def get_context_data(self, **kwargs): from allauth.utils import get_request_param ret = super().get_context_data() redirect_field_value = get_request_param(self.request, self.redirect_field_name) ret['redirect_field_name'] = self.redirect_field_name ret['redirect_field_value'] = get_request_param(self.request, self.redirect_field_name) return ret
def get_context_data(self, **kwargs): context = super(BrowseView, self).get_context_data(**kwargs) query = get_request_param(self.request, 'query', default='') mech_id = get_request_param(self.request, 'mech_id', default='') skill = get_request_param(self.request, 'skill', default='') context['query'] = query context['mech_id'] = mech_id context['skill'] = skill context['skillChoice'] = SkillChoice.objects.all() return context
def get_context_data(self, **kwargs): context = super(FolderMixinOverride, self).get_context_data(**kwargs) p = Paginator(context['pm_messages'], 25) page = get_request_param(self.request, 'page', default='1') order_by = (get_request_param(self.request, 'o', None)) try: context.update({'pm_messages': p.page(page), 'paginator': p, 'order_by': order_by}) except PageNotAnInteger: context.update({'pm_messages': p.page(1), 'paginator': p, 'order_by': order_by}) except EmptyPage: context.update({'pm_messages': p.page(p.num_pages), 'paginator': p, 'order_by': order_by}) return context
def get_context_data(self, **kwargs): context = super(BrowseRequestsView, self).get_context_data(**kwargs) try: query_default = str(self.request.user.location.latitude) + ',' + str(self.request.user.location.longitude) except Exception: query_default = '' query = get_request_param(self.request, 'query', default=query_default) request_id = get_request_param(self.request, 'request_id', default='') skill = get_request_param(self.request, 'skill', default='') context['query'] = query context['request_id'] = request_id context['skill'] = skill context['skillChoice'] = SkillChoice.objects.all() return context
def dispatch(self, request, *args, **kwargs): auth_error = get_request_param(request, "error") code = get_request_param(request, "code") if auth_error or not code: # Distinguish cancel from error if auth_error == self.adapter.login_cancelled_error: error = AuthError.CANCELLED else: error = AuthError.UNKNOWN return render_authentication_error(request, self.adapter.provider_id, error=error) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(self.request, app) try: token_data = self.adapter.get_access_token_data(self.request, app=app, client=client) token = self.adapter.parse_token(data=token_data) token.app = app login = self.adapter.complete_login(request, app, token, response=token_data) login.token = token state = get_request_param(request, "state") if self.adapter.supports_state: login.state = SocialLogin.verify_and_unstash_state( request, state) else: login.state = SocialLogin.unstash_state(request) return complete_social_login(request, login) except ( PermissionDenied, OAuth2Error, RequestException, ProviderException, ) as e: return render_authentication_error(request, self.adapter.provider_id, exception=e)
def get_context_data(self, **kwargs): context = super(AjaxVerifyPinView, self).get_context_data(**kwargs) redirect_field_value = get_request_param(self.request, self.redirect_field_name) if 'mechanic' in self.kwargs: context['mechanic'] = self.kwargs['mechanic'] context.update({"redirect_field_name": self.redirect_field_name, "redirect_field_value": redirect_field_value}) return context
def dispatch(self, request, *args, **kwargs): verifier = get_request_param(request, "state") logger.info( "Dispatching OAuth callback", extra={"tag": "oauth", "context": {"verifier": verifier}}, ) return super().dispatch(request, *args, **kwargs)
def provider_login_url(context, provider_id, **params): """ {{ provider_login_url("github", next="/some/url") }} {{ provider_login_url("persona", next="/some/other/url") }} """ request = context['request'] provider = providers.registry.by_id(provider_id) auth_params = params.get('auth_params', None) scope = params.get('scope', None) process = params.get('process', None) if scope is '': del params['scope'] if auth_params is '': del params['auth_params'] if 'next' not in params: next = get_request_param(request, 'next') if next: params['next'] = next elif process == 'redirect': params['next'] = request.get_full_path() else: if not params['next']: del params['next'] # get the login url and append params as url parameters return Markup(provider.get_login_url(request, **params))
