Example #1
0
    def get_object_data(self, request, obj, details=False):
        base = get_base_url(request)
        data = {
            '@id': "%s%s" % (base, reverse('api:v2_association', kwargs={'uuid': obj.uuid.hex})),
            'id': '%s' % obj.uuid.hex,
            'name': '%s' % force_str(obj),
            'homepage': obj.homepage,
            'last_modified': obj.last_modified,
            'is_active': obj.is_active,
        }
        if obj.email_domain:
            data['email_domain'] = '%s' % obj.email_domain
        if details:
            if 'users' in request.scopes:
                users = User.objects.filter(organisations__association=obj)
                users = request.user.filter_administrable_users(users)
                if users.exists():
                    data['users'] = "%s%s?association_id=%s" % (base, reverse('api:v2_users'), obj.uuid.hex)

            if Organisation.objects.filter(association=obj).exists():
                data['organisations'] = "%s%s?association_id=%s" % (base, reverse('api:v2_organisations'), obj.uuid.hex)
            if AdminRegion.objects.filter(organisation_country__association=obj).exists():
                data['regions'] = "%s%s?association_id=%s" % (base, reverse('api:v2_regions'), obj.uuid.hex)
            if OrganisationCountry.objects.filter(association=obj).exists():
                data['countries'] = "%s%s?association_id=%s" % (base, reverse('api:v2_countries'), obj.uuid.hex)
        return data
Example #2
0
def get_page_and_links(request, qs, find_expression=FIND_EXPRESSION):
    per_page = int(request.GET.get('per_page', DEFAULT_PER_PAGE))
    per_page = max(MIN_PER_PAGE, per_page)
    paginator = Paginator(qs, per_page)

    page = request.GET.get('page')
    try:
        page = paginator.page(page)
    except PageNotAnInteger:
        page = paginator.page(1)
    except EmptyPage:
        page = paginator.page(paginator.num_pages)

    page_base_url = "%s%s" % (get_base_url(request), request.path)
    self_url = update_url(page_base_url, request.GET)
    links = {
        'find': {'href': '%s%s' % (page_base_url, find_expression), 'templated': True},
        'self': {'href': self_url}
    }

    if page.has_next():
        links['next'] = {'href': update_url(self_url, {'page': page.next_page_number()})}
    if page.has_previous():
        links['prev'] = {'href': update_url(self_url, {'page': page.previous_page_number()})}

    return page, links
Example #3
0
    def get_data(self, context):
        page_base_url = "%s%s" % (get_base_url(
            self.request), self.request.path)
        self_url = update_url(page_base_url, self.request.GET)
        data = {
            'member': [
                self.get_object_data(self.request, obj)
                for obj in context['object_list']
            ],
            'total_items':
            context['paginator'].count
        }
        if context['is_paginated']:
            data['items_per_page'] = context['paginator'].per_page

            page = context['page_obj']
            if page.has_next():
                data['next_page'] = update_url(
                    self_url, {'page': page.next_page_number()})
            if page.has_previous():
                data['prev_page'] = update_url(
                    self_url, {'page': page.previous_page_number()})

