(63urlpatterns += patterns(
64 '',
65 url(r'', include('social.apps.django_app.urls', namespace='social')),
66)
67
68urlpatterns += patterns(
64 'summit.schedule.views',69 'summit.schedule.views',
65 url(r'^today/(?P<summit_name>[\w-]+)/$', 'today_view', name='today'),70 url(r'^today/(?P<summit_name>[\w-]+)/$', 'today_view', name='today'),
66 url(r'^past/', 'past', name='past'),71 url(r'^past/', 'past', name='past'),

Subscribers

People subscribed via source and target branches