def provider_login_url(request, provider_id=settings.AUTHENTICATION_METHOD, **query): """ This function adapts the django-allauth templatetags that don't support jinja2. @TODO: land support for the jinja2 tags in the django-allauth. """ provider = providers.registry.by_id(provider_id) auth_params = query.get("auth_params", None) process = query.get("process", None) if auth_params == "": del query["auth_params"] if "next" not in query: next_ = get_request_param(request, "next") if next_: query["next"] = next_ elif process == "redirect": query["next"] = request.get_full_path() else: if not query["next"]: del query["next"] return provider.get_login_url(request, **query)
def render(self, context): provider_id = self.provider_id_var.resolve(context) request = context.get('request') if not request: try: request = getattr(context, 'request') except AttributeError: raise RuntimeError('Can\'t get request from context!') provider = providers.registry.by_id(provider_id, request) query = dict([(str(name), var.resolve(context)) for name, var in self.params.items()]) auth_params = query.get('auth_params', None) scope = query.get('scope', None) process = query.get('process', None) if scope == '': del query['scope'] if auth_params == '': del query['auth_params'] if 'next' not in query: next = get_request_param(request, 'next') if next: query['next'] = next elif process == 'redirect': query['next'] = request.get_full_path() else: if not query['next']: del query['next'] # get the login url and append query as url parameters return provider.get_login_url(request, **query)
def get_context_data(self, **kwargs): ret = super(SignupView, self).get_context_data(**kwargs) form = ret["form"] email = self.request.session.get("account_verified_email") if email: email_keys = ["email"] if app_settings.SIGNUP_EMAIL_ENTER_TWICE: email_keys.append("email2") for email_key in email_keys: form.fields[email_key].initial = email login_url = passthrough_next_redirect_url( self.request, reverse("account_login"), self.redirect_field_name ) redirect_field_name = self.redirect_field_name site = get_current_site(self.request) redirect_field_value = get_request_param(self.request, redirect_field_name) ret.update( { "login_url": login_url, "redirect_field_name": redirect_field_name, "redirect_field_value": redirect_field_value, "site": site, } ) return ret
def provider_login_url(context, provider_id, **params): """ {{ provider_login_url("github", next="/some/url") }} {{ provider_login_url("persona", next="/some/other/url") }} """ request = context["request"] provider = providers.registry.by_id(provider_id) auth_params = params.get("auth_params", None) scope = params.get("scope", None) process = params.get("process", None) if scope is "": del params["scope"] if auth_params is "": del params["auth_params"] if "next" not in params: next = get_request_param(request, "next") if next: params["next"] = next elif process == "redirect": params["next"] = request.get_full_path() else: if not params["next"]: del params["next"] # get the login url and append params as url parameters return Markup(provider.get_login_url(request, **params))
def dispatch(self, request): if 'error' in request.GET or 'code' not in request.GET: # Distinguish cancel from error auth_error = request.GET.get('error', None) if auth_error == self.adapter.login_cancelled_error: error = AuthError.CANCELLED else: error = AuthError.UNKNOWN return render_authentication_error(request, self.adapter.provider_id, error=error) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(request, app) try: access_token = client.get_access_token(request.GET['code']) token = self.adapter.parse_token(access_token) token.app = app login = self.adapter.complete_login(request, app, token, response=access_token) login.token = token if self.adapter.supports_state: login.state = SocialLogin \ .verify_and_unstash_state( request, get_request_param(request, 'state')) else: login.state = SocialLogin.unstash_state(request) return complete_social_login(request, login) except (PermissionDenied, OAuth2Error) as e: return render_authentication_error(request, self.adapter.provider_id, exception=e)
