def globus_login(request):
"""
Associate the logged in user with a globus account based on email.
If the association doesn't exist, create it. Redirect to transfer
page.
"""
redirect_uri = reverse("globus_login")
# http://localhost/globus/login/"
client = get_client()
client.oauth2_start_flow(redirect_uri, refresh_tokens=True)
# First step of authentication flow - we need code
if "code" not in request.GET:
auth_uri = client.oauth2_get_authorize_url()
return redirect(auth_uri)
else:
# Second step of authentication flow - we need to ask for token
code = request.GET.get("code")
associate_user(request.user, client=client, code=code)
return redirect("globus_transfer")
def globus_logout(request):
"""log the user out of globus - this is a complete disconnect meaning
that we revoke tokens and delete the social auth object.
"""
client = get_client()
try:
# Properly revoke and log out
social = request.user.social_auth.get(provider="globus")
for _, token_info in social.extra_data.items():
for token, token_type in token_info.items():
client.oauth2_revoke_token(
token, additional_params={"token_type_hint": token_type})
social.delete()
except UserSocialAuth.DoesNotExist:
pass
# Redirect to globus logout page?
redirect_name = "Singularity Registry"
redirect_url = "%s%s" % (settings.DOMAIN_NAME, reverse("profile"))
logout_url = "https://auth.globus.org/v2/web/logout"
params = "?client=%s&redirect_uri=%s&redirect_name=%s" % (
client.client_id,
redirect_url,
redirect_name,
)
return redirect("%s%s" % (logout_url, params))