        data['@id'] = self_url
        data['operation'] = self.get_allowed_operations(None)
        return data
Example #4
0
File: home.py Project: g10f/sso 
def home(request):
    base_uri = get_base_url(request)
    resources = {
        "@id":
        "%s%s" % (base_uri, reverse('api:home')),
        "@type":
        "EntryPoint",
        "associations":
        "%s%s%s" % (base_uri, reverse('api:v2_associations'),
                    FIND_ASSOCIATION_EXPRESSION),
        "association":
        "%s%s%s" %
        (base_uri, reverse('api:v2_associations'), "{association_id}/"),
        "country_groups":
        "%s%s%s" % (base_uri, reverse('api:v2_country_groups'),
                    FIND_COUNTRY_GROUP_EXPRESSION),
        "country_group":
        "%s%s%s" %
        (base_uri, reverse('api:v2_country_groups'), "{country_group_id}/"),
        "countries":
        "%s%s%s" %
        (base_uri, reverse('api:v2_countries'), FIND_COUNTRY_EXPRESSION),
        "country":
        "%s%s%s" % (base_uri, reverse('api:v2_countries'), "{iso2_code}/"),
        "regions":
        "%s%s%s" %
        (base_uri, reverse('api:v2_regions'), FIND_REGION_EXPRESSION),
        "region":
        "%s%s%s" % (base_uri, reverse('api:v2_regions'), "{region_id}/"),
        "organisations":
        "%s%s%s" % (base_uri, reverse('api:v2_organisations'),
                    FIND_ORGANISATION_EXPRESSION),
        "organisation":
        "%s%s%s" % (base_uri, reverse('api:v2_organisations'), "{org_id}/"),
        "users":
        "%s%s%s" % (base_uri, reverse('api:v2_users'), FIND_USER_EXPRESSION),
        "user":
        "******" % (base_uri, reverse('api:v2_users'), "{user_id}/",
                      CREATE_USER_QUERY_PARAMS),
        "me":
        "%s%s" % (base_uri, reverse('api:v2_users_me')),
        "navigation_me":
        "%s%s" % (base_uri, reverse('api:v2_navigation_me')),
        "navigation":
        "%s%s" % (base_uri, reverse('api:v2_navigation_me').replace(
            '/me/', '/{user_id}/', 1)),
        "picture_me":
        "%s%s" % (base_uri, reverse('api:v2_picture_me')),
        "picture":
        "%s%s" % (base_uri, reverse('api:v2_picture_me').replace(
            '/me/', '/{user_id}/', 1)),
        "user_emails":
        "%s%s%s" %
        (base_uri, reverse('api:user_emails'), FIND_USER_EMAILS_EXPRESSION),
        # "emails": "%s%s" % (base_uri, reverse('api:emails', kwargs={'type': 'txt'}))
    }
    return JsonHttpResponse(data=resources, request=request)
Example #5
0
def settings(request):
    return {
        'brand': site_settings.SSO_BRAND,
        'base_url': get_base_url(request),
        # 'stylesheet': 'css/%(style)s-%(version)s.css' % {'style': site_settings.SSO_STYLE, 'version': site_settings.SSO_STYLE_VERSION},
        'sso_app_uuid': site_settings.SSO_APP_UUID,
        'registration_open': site_settings.REGISTRATION.get('OPEN', True),
        'data_protection_uri': site_settings.SSO_DATA_PROTECTION_URI,
        'sidebar': sidebar(request),
        'sso_style': site_settings.SSO_STYLE
    }
Example #6
0
    def get_data(self, context):
        data = self.get_object_data(self.request, context['object'])

        if '@id' not in data:
            # if no @id is there we use the current url as the default
            page_base_url = "%s%s" % (get_base_url(
                self.request), self.request.path)
            data['@id'] = update_url(page_base_url, self.request.GET)

        data['operation'] = self.get_allowed_operations(context['object'])
        return data
Example #7
0
File: media.py Project: g10f/sso 
 def get_object_data(self, request, obj):
     base = get_base_url(request)
     data = {
         '@id': "%s%s" % (base, reverse('api:v2_picture', kwargs={'uuid': obj.uuid.hex})),
         'id': '%s' % obj.uuid.hex,
         'last_modified': obj.last_modified,
         'max_size': User.MAX_PICTURE_SIZE
     }
     if obj.picture:
         data['url'] = absolute_url(request, obj.picture.url)
         data['30x30'] = absolute_url(request, get_thumbnail(obj.picture, "30x30", crop="center").url)
         data['60x60'] = absolute_url(request, get_thumbnail(obj.picture, "60x60", crop="center").url)
         data['120x120'] = absolute_url(request, get_thumbnail(obj.picture, "120x120", crop="center").url)
         data['240x240'] = absolute_url(request, get_thumbnail(obj.picture, "240x240", crop="center").url)
         data['480x480'] = absolute_url(request, get_thumbnail(obj.picture, "480x480", crop="center").url)
     return data
Example #8
0
    def _get_session_key(self):
        """
        Most session backends don't need to override this method, but we do,
        because instead of generating a random string, we want to actually
        generate a secure url-safe Base64-encoded string of data as our
        session key.
        """
        session_cache = getattr(self, '_session_cache', {})
        session_cache = map_keys(session_cache, key_map)
        if "_auth_user_backend" in session_cache:
            del session_cache["_auth_user_backend"]
        session_cache["iss"] = get_base_url()