def get_access_token(self): """ Obtain the access token to access private resources at the API endpoint. """ if self.access_token is None: request_token = self._get_rt_from_session() oauth = OAuth1( self.consumer_key, client_secret=self.consumer_secret, resource_owner_key=request_token['oauth_token'], resource_owner_secret=request_token['oauth_token_secret']) at_url = self.access_token_url # Passing along oauth_verifier is required according to: # http://groups.google.com/group/twitter-development-talk/browse_frm/thread/472500cfe9e7cdb9# # Though, the custom oauth_callback seems to work without it? oauth_verifier = get_request_param(self.request, 'oauth_verifier') if oauth_verifier: at_url = at_url + '?' + urlencode( {'oauth_verifier': oauth_verifier}) response = requests.post(url=at_url, auth=oauth) if response.status_code not in [200, 201]: raise OAuthError( _('Invalid response while obtaining access token' ' from "%s".') % get_token_prefix( self.request_token_url)) self.access_token = dict(parse_qsl(response.text)) self.request.session['oauth_%s_access_token' % get_token_prefix( self.request_token_url)] = self.access_token return self.access_token
def get_object(self, queryset=None): pk = '' if self.request.method == 'POST': pk = self.request.POST.get('pk') if self.request.method == 'GET': pk = get_request_param(self.request, 'pk') return PostAJob.objects.get(pk=pk)
def provider_login_url(context, provider_id, **kwargs): provider = providers.registry.by_id(provider_id) query = kwargs request = context['request'] auth_params = query.get('auth_params', None) scope = query.get('scope', None) process = query.get('process', None) if not scope and 'scope' in query: del query['scope'] if not process and 'process' in query: del query['process'] if not auth_params and 'auth_params' in query: del query['auth_params'] if 'next' not in query: _next = get_request_param(request, 'next') if _next: query['next'] = _next elif process == 'redirect': query['next'] = request.get_full_path() else: if not query['next']: del query['next'] return provider.get_login_url(request, **query)
def get_access_token(self): """ Obtain the access token to access private resources at the API endpoint. """ if self.access_token is None: request_token = self._get_rt_from_session() oauth = OAuth1( self.consumer_key, client_secret=self.consumer_secret, resource_owner_key=request_token['oauth_token'], resource_owner_secret=request_token['oauth_token_secret']) at_url = self.access_token_url # Passing along oauth_verifier is required according to: # http://groups.google.com/group/twitter-development-talk/browse_frm/thread/472500cfe9e7cdb9# # Though, the custom oauth_callback seems to work without it? oauth_verifier = get_request_param(self.request, 'oauth_verifier') if oauth_verifier: at_url = at_url + '?' + urlencode( {'oauth_verifier': oauth_verifier}) response = requests.post(url=at_url, auth=oauth) if response.status_code not in [200, 201]: raise OAuthError( _('Invalid response while obtaining access token' ' from "%s".') % get_token_prefix(self.request_token_url)) self.access_token = dict(parse_qsl(response.text)) self.request.session['oauth_%s_access_token' % get_token_prefix( self.request_token_url)] = self.access_token return self.access_token
def render(self, context): provider_id = self.provider_id_var.resolve(context) try: request = context['request'] except KeyError: request = context.request provider = providers.registry.by_id(provider_id, request) query = dict([(str(name), var.resolve(context)) for name, var in self.params.items()]) auth_params = query.get('auth_params', None) scope = query.get('scope', None) process = query.get('process', None) if scope is '': del query['scope'] if auth_params is '': del query['auth_params'] if 'next' not in query: next = get_request_param(request, 'next') if next: query['next'] = next elif process == 'redirect': query['next'] = request.get_full_path() else: if not query['next']: del query['next'] # get the login url and append query as url parameters return provider.get_login_url(request, **query)
