def oauth2callback(request): ''' Endpoint for google oauth2.0 callback, the antiforgery token is checked, then tukey talk to google using the code in the request, and exchange user information from google, user email is extracted from id_token ''' if request.session.get('oauth_state', '') == request.GET['state']: token = backend.getToken(request.GET.get('code', '')) if token.has_key('id_token'): email = backend.decode(token['id_token']) else: return render(request, '403.html', {}, status=403) try: user=authenticate(password=settings.TUKEY_PASSWORD,username='******' % email,\ auth_url=settings.OPENSTACK_KEYSTONE_URL,request=request) user.identifier = email if user != None and user.is_active: login(request, user) return redirect(request.session.get('next', '/project')) #create unregistered user if user is not authorized in keystone, #and redirect user to apply page except KeystoneAuthException: user = UnregisteredUser('OpenId', email) from tukey.webforms.views import osdc_apply return osdc_apply(request, user) else: return render(request, '403.html', {}, status=403)
def oauth2callback(request): ''' Endpoint for google oauth2.0 callback, the antiforgery token is checked, then tukey talk to google using the code in the request, and exchange user information from google, user email is extracted from id_token ''' if request.session.get('oauth_state','')==request.GET['state']: token=backend.getToken(request.GET.get('code','')) if token.has_key('id_token'): email=backend.decode(token['id_token']) else: return render(request,'403.html',{},status=403) try: user=authenticate(password=settings.TUKEY_PASSWORD,username='******' % email,\ auth_url=settings.OPENSTACK_KEYSTONE_URL,request=request) user.identifier=email if user!=None and user.is_active: login(request,user) return redirect(request.session.get('next','/project')) #create unregistered user if user is not authorized in keystone, #and redirect user to apply page except KeystoneAuthException: user=UnregisteredUser('OpenId',email) from tukey.webforms.views import osdc_apply return osdc_apply(request, user) else: return render(request,'403.html',{},status=403)
def login_complete(request, redirect_field_name=REDIRECT_FIELD_NAME, render_failure=None): redirect_to = request.REQUEST.get(redirect_field_name, '') render_failure = render_failure or \ getattr(settings, 'OPENID_RENDER_FAILURE', None) or \ default_render_failure openid_response = parse_openid_response(request) if not openid_response: return HttpResponseRedirect(sanitise_redirect_url(redirect_to)) if openid_response.status == SUCCESS: try: user = authenticate(openid_response=openid_response) except DjangoOpenIDException: return HttpResponseRedirect(sanitise_redirect_url(redirect_to)) if user is not None: if user.is_active: auth_login(request, user) response = HttpResponseRedirect( sanitise_redirect_url(redirect_to)) # Notify any listeners that we successfully logged in. openid_login_complete.send(sender=UserOpenID, request=request, user=user, openid_response=openid_response) return response else: if "next" in request.POST: return HttpResponseRedirect( "/Shibboleth.sso/Login?%s" % urlencode({ "entityID": request.POST.get("entityid", ""), "target": request.POST.get("next", default="/project/") })) from tukey.webforms.views import osdc_apply return osdc_apply(request, user) return HttpResponseRedirect(sanitise_redirect_url(redirect_to))
def login_complete(request, redirect_field_name=REDIRECT_FIELD_NAME, render_failure=None): redirect_to = request.REQUEST.get(redirect_field_name, '') render_failure = render_failure or \ getattr(settings, 'OPENID_RENDER_FAILURE', None) or \ default_render_failure openid_response = parse_openid_response(request) if not openid_response: return HttpResponseRedirect(sanitise_redirect_url(redirect_to)) if openid_response.status == SUCCESS: try: user = authenticate(openid_response=openid_response) except DjangoOpenIDException: return HttpResponseRedirect(sanitise_redirect_url(redirect_to)) if user is not None: if user.is_active: auth_login(request, user) response = HttpResponseRedirect(sanitise_redirect_url(redirect_to)) # Notify any listeners that we successfully logged in. openid_login_complete.send(sender=UserOpenID, request=request, user=user, openid_response=openid_response) return response else: if "next" in request.POST: return HttpResponseRedirect( "/Shibboleth.sso/Login?%s" % urlencode( {"entityID": request.POST.get("entityid", ""), "target": request.POST.get("next", default="/project/")} ) ) from tukey.webforms.views import osdc_apply return osdc_apply(request, user) return HttpResponseRedirect(sanitise_redirect_url(redirect_to))