        return make_jwt(session_cache,
                        max_age=settings.SESSION_COOKIE_AGE,
                        algorithm="HS256")
Example #9
0
File: views.py Project: g10f/sso 
 def get(self, request, *args, **kwargs):
     """
     http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
     """
     base_uri = get_base_url(
         request)  # 'http://10.0.2.2:8000'  # for android local client test
     configuration = {
         "issuer":
         base_uri,
         "authorization_endpoint":
         '%s%s' % (base_uri, reverse('oauth2:authorize')),
         "token_endpoint":
         '%s%s' % (base_uri, reverse('oauth2:token')),
         "userinfo_endpoint":
         '%s%s' % (base_uri, reverse('api:v2_users_me')),
         "revocation_endpoint":
         '%s%s' % (base_uri, reverse('oauth2:revoke')),
         "jwks_uri":
         '%s%s' % (base_uri, reverse('oauth2:jwks')),
         "scopes_supported": [
             'openid', 'profile', 'email', 'role', 'offline_access',
             'address', 'phone', 'users', 'picture'
         ],
         "response_types_supported":
         ["code", "token", "id_token token", "id_token"],
         "id_token_signing_alg_values_supported": ["RS256"],
         "token_endpoint_auth_methods_supported": ["client_secret_basic"],
         "token_endpoint_auth_signing_alg_values_supported": ["RS256"],
         "display_values_supported": ["page", "popup"],
         "subject_types_supported": ["public"],
         "end_session_endpoint":
         '%s%s' % (base_uri, reverse('auth:logout')),
         "introspection_endpoint":
         '%s%s' % (base_uri, reverse('oauth2:introspect')),
         "check_session_iframe":
         '%s%s' % (base_uri, reverse('oauth2:session')),
         # "certs_uri": '%s%s' % (base_uri, reverse('oauth2:certs')),
         "profile_uri":
         '%s%s' % (base_uri, reverse('accounts:profile')),
     }
     if settings.SSO_SERVICE_DOCUMENTATION:
         configuration[
             'service_documentation'] = settings.SSO_SERVICE_DOCUMENTATION
     return JsonHttpResponse(configuration,
                             request,
                             allow_jsonp=True,
                             public_cors=True)
Example #10
0
File: utils.py Project: g10f/sso 
def get_qrcode_data_url(key, username, issuer):
    # Get data for qrcode
    from qrcode.image.pil import PilImage
    if settings.SSO_USE_HTTPS:
        base_uri = get_base_url()
        image = base_uri + static("ico/apple-touch-icon.png")
    else:
        image = None

    otpauth_url = pyotp.TOTP(key, digits=totp_digits()).provisioning_uri(
        name=username, issuer_name=issuer, image=image)

    # Make and return QR code
    img = qrcode.make(otpauth_url, image_factory=PilImage, box_size=3)
    output = BytesIO()
    img.save(output)
    data = base64.b64encode(output.getvalue()).decode('ascii')
    return "data:image/png;base64,%s" % data
Example #11
0
 def get_object_data(self, request, obj, details=False):
     base = get_base_url(request)
     data = {
         '@id':
         "%s%s" % (base,
                   reverse('api:v2_country',
                           kwargs={'iso2_code': obj.country.iso2_code})),
         'id':
         '%s' % obj.uuid.hex,
         'code':
         obj.country.iso2_code,
         'order':
         obj.order,
         'name':
         '%s' % force_str(obj),
         'homepage':
         obj.homepage,
         'last_modified':
         obj.get_last_modified_deep(),
         'continent': {
             'code': obj.country.continent,
             'name': obj.country.get_continent_display(),
         }
     }
     if obj.email:
         data['email'] = '%s' % obj.email
     if details:
         if ('users' in request.scopes) and (
                 obj in request.user.get_administrable_user_countries()):
             data['users'] = "%s%s?country=%s" % (
                 base, reverse('api:v2_users'), obj.country.iso2_code)
         if obj.organisation_set.exists():
             data['organisations'] = "%s%s?country=%s" % (
                 base, reverse('api:v2_organisations'),
                 obj.country.iso2_code)
         if obj.adminregion_set.exists():
             data['regions'] = "%s%s?country=%s" % (
                 base, reverse('api:v2_regions'), obj.country.iso2_code)
         if obj.country_groups.all().exists():
             data['country_groups'] = "%s%s?country=%s" % (
                 base, reverse('api:v2_country_groups'),
                 obj.country.iso2_code)
     return data
Example #12
0
File: regions.py Project: g10f/sso 
    def get_object_data(self, request, obj, details=False):
        base = get_base_url(request)
        data = {
            '@id':
            "%s%s" %
            (base, reverse('api:v2_region', kwargs={'uuid': obj.uuid.hex})),
            'id':
            '%s' % obj.uuid.hex,
            'name':
            '%s' % obj.name,
            'slug':
            '%s' % obj.slug,
            'homepage':
            obj.homepage,
            'last_modified':
            obj.last_modified,
            'country': {
                'code':
                obj.organisation_country.country.iso2_code,
                '@id':
                "%s%s" %
                (base,
                 reverse('api:v2_country',
                         kwargs={
                             'iso2_code':
                             obj.organisation_country.country.iso2_code
                         })),
            }
        }
        if obj.email:
            data['email'] = '%s' % obj.email
        if details:
            if ('users' in request.scopes) and (
                    obj in request.user.get_administrable_user_regions()):
                data['users'] = "%s%s?region_id=%s" % (
                    base, reverse('api:v2_users'), obj.uuid.hex)
            if obj.organisation_set.exists():
                data['organisations'] = "%s%s?region_id=%s" % (
                    base, reverse('api:v2_organisations'), obj.uuid.hex)

