def validate_state(self, value): """Validate the state is equal to the one stored in the session.""" try: SocialLogin.verify_and_unstash_state( self.context['request'], value, ) # Allauth raises PermissionDenied if the validation fails except PermissionDenied: raise ValidationError(_('State did not match.')) return value
def validate_state(self, value): """ Checks that the state is equal to the one stored in the session. Since we are validating state against information stored in the session, the Login and CreateCallback requests must originate from the same endpoint and must be authenticated. """ try: SocialLogin.verify_and_unstash_state( self.context['request'], value, ) # Allauth raises PermissionDenied if the validation fails except PermissionDenied: raise ValidationError(_('State did not match.')) return value
def dispatch(self, request, *args, **kwargs): auth_error = get_request_param(request, "error") code = get_request_param(request, "code") if auth_error or not code: # Distinguish cancel from error if auth_error == self.adapter.login_cancelled_error: error = AuthError.CANCELLED else: error = AuthError.UNKNOWN return render_authentication_error(request, self.adapter.provider_id, error=error) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(self.request, app) try: token_data = self.adapter.get_access_token_data(self.request, app=app, client=client) token = self.adapter.parse_token(data=token_data) token.app = app login = self.adapter.complete_login(request, app, token, response=token_data) login.token = token state = get_request_param(request, "state") if self.adapter.supports_state: login.state = SocialLogin.verify_and_unstash_state( request, state) else: login.state = SocialLogin.unstash_state(request) return complete_social_login(request, login) except ( PermissionDenied, OAuth2Error, RequestException, ProviderException, ) as e: return render_authentication_error(request, self.adapter.provider_id, exception=e)
def dispatch(self, request, *args, **kwargs): """ This overloading is necessary to manage the case when the user clicks on "Cancel" once on the "Mire de connexion PE Connect". Original code: https://github.com/pennersr/django-allauth/blob/master/allauth/socialaccount/providers/oauth2/views.py#L113 """ if "error" in request.GET or "code" not in request.GET: # Distinguish cancel from error auth_error = request.GET.get("error", None) if auth_error == self.adapter.login_cancelled_error: error = AuthError.CANCELLED elif auth_error is None and "state" in request.GET: # This custom case happens when the user clicks "Cancel" on the # "Mire de connexion PE Connect". error = AuthError.CANCELLED else: error = AuthError.UNKNOWN logger.error("Unknown error in PEAMU dispatch.") return render_authentication_error(request, self.adapter.provider_id, error=error) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(request, app) try: access_token = client.get_access_token(request.GET["code"]) token = self.adapter.parse_token(access_token) token.app = app login = self.adapter.complete_login(request, app, token, response=access_token) login.token = token if self.adapter.supports_state: login.state = SocialLogin.verify_and_unstash_state( request, get_request_param(request, "state")) else: login.state = SocialLogin.unstash_state(request) return complete_social_login(request, login) except (PermissionDenied, OAuth2Error, RequestException, ProviderException) as e: # This log is useful, 3.6k events for 75 users in 18 days but we have to disable it # to not reach the Sentry limit. The issue is tracked in Trello. # logger.error("Unknown error in PEAMU dispatch with exception '%s'.", e) return render_authentication_error(request, self.adapter.provider_id, exception=e)
def dispatch(self, request): if "error" in request.GET or not "code" in request.GET: # TODO: Distinguish cancel from error return render_authentication_error(request) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(request, app) try: access_token = client.get_access_token(request.GET["code"]) token = self.adapter.parse_token(access_token) token.app = app login = self.adapter.complete_login(request, app, token, response=access_token) token.account = login.account login.token = token login.state = SocialLogin.verify_and_unstash_state(request, request.REQUEST.get("state")) return complete_social_login(request, login) except OAuth2Error: return render_authentication_error(request)
def dispatch(self, request, *args, **kwargs): if "error" in request.GET or "code" not in request.GET: # Distinguish cancel from error auth_error = request.GET.get("error", None) if auth_error == self.adapter.login_cancelled_error: error = AuthError.CANCELLED else: error = AuthError.UNKNOWN return render_authentication_error(request, self.adapter.provider_id, error=error) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(self.request, app) try: access_token = client.get_access_token(request.GET["code"]) token = self.adapter.parse_token(access_token) token.app = app login = self.adapter.complete_login(request, app, token, response=access_token) login.token = token if self.adapter.supports_state: login.state = SocialLogin.verify_and_unstash_state( request, get_request_param(request, "state")) else: login.state = SocialLogin.unstash_state(request) return complete_social_login(request, login) except ( PermissionDenied, OAuth2Error, RequestException, ProviderException, ) as e: return render_authentication_error(request, self.adapter.provider_id, exception=e)
def dispatch(self, request): if "error" in request.GET or "code" not in request.GET: # Distinguish cancel from error auth_error = request.GET.get("error", None) if auth_error == self.adapter.login_cancelled_error: error = AuthError.CANCELLED else: error = AuthError.UNKNOWN return render_authentication_error(request, self.adapter.provider_id, error=error) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(request, app) try: access_token = client.get_access_token(request.GET["code"]) token = self.adapter.parse_token(access_token) token.app = app login = self.adapter.complete_login(request, app, token, response=access_token) login.token = token if self.adapter.supports_state: login.state = SocialLogin.verify_and_unstash_state(request, get_request_param(request, "state")) else: login.state = SocialLogin.unstash_state(request) return complete_social_login(request, login) except (PermissionDenied, OAuth2Error, RequestException, ProviderException) as e: return render_authentication_error(request, self.adapter.provider_id, exception=e)