def refresh_user_course_permissions(user): """ Refresh user course permissions from the auth server. Arguments user (User) -- User whose permissions should be refreshed """ backend = EdXOpenIdConnect(strategy=load_strategy()) user_social_auth = user.social_auth.filter(provider=backend.name).first() if not user_social_auth: raise UserNotAssociatedWithBackendError access_token = user_social_auth.extra_data.get('access_token') if not access_token: raise InvalidAccessTokenError courses = _get_user_courses(access_token, backend) # If the backend does not provide course permissions, assign no permissions and log a warning as there may be an # issue with the backend provider. if not courses: logger.warning('Authorization server did not return course permissions. Defaulting to no course access.') courses = [] set_user_course_permissions(user, courses) return courses
def refresh_user_course_permissions(user): """ Refresh user course permissions from the auth server. Arguments user (User) -- User whose permissions should be refreshed """ backend = EdXOpenIdConnect(strategy=load_strategy()) user_social_auth = user.social_auth.filter(provider=backend.name).first() if not user_social_auth: raise UserNotAssociatedWithBackendError access_token = user_social_auth.extra_data.get('access_token') if not access_token: raise InvalidAccessTokenError courses = _get_user_courses(access_token, backend) # If the backend does not provide course permissions, assign no permissions and log a warning as there may be an # issue with the backend provider. if not courses: logger.warning( 'Authorization server did not return course permissions. Defaulting to no course access.' ) courses = [] set_user_course_permissions(user, courses) return courses
def create(self, request, *args, **kwargs): """ Override `create` instead of `perform_create` to access request request is necessary for `load_strategy` """ serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) provider = request.data['provider'] # If this request was made with an authenticated user, try to associate this social account with it authed_user = request.user if not request.user.is_anonymous() else None strategy = load_strategy(request) backend = load_backend(strategy=strategy, name=provider, redirect_uri=None) if isinstance(backend, BaseOAuth1): token = { 'oauth_token': request.data['access_token'], 'oauth_token_secret': request.data['access_token_secret'], } elif isinstance(backend, BaseOAuth2): token = request.data['access_token'] try: user = backend.do_auth(token, user=authed_user) except AuthAlreadyAssociated: return Response({"errors": "That social media account is already in use"}, status=status.HTTP_400_BAD_REQUEST) if user and user.is_active: # if the access token was set to an empty string, then save the access token from the request auth_created = user.social_auth.get(provider=provider) if not auth_created.extra_data['access_token']: auth_created.extra_data['access_token'] = token auth_created.save() # Allow client to send up password to complete auth flow if not authed_user and 'password' in request.data: password = base64.decodestring(request.data['password']) user.set_password(password) user.save() # Set instance since we are not calling `serializer.save()` serializer.instance = user headers = self.get_success_headers(serializer.data) return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers) else: return Response({"errors": "Error with social authentication"}, status=status.HTTP_400_BAD_REQUEST)
def obj_create(self, bundle, request=None, **kwargs): provider = bundle.data['provider'] access_token = bundle.data['access_token'] # If this request was made with an authenticated user, try to associate this social account with it user = bundle.request.user if not bundle.request.user.is_anonymous() else None strategy = load_strategy(backend=provider) # backend = get_backend(settings.AUTHENTICATION_BACKENDS, provider) user = strategy.backend.do_auth(access_token, user=user) if user and user.is_active: bundle.obj = user return bundle else: raise BadRequest("Error authenticating token")
def obj_create(self, bundle, request=None, **kwargs): provider = bundle.data['provider'] access_token = bundle.data['access_token'] # If this request was made with an authenticated user, try to associate this social account with it user = bundle.request.user if not bundle.request.user.is_anonymous( ) else None strategy = load_strategy(backend=provider) # backend = get_backend(settings.AUTHENTICATION_BACKENDS, provider) user = strategy.backend.do_auth(access_token, user=user) if user and user.is_active: bundle.obj = user return bundle else: raise BadRequest("Error authenticating token")