Revision 252eb705

b/snf-astakos-app/astakos/oa2/backends/base.py
291 291 
    def get_client_authorization_code(self, client, code):
292 292 
        code_instance = self.get_authorization_code(code)
293 293 
        if not code_instance:
294 
            raise OA2Error("Invalid code", code)
294 
            raise OA2Error("Invalid code")
295 295 

  		





  296
  296
  
    
        if client.get_id() != code_instance.client.get_id():


  		





  297
  
  
    
            raise OA2Error("Invalid code for client", code, client)


  		





  
  297
  
    
            raise OA2Error("Mismatching client with code client")


  		





  298
  298
  
    
        return code_instance


  		





  299
  299
  
    

  		





  300
  300
  
    
    def client_id_exists(self, client_id):


  		





  ......




  494
  494
  
    

  		





  495
  495
  
    
        client = self.get_client_by_id(client_id)


  		





  496
  496
  
    

  		





  497
  
  
    
        if requires_auth and client.requires_auth:


  		





  
  497
  
    
        if requires_auth and client.requires_auth():


  		





  498
  498
  
    
            if client_credentials is None:


  		





  499
  
  
    
                raise OA2Error("Client authentication in required")


  		





  
  499
  
    
                raise OA2Error("Client authentication is required")


  		





  500
  500
  
    

  		





  501
  501
  
    
        if client_credentials is not None:


  		





  502
  502
  
    
            self.check_credentials(client, *client_credentials)


  		





  ......




  515
  515
  
    
                raise OA2Error("Mismatching redirect uri")


  		





  516
  516
  
    
            if expected_value is not None and redirect_uri != expected_value:


  		





  517
  517
  
    
                raise OA2Error("Invalid redirect uri")


  		





  
  518
  
    
        else:


  		





  
  519
  
    
            try:


  		





  
  520
  
    
                redirect_uri = client.redirecturl_set.values_list('url',


  		





  
  521
  
    
                                                                  flat=True)[0]


  		





  
  522
  
    
            except IndexError:


  		





  
  523
  
    
                raise OA2Error("Unable to fallback to client redirect URI")


  		





  518
  524
  
    
        return redirect_uri


  		





  519
  525
  
    

  		





  520
  526
  
    
    def validate_state(self, client, params, headers):


  		





  ......




  542
  548
  
    
        client = self.validate_client(params, headers, requires_auth=False)


  		





  543
  549
  
    
        redirect_uri = self.validate_redirect_uri(client, params, headers)


  		





  544
  550
  
    
        scope = self.validate_scope(client, params, headers)


  		





  
  551
  
    
        scope = scope or redirect_uri  # set default


  		





  545
  552
  
    
        state = self.validate_state(client, params, headers)


  		





  546
  553
  
    
        return client, redirect_uri, scope, state


  		





  547
  554
  
    

  		





  ......




  549
  556
  
    
        client = self.validate_client(params, headers)


  		





  550
  557
  
    
        redirect_uri = self.validate_redirect_uri(client, params, headers)


  		





  551
  558
  
    
        scope = self.validate_scope(client, params, headers)


  		





  
  559
  
    
        scope = scope or redirect_uri  # set default


  		





  552
  560
  
    
        state = self.validate_state(client, params, headers)


  		





  553
  561
  
    
        return client, redirect_uri, scope, state


  		





  554
  562
  
    

  		





  ......




  581
  589
  
    
        auth_type, params = self.identify_authorize_request(request_params,


  		





  582
  590
  
    
                                                            request.META)


  		





  583
  591
  
    

  		





  
  592
  
    
        if auth_type is None:


  		





  
  593
  
    
            raise OA2Error("Missing authorization type")


  		





  584
  594
  
    
        if auth_type == 'code':


  		





  585
  595
  
    
            client, uri, scope, state = \


  		





  586
  596
  
    
                self.validate_code_request(params, request.META)


  		





  587
  597
  
    
        elif auth_type == 'token':


  		





  588
  
  
    
            raise OA2Error("Unsupported response type")


  		





  
  598
  
    
            raise OA2Error("Unsupported authorization type")


  		





  589
  599
  
    
#            client, uri, scope, state = \


  		





  590
  600
  
    
#                self.validate_token_request(params, request.META)


  		





  591
  601
  
    
        else:


  		





  ......




