def additional_authorization_for_oidc(self, option, **kwargs):
if option == 'uri':
path = urlparse(kwargs['uri']).path
queryset = parse_qs(urlparse(kwargs['uri']).query,
keep_blank_values=True,
strict_parsing=True)
if 'openid' not in queryset['scope'][0]:
return kwargs['uri']
queryset[
'response_type'] = oauth2_settings.UP_COMPATIBLE_OIDC_RESPONSE_TYPE.get(
queryset['response_type'][0], None).split()
uri = ''
for key, value in queryset.items():
uri += key + '=' + value[0] + '&'
uri = quote(uri[:-1], safe='=&')
return "{0}?{1}".format(path, uri), queryset.get('nonce', ''),\
queryset.get('code_challenge', ''), queryset.get('code_challenge_method', '')
if option == 'credentials' and 'openid' in kwargs['scopes']:
kwargs['credentials'].update(nonce=kwargs['nonce'])
kwargs['credentials'].update(
code_challenge=kwargs['code_challenge'])
kwargs['credentials'].update(
code_challenge_method=kwargs['code_challenge_method'])
return kwargs['credentials']
def _get_escaped_full_path(self, request):
"""
Django considers "safe" some characters that aren't so for oauthlib.
We have to search for them and properly escape.
"""
parsed = list(urlparse(request.get_full_path()))
unsafe = set(c for c in parsed[4]).difference(urlencoded)
for c in unsafe:
parsed[4] = parsed[4].replace(c, quote(c, safe=b""))
return urlunparse(parsed)
def _get_escaped_full_path(self, request):
"""
Django considers "safe" some characters that aren't so for oauthlib. We have to search for
them and properly escape.
"""
parsed = list(urlparse(request.get_full_path()))
unsafe = set(c for c in parsed[4]).difference(urlencoded)
for c in unsafe:
parsed[4] = parsed[4].replace(c, quote(c, safe=b''))
return urlunparse(parsed)
def escape(u):
"""Escape a unicode string in an OAuth-compatible fashion.
Per `section 3.6`_ of the spec.
.. _`section 3.6`: http://tools.ietf.org/html/rfc5849#section-3.6
"""
if not isinstance(u, unicode):
raise ValueError('Only unicode objects are escapable.')
# Letters, digits, and the characters '_.-' are already treated as safe
# by urllib.quote(). We need to add '~' to fully support rfc5849.
return quote(u, safe='~')
def escape(u):
"""Escape a unicode string in an OAuth-compatible fashion.
Per `section 3.6`_ of the spec.
.. _`section 3.6`: http://tools.ietf.org/html/rfc5849#section-3.6
"""
# if not isinstance(u, unicode_type):
# raise ValueError('Only unicode objects are escapable.')
# Letters, digits, and the characters '_.-' are already treated as safe
# by urllib.quote(). We need to add '~' to fully support rfc5849.
return quote(u, safe=b"~")
def _get_escaped_full_path(self, request):
"""
获取安全的url
:param request:
:return:
"""
parsed = list(urlparse(request.get_full_path()))
unsafe = set(c for c in parsed[4]).difference(urlencoded)
for c in unsafe:
parsed[4] = parsed[4].replace(c, quote(c, safe=b''))
return urlunparse(parsed)
def _get_escaped_full_path(self, request):
"""
Django considers "safe" some characters that aren't so for oauthlib.
We have to search for them and properly escape.
"""
parsed = list(urlparse(request.get_full_path()))
unsafe = set(c for c in parsed[4]).difference(urlencoded)
for c in unsafe:
parsed[4] = parsed[4].replace(c, quote(c, safe=b""))
uri = urlsplit(urlunparse(parsed))
query = uri.query
params = parse_qsl(query)
encoded_params = urllib_urlencode(params, doseq=False)
parsed_url = SplitResult(uri.scheme, uri.netloc, uri.path,
encoded_params, uri.fragment)
return parsed_url.geturl()