def render(self, context): provider_id = self.provider_id_var.resolve(context) request = context['request'] provider_factory = providers.registry.by_id(provider_id) provider = provider_factory.create_provider(request) query = dict([(str(name), var.resolve(context)) for name, var in self.params.items()]) auth_params = query.get('auth_params', None) scope = query.get('scope', None) process = query.get('process', None) if scope is '': del query['scope'] if auth_params is '': del query['auth_params'] if 'next' not in query: next = get_request_param(request, 'next') if next: query['next'] = next elif process == 'redirect': query['next'] = request.get_full_path() else: if not query['next']: del query['next'] # get the login url and append query as url parameters return provider.get_login_url(request, **query)
def get_context_data(self, **kwargs): context = super(ProfileWizardView, self).get_context_data(**kwargs) page = get_request_param(self.request, self.page_field_name, default='1') # there are 2 forms in page2, one for job history and one for skills. the job history is the default # and the 2nd form has to be added and initialized separately if page == '2': context['form2'] = ProfileWizardForm2Skills(**self.get_form_kwargs()) return context
def get_form_kwargs(self): kwargs = super(ReviewView, self).get_form_kwargs() if self.request.method == 'POST': post = kwargs['data'].copy() # self.request.POST is immutable post['mechanic'] = get_user_model().objects.get(name=get_request_param(self.request, 'mech_id')).pk post['user'] = self.request.user.pk kwargs['data'] = post return kwargs
def get_form_class(self): page = get_request_param(self.request, self.page_field_name, default='1') forms = {'1': ProfileWizardForm1, '2': ProfileWizardForm2JobHistory, '3': ProfileWizardForm3, '4': ProfileWizardForm4, '5': ProfileWizardForm5} for i in ('1', '2', '3', '4', '5'): if page == i: return forms[i] return ProfileWizardForm1
def assign_cart_and_redirect_view(request): find_and_assign_anonymous_cart(request) redirect_to = get_request_param(request, "next") if redirect_to is None: redirect_to = '/' response = HttpResponseRedirect(redirect_to) response.delete_cookie(Cart.COOKIE_NAME) return response
def get_context_data(self, **kwargs): ctx = super().get_context_data(**kwargs) redirect_field_value = get_request_param(self.request, self.redirect_field_name) ctx.update( redirect_field_name=self.redirect_field_name, redirect_field_value=redirect_field_value, ) return ctx
def get_next_redirect_url(request, redirect_field_name="next"): """ Returns the next URL to redirect to, if it was explicitly passed via the request. """ redirect_to = get_request_param(request, redirect_field_name) if not get_adapter(request).is_safe_url(redirect_to): redirect_to = None return redirect_to
def post(self, request, *args, **kwargs): if request.user.userprofile.is_mechanic: return redirect(reverse_lazy('browse')) if request.user.userprofile.review_points <= 0: return redirect(reverse_lazy('browse')) mechanic = get_user_model().objects.get(name=get_request_param(self.request, 'mech_id')).pk reviewed = Review.objects.filter(user=self.request.user, mechanic=mechanic) if reviewed: return redirect(reverse_lazy('browse')) return super(ReviewView, self).post(request, *args, **kwargs)
def login_url(context, **params): """ Redirects to the signup landing page. """ request = context["request"] next = (params.get("next") or get_request_param(request, "next") or request.get_full_path()) url = reverse("socialaccount_signin") url += f"?{urlencode({'next': next})}" return Markup(url)
def get_context_data(self, **kwargs): ctx = kwargs redirect_field_value = get_request_param(self.request, self.redirect_field_name) ctx.update( { "redirect_field_name": self.redirect_field_name, "redirect_field_value": redirect_field_value, } ) return ctx
def get_access_token_data(self, request, app, client): """ We need to gather the info from the apple specific login """ add_apple_session(request) # Exchange `code` code = get_request_param(request, "code") access_token_data = client.get_access_token(code) return { **access_token_data, **self.get_user_scope_data(request), "id_token": request.apple_login_session.get("id_token") }
def get_context_data(self, **kwargs): context = super(ReviewView, self).get_context_data(**kwargs) if self.request.user.userprofile.is_mechanic: context['is_mechanic'] = True return context if self.request.user.userprofile.review_points <= 0: context['no_points'] = True return context mechanic = get_user_model().objects.get(name=get_request_param(self.request, 'mech_id')).pk reviewed = Review.objects.filter(user=self.request.user, mechanic=mechanic) if reviewed: context['reviewed'] = True return context recipient = get_request_param(self.request, 'mech_id') if recipient: try: context['mech_id'] = recipient context['name'] = UserProfile.objects.get(user__name=recipient).name context['thumb'] = UserProfile.objects.get(user__name=recipient).avatar_thumbnail.url except Exception: pass return context