  624
  634
  
    

  		





  625
  635
  
    
        grant_type = self.identify_token_request(request.META, request.POST)


  		





  626
  636
  
    

  		





  627
  
  
    
        if grant_type == 'authorization_code':


  		





  
  637
  
    
        if grant_type is None:


  		





  
  638
  
    
            raise OA2Error("Missing grant type")


  		





  
  639
  
    
        elif grant_type == 'authorization_code':


  		





  628
  640
  
    
            client, redirect_uri, code = \


  		





  629
  641
  
    
                self.validate_code_grant(request.POST, request.META)


  		





  630
  642
  
    
            token, token_type = \


  		












  

    
      b/snf-astakos-app/astakos/oa2/backends/djangobackend.py
    
  






  9
  9
  
    
from django.core.validators import URLValidator


  		





  10
  10
  
    
from django.core.urlresolvers import reverse


  		





  11
  11
  
    
from django.conf.urls.defaults import patterns, url


  		





  
  12
  
    
from django.http import HttpResponseNotAllowed


  		





  12
  13
  
    
from django.views.decorators.csrf import csrf_exempt


  		





  13
  14
  
    

  		





  14
  15
  
    
import logging


  		





  ......




  24
  25
  
    

  		





  25
  26
  
    
    @csrf_exempt


  		





  26
  27
  
    
    def token_view(self, request):


  		





  
  28
  
    
        if request.method != 'POST':


  		





  
  29
  
    
            return HttpResponseNotAllowed(['POST'])


  		





  
  30
  
    

  		





  27
  31
  
    
        oa2request = self.build_request(request)


  		





  28
  32
  
    
        oa2response = self.grant_token(oa2request)


  		





  29
  33
  
    
        return self._build_response(oa2response)


  		












  

    
      b/snf-astakos-app/astakos/oa2/management/commands/oa2-client-add.py
    
  






  74
  74
  
    
        if len(args) != 1:


  		





  75
  75
  
    
            raise CommandError("Invalid number of arguments")


  		





  76
  76
  
    

  		





  
  77
  
    
        if not options['urls']:


  		





  
  78
  
    
            raise CommandError("There should be at least one redirect URI")


  		





  
  79
  
    

  		





  77
  80
  
    
        identifier = args[0].decode('utf8')


  		





  78
  81
  
    

  		





  79
  82
  
    
        try:


  		





  ......




  85
  88
  
    
            c.save()


  		





  86
  89
  
    

  		





  87
  90
  
    
        except BaseException, e:


  		





  88
  
  
    
            import traceback


  		





  89
  
  
    
            traceback.print_exc()


  		





  90
  91
  
    
            raise CommandError(e)


  		





  91
  92
  
    
        else:


  		





  92
  93
  
    
            self.stdout.write('Client created successfully\n')


  		












  

    
      b/snf-astakos-app/astakos/oa2/migrations/0002_auto__chg_field_authorizationcode_redirect_uri.py
    
  






  
  1
  
    
# -*- coding: utf-8 -*-


  		





  
  2
  
    
import datetime


  		





  
  3
  
    
from south.db import db


  		





  
  4
  
    
from south.v2 import SchemaMigration


  		





  
  5
  
    
from django.db import models


  		





  
  6
  
    

  		





  
  7
  
    

  		





  
  8
  
    
class Migration(SchemaMigration):


  		





  
  9
  
    

  		





  
  10
  
    
    def forwards(self, orm):


  		