        return data
Example #13
0
def get_userinfo(user, request, show_details=False):
    scopes = request.scopes
    base = get_base_url(request)
    email = user.primary_email()
    userinfo = {
        'id': '%s' % user.uuid.hex,
        # 'sub': '%s' % user.uuid.hex,  # remove after all clients migrated to id
        'name': '%s' % user,
        'given_name': '%s' % user.first_name,
        'family_name': '%s' % user.last_name,
        'gender': user.gender,
        'birth_date': date(user.dob, "c"),
        'homepage': user.homepage,
        'language': user.language,
        'is_center': user.is_center,
        'organisations': {organisation.uuid.hex: {'name': organisation.name} for organisation in
                          user.organisations.all()},
        'links': {'self': {'href': "%s%s" % (base, reverse('api:v1_user', kwargs={'uuid': user.uuid.hex}))},
                  'apps': {'href': "%s%s" % (base, reverse('api:v1_users_apps', kwargs={'uuid': user.uuid.hex}))}}
    }
    if email is not None:
        userinfo['email'] = email.email
    if user.picture:
        userinfo['picture'] = absolute_url(request, user.picture.url)
    if show_details:
        applications = {}
        applicationroles = user.get_applicationroles()

        for application in user.get_apps():
            application_data = {
                'order': application.order,
                'links': {
                    'app': {
                        'href': application.url,
                        'title': application.title,
                        'global_navigation': application.global_navigation}},
                'roles': []}
            for applicationrole in applicationroles:
                if applicationrole.application == application:
                    application_data['roles'].append(applicationrole.role.name)

            applications[application.uuid.hex] = application_data
        userinfo['applications'] = applications

        if 'address' in scopes:
            userinfo['addresses'] = {
                address.uuid.hex: {
                    'address_type': address.address_type,
                    'addressee': address.addressee,
                    'street_address': address.street_address,
                    'city': address.city,
                    'postal_code': address.postal_code,
                    'country': address.country.iso2_code,
                    'state': _address_state(address),
                    'primary': address.primary
                } for address in user.useraddress_set.all()
            }

        if 'phone' in scopes:
            userinfo['phone_numbers'] = {
                phone_number.uuid.hex: {
                    'phone_type': phone_number.phone_type,
                    'phone': phone_number.phone,
                    'primary': phone_number.primary
                } for phone_number in user.userphonenumber_set.all()
            }
    return userinfo
Example #14
0
 def get_operations(self):
     base_uri = get_base_url(self.request)
     return {
         'create': {'@type': 'CreateResourceOperation', 'method': 'PUT',
                    'template': "%s%s%s" % (base_uri, reverse('api:v2_users'), '{uuid}/')}
     }
Example #15
0
    def get_object_data(self, request, obj, details=False):
        scopes = request.scopes
        base = get_base_url(request)
        email = obj.primary_email()
        data = {
            '@id': "%s%s" % (base, reverse('api:v2_user', kwargs={'uuid': obj.uuid.hex})),
            'id': '%s' % obj.uuid.hex,
            'sub': '%s' % obj.uuid.hex,
            'is_active': obj.is_active,
            'name': '%s' % obj,
            'given_name': '%s' % obj.first_name,
            'family_name': '%s' % obj.last_name,
            'gender': obj.gender,
            'birth_date': obj.dob,
            'homepage': obj.homepage,
            'language': obj.language,
            'is_center': obj.is_center,
            'last_modified': obj.get_last_modified_deep()
        }
        if obj.valid_until:
            data['valid_until'] = obj.valid_until

        if obj.timezone:
            data['timezone'] = obj.timezone
            # data['utc_offset'] = localtime(now(), timezone(obj.timezone)).strftime('%z')

        if email is not None:
            data['email'] = email.email
            data['email_verified'] = email.confirmed