def apple_post_callback(request, finish_endpoint_name="apple_finish_callback"): """ Apple uses a `form_post` response type, which due to CORS/Samesite-cookie rules means this request cannot access the request since the session cookie is unavailable. We work around this by storing the apple response in a separate, temporary session and redirecting to a more normal oauth flow. args: finish_endpoint_name (str): The name of a defined URL, which can be overridden in your url configuration if you have more than one callback endpoint. """ if request.method != "POST": raise HttpResponseNotAllowed(["POST"]) add_apple_session(request) # Add regular OAuth2 params to the URL - reduces the overrides required keys_to_put_in_url = ["code", "state", "error"] url_params = {} for key in keys_to_put_in_url: value = get_request_param(request, key, "") if value: url_params[key] = value # Add other params to the apple_login_session keys_to_save_to_session = ["user", "id_token"] for key in keys_to_save_to_session: request.apple_login_session[key] = get_request_param(request, key, "") url = build_absolute_uri(request, reverse(finish_endpoint_name)) response = HttpResponseRedirect( "{url}?{query}".format(url=url, query=urlencode(url_params)) ) persist_apple_session(request, response) return response
def get(self, request, *args, **kwargs): try: provider = next(provider for provider in providers.registry.get_list() if type(provider) == EdxProvider) param_next = get_request_param(request, "next") query = {'next': param_next} url = provider.get_login_url(request, **query) return redirect(url) except StopIteration: return HttpResponse('Provider is not configured. Contact Admin.')
def get_context_data(self, **kwargs): ret = super(SocialLoginView, self).get_context_data(**kwargs) signup_url = passthrough_next_redirect_url(self.request, reverse("account_signup"), self.redirect_field_name) redirect_field_value = get_request_param(self.request, self.redirect_field_name) site = get_current_site(self.request) ret.update({"signup_url": signup_url, "site": site, "redirect_field_name": self.redirect_field_name, "redirect_field_value": redirect_field_value}) return ret
def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) context['DEBUG'] = settings.DEBUG context['CATMAID_URL'] = settings.CATMAID_URL context['COOKIE_SUFFIX'] = settings.COOKIE_SUFFIX context['COMPRESSED_FILE_IDS'] = settings.COMPRESSED_FILE_IDS context['NON_COMPRESSED_FILES'] = settings.NON_COMPRESSED_FILES context['STYLESHEET_IDS'] = settings.STYLESHEET_IDS context['STATIC_EXTENSION_URL'] = settings.STATIC_EXTENSION_URL context['STATIC_EXTENSION_FILES'] = settings.STATIC_EXTENSION_FILES context['HISTORY_TRACKING'] = settings.HISTORY_TRACKING context[ 'USER_REGISTRATION_ALLOWED'] = settings.USER_REGISTRATION_ALLOWED context['EXPAND_FRONTEND_ERRORS'] = getattr(settings, 'EXPAND_FRONTEND_ERRORS', False) extension_config = {} for ie in settings.INSTALLED_EXTENSIONS: try: app = apps.get_app_config(ie) if hasattr(app, 'get_config'): extension_config[ie] = app.get_config() else: extension_config[ie] = {} except: pass context['EXTENSION_CONFIG'] = json.dumps(extension_config) # Extra authentication provided through allauth. The login URL is # basically constructed like in the allauth templatetags. extra_auth_config = {} site = get_current_site(self.request) query = {} next = get_request_param(self.request, 'next') if next: query['next'] = next for sapp in site.socialapp_set.all(): provider = providers.registry.by_id(sapp.provider, self.request) extra_auth_config[sapp.provider] = { 'name': provider.name, 'login_url': provider.get_login_url(self.request, **query), } context['EXTRA_AUTH_CONFIG'] = json.dumps(extra_auth_config) profile_context = self.request.user.userprofile.as_dict() context.update(profile_context) return context
def dispatch(self, request, *args, **kwargs): if 'error' in request.GET or 'code' not in request.GET: # Distinguish cancel from error auth_error = request.GET.get('error', None) if auth_error == self.adapter.login_cancelled_error: error = AuthError.CANCELLED else: error = AuthError.UNKNOWN return render