  
  11
  
    

  		





  
  12
  
    
        # Changing field 'AuthorizationCode.redirect_uri'


  		





  
  13
  
    
        db.alter_column('oa2_authorizationcode', 'redirect_uri', self.gf('django.db.models.fields.CharField')(max_length=255, null=True))


  		





  
  14
  
    

  		





  
  15
  
    
    def backwards(self, orm):


  		





  
  16
  
    

  		





  
  17
  
    
        # Changing field 'AuthorizationCode.redirect_uri'


  		





  
  18
  
    
        db.alter_column('oa2_authorizationcode', 'redirect_uri', self.gf('django.db.models.fields.CharField')(default=None, max_length=255))


  		





  
  19
  
    

  		





  
  20
  
    
    models = {


  		





  
  21
  
    
        'auth.group': {


  		





  
  22
  
    
            'Meta': {'object_name': 'Group'},


  		





  
  23
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  24
  
    
            'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),


  		





  
  25
  
    
            'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})


  		





  
  26
  
    
        },


  		





  
  27
  
    
        'auth.permission': {


  		





  
  28
  
    
            'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'},


  		





  
  29
  
    
            'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),


  		





  
  30
  
    
            'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}),


  		





  
  31
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  32
  
    
            'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})


  		





  
  33
  
    
        },


  		





  
  34
  
    
        'auth.user': {


  		





  
  35
  
    
            'Meta': {'object_name': 'User'},


  		





  
  36
  
    
            'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),


  		





  
  37
  
    
            'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),


  		





  
  38
  
    
            'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),


  		





  
  39
  
    
            'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}),


  		





  
  40
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  41
  
    
            'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),


  		





  
  42
  
    
            'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  43
  
    
            'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  44
  
    
            'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),


  		





  
  45
  
    
            'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),


  		





  
  46
  
    
            'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),


  		





  
  47
  
    
            'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}),


  		





  
  48
  
    
            'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})


  		





  
  49
  
    
        },


  		





  
  50
  
    
        'contenttypes.contenttype': {


  		





  
  51
  
    
            'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},


  		





  
  52
  
    
            'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),


  		





  
  53
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  54
  
    
            'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),


  		





  
  55
  
    
            'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})


  		





  
  56
  
    
        },


  		





  
  57
  
    
        'im.astakosuser': {


  		





  
  58
  
    
            'Meta': {'object_name': 'AstakosUser', '_ormbases': ['auth.User']},


  		





  
  59
  
    
            'accepted_email': ('django.db.models.fields.EmailField', [], {'default': 'None', 'max_length': '75', 'null': 'True', 'blank': 'True'}),


  		





  
  60
  
    
            'accepted_policy': ('django.db.models.fields.CharField', [], {'default': 'None', 'max_length': '255', 'null': 'True', 'blank': 'True'}),


  		





  
  61
  
    
            'activation_sent': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),


  		





  
  62
  
    
            'affiliation': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True', 'blank': 'True'}),


  		





  
  63
  
    
            'auth_token': ('django.db.models.fields.CharField', [], {'max_length': '64', 'unique': 'True', 'null': 'True', 'blank': 'True'}),


  		





  
  64
  
    
            'auth_token_created': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),


  		





  
  65
  
    
            'auth_token_expires': ('django.db.models.fields.DateTimeField', [], {'null': 'True'}),


  		





  
  66
  
    
            'date_signed_terms': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),


  		





  
  67
  
    
            'deactivated_at': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'}),


  		





  
  68
  
    
            'deactivated_reason': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),


  		





  
  69
  
    
            'disturbed_quota': ('django.db.models.fields.BooleanField', [], {'default': 'False', 'db_index': 'True'}),


  		





  
  70
  
    
            'email_verified': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  71
  
    
            'has_credits': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  72
  
    
            'has_signed_terms': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  73
  
    
            'invitations': ('django.db.models.fields.IntegerField', [], {'default': '0'}),


  		