        data['picture'] = {
            '@id': "%s%s" % (base, reverse('api:v2_picture', kwargs={'uuid': obj.uuid.hex}))
        }
        if obj.picture:
            data['picture']['url'] = absolute_url(request, obj.picture.url)

        data['associated_systems'] = {
            associated_system.application.uuid.hex: {
                'userid': associated_system.userid
            } for associated_system in UserAssociatedSystem.objects.filter(user=obj)}

        if details:
            if obj.picture:
                data['picture']['30x30'] = absolute_url(request, get_thumbnail(obj.picture, "30x30", crop="center").url)
                data['picture']['60x60'] = absolute_url(request, get_thumbnail(obj.picture, "60x60", crop="center").url)
                data['picture']['120x120'] = absolute_url(request, get_thumbnail(obj.picture, "120x120", crop="center").url)
                data['picture']['240x240'] = absolute_url(request, get_thumbnail(obj.picture, "240x240", crop="center").url)
                data['picture']['480x480'] = absolute_url(request, get_thumbnail(obj.picture, "480x480", crop="center").url)

            data['organisations'] = {
                organisation.uuid.hex: {
                    'country': organisation.organisation_country.country.iso2_code,
                    'name': organisation.name,
                    '@id': "%s%s" % (base, reverse('api:v2_organisation', kwargs={'uuid': organisation.uuid.hex}))
                } if organisation.organisation_country else {
                    'name': organisation.name,
                    '@id': "%s%s" % (base, reverse('api:v2_organisation', kwargs={'uuid': organisation.uuid.hex}))
                } for organisation in obj.organisations.all().prefetch_related('organisation_country__country')
            }
            data['admin_regions'] = {
                region.uuid.hex: {
                    'country': region.organisation_country.country.iso2_code,
                    'name': region.name,
                    '@id': "%s%s" % (base, reverse('api:v2_region', kwargs={'uuid': region.uuid.hex}))
                } if region.organisation_country else {
                    'name': region.name,
                    '@id': "%s%s" % (base, reverse('api:v2_region', kwargs={'uuid': region.uuid.hex}))
                } for region in obj.admin_regions.all().prefetch_related('organisation_country__country')
            }
            data['admin_countries'] = {
                organisation_country.country.iso2_code: {
                    'code': organisation_country.country.iso2_code,
                    'name': organisation_country.country.printable_name,
                    '@id': "%s%s" % (
                        base, reverse('api:v2_country', kwargs={'iso2_code': organisation_country.country.iso2_code}))
                } for organisation_country in obj.admin_organisation_countries.all()
            }

            if 'role' in scopes:
                applications = {}
                applicationroles = obj.get_applicationroles()

                for application in obj.get_apps():
                    if not application.required_scope or application.required_scope in scopes:
                        application_data = {'order': application.order,
                                            'link': {'href': application.url, 'title': application.title,
                                                     'global_navigation': application.global_navigation}, 'roles': []}
                        for applicationrole in applicationroles:
                            if applicationrole.application == application:
                                application_data['roles'].append(applicationrole.role.name)

                        applications[application.uuid.hex] = application_data
                data['apps'] = applications

            # be carefull to assign role_profile, because there can be private / secret role_profiles
            if 'role_profile' in scopes:
                data['role_profiles'] = [role_profile.uuid.hex for role_profile in obj.role_profiles.all()]

            if 'address' in scopes:
                data['addresses'] = {
                    address.uuid.hex: {
                        'address_type': address.address_type,
                        'addressee': address.addressee,
                        'street_address': address.street_address,
                        'city': address.city,
                        'city_native': address.city_native,
                        'postal_code': address.postal_code,
                        'country': address.country.iso2_code,
                        'region': address.region,
                        'primary': address.primary
                    } for address in obj.useraddress_set.all()
                }

            if 'phone' in scopes:
                data['phone_numbers'] = {
                    phone_number.uuid.hex: {
                        'phone_type': phone_number.phone_type,
                        'phone': phone_number.phone,
                        'primary': phone_number.primary
                    } for phone_number in obj.userphonenumber_set.all()
                }

            if 'profile' in scopes:
                for user_attribute in obj.userattribute_set.all():
                    data[user_attribute.name] = user_attribute.value

            if obj.has_perm("registration.change_registrationprofile"):
                count_of_registrationprofiles = obj.get_count_of_registrationprofiles()
                if settings.REGISTRATION.get('OPEN', True) or count_of_registrationprofiles > 0:
                    data['open_registrations'] = count_of_registrationprofiles

            if obj.has_perm("accounts.change_user"):
                data['open_centerchanges'] = obj.get_count_of_organisationchanges()

        return data