  
  74
  
    
            'is_rejected': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  75
  
    
            'is_verified': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  76
  
    
            'level': ('django.db.models.fields.IntegerField', [], {'default': '4'}),


  		





  
  77
  
    
            'moderated': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  78
  
    
            'moderated_at': ('django.db.models.fields.DateTimeField', [], {'default': 'None', 'null': 'True', 'blank': 'True'}),


  		





  
  79
  
    
            'moderated_data': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True', 'blank': 'True'}),


  		





  
  80
  
    
            'policy': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['im.Resource']", 'null': 'True', 'through': "orm['im.AstakosUserQuota']", 'symmetrical': 'False'}),


  		





  
  81
  
    
            'rejected_reason': ('django.db.models.fields.TextField', [], {'null': 'True', 'blank': 'True'}),


  		





  
  82
  
    
            'updated': ('django.db.models.fields.DateTimeField', [], {}),


  		





  
  83
  
    
            'user_ptr': ('django.db.models.fields.related.OneToOneField', [], {'to': "orm['auth.User']", 'unique': 'True', 'primary_key': 'True'}),


  		





  
  84
  
    
            'uuid': ('django.db.models.fields.CharField', [], {'max_length': '255', 'unique': 'True', 'null': 'True'}),


  		





  
  85
  
    
            'verification_code': ('django.db.models.fields.CharField', [], {'max_length': '255', 'unique': 'True', 'null': 'True'}),


  		





  
  86
  
    
            'verified_at': ('django.db.models.fields.DateTimeField', [], {'null': 'True', 'blank': 'True'})


  		





  
  87
  
    
        },


  		





  
  88
  
    
        'im.astakosuserquota': {


  		





  
  89
  
    
            'Meta': {'unique_together': "(('resource', 'user'),)", 'object_name': 'AstakosUserQuota'},


  		





  
  90
  
    
            'capacity': ('snf_django.lib.db.fields.IntDecimalField', [], {'max_digits': '38', 'decimal_places': '0'}),


  		





  
  91
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  92
  
    
            'resource': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['im.Resource']"}),


  		





  
  93
  
    
            'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['im.AstakosUser']"})


  		





  
  94
  
    
        },


  		





  
  95
  
    
        'im.resource': {


  		





  
  96
  
    
            'Meta': {'object_name': 'Resource'},


  		





  
  97
  
    
            'allow_in_projects': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),


  		





  
  98
  
    
            'desc': ('django.db.models.fields.TextField', [], {'null': 'True'}),


  		





  
  99
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  100
  
    
            'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '255'}),


  		





  
  101
  
    
            'service_origin': ('django.db.models.fields.CharField', [], {'max_length': '255', 'db_index': 'True'}),


  		





  
  102
  
    
            'service_type': ('django.db.models.fields.CharField', [], {'max_length': '255'}),


  		





  
  103
  
    
            'unit': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True'}),


  		





  
  104
  
    
            'uplimit': ('snf_django.lib.db.fields.IntDecimalField', [], {'default': '0', 'max_digits': '38', 'decimal_places': '0'})


  		





  
  105
  
    
        },


  		





  
  106
  
    
        'oa2.authorizationcode': {


  		





  
  107
  
    
            'Meta': {'object_name': 'AuthorizationCode'},


  		





  
  108
  
    
            'client': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['oa2.Client']", 'on_delete': 'models.PROTECT'}),


  		





  
  109
  
    
            'code': ('django.db.models.fields.TextField', [], {}),


  		





  
  110
  
    
            'created_at': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime(2013, 11, 22, 0, 0)'}),


  		





  
  111
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  112
  
    
            'redirect_uri': ('django.db.models.fields.CharField', [], {'default': 'None', 'max_length': '255', 'null': 'True'}),


  		





  
  113
  
    
            'scope': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),


  		





  
  114
  
    
            'state': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),


  		





  
  115
  
    
            'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['im.AstakosUser']", 'on_delete': 'models.PROTECT'})


  		





  
  116
  
    
        },


  		





  
  117
  
    
        'oa2.client': {


  		





  
  118
  
    
            'Meta': {'object_name': 'Client'},


  		





  
  119
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  120
  
    
            'identifier': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '255'}),


  		





  
  121
  
    
            'is_trusted': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),


  		





  
  122
  
    
            'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}),


  		





  
  123
  
    
            'secret': ('django.db.models.fields.CharField', [], {'default': 'None', 'max_length': '255', 'null': 'True'}),


  		





  
  124
  
    
            'type': ('django.db.models.fields.CharField', [], {'default': "'confidential'", 'max_length': '100'}),


  		





  
  125
  
    
            'url': ('django.db.models.fields.CharField', [], {'max_length': '255'})


  		





  
  126
  
    
        },


  		





  
  127
  
    
        'oa2.redirecturl': {


  		





  
  128
  
    
            'Meta': {'ordering': "('is_default',)", 'unique_together': "(('client', 'url'),)", 'object_name': 'RedirectUrl'},


  		





  
  129
  
    
            'client': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['oa2.Client']", 'on_delete': 'models.PROTECT'}),


  		





  
  130
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  131
  
    
            'is_default': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),


  		





  
  132
  
    
            'url': ('django.db.models.fields.URLField', [], {'unique': 'True', 'max_length': '200'})


  		





  
  133
  
    
        },


  		





  
  134
  
    
        'oa2.token': {


  		





  
  135
  
    
            'Meta': {'object_name': 'Token'},


  		





  
  136
  
    
            'client': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['oa2.Client']", 'on_delete': 'models.PROTECT'}),


  		





  
  137
  
    
            'code': ('django.db.models.fields.TextField', [], {}),


  		





  
  138
  
    
            'created_at': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime(2013, 11, 22, 0, 0)'}),


  		





  
  139
  
    
            'expires_at': ('django.db.models.fields.DateTimeField', [], {}),


  		





  
  140
  
    
            'grant_type': ('django.db.models.fields.CharField', [], {'default': "'authorization_code'", 'max_length': '100'}),


  		





  
  141
  
    
            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),


  		





  
  142
  
    
            'redirect_uri': ('django.db.models.fields.CharField', [], {'max_length': '255'}),


  		





  
  143
  
    
            'scope': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),


  		





  
  144
  
    
            'state': ('django.db.models.fields.TextField', [], {'default': 'None', 'null': 'True'}),


  		





  
  145
  
    
            'token_type': ('django.db.models.fields.CharField', [], {'default': "'Bearer'", 'max_length': '100'}),


  		





  
  146
  
    
            'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['im.AstakosUser']", 'on_delete': 'models.PROTECT'})


  		





  
  147
  
    
        }


  		





  
  148
  
    
    }


  		





  
  149
  
    

  		





  
  150
  
    
    complete_apps = ['oa2']


  		












  

    
      b/snf-astakos-app/astakos/oa2/models.py
    
  






  68
  68
  
    
class AuthorizationCode(models.Model):


  		





  69
  69
  
    
    user = models.ForeignKey('im.AstakosUser', on_delete=models.PROTECT)


  		





  70
  70
  
    
    code = models.TextField()


  		





  71
  
  
    
    redirect_uri = models.CharField(max_length=255)


  		





  
  71
  
    
    redirect_uri = models.CharField(max_length=255, null=True, default=None)


  		





  72
  72
  
    
    client = models.ForeignKey('oa2.Client', on_delete=models.PROTECT)


  		





  73
  73
  
    
    scope = models.TextField(null=True, default=None)


  		





  74
  74
  
    
    created_at = models.DateTimeField(default=datetime.datetime.now())


  		












Also available in:
  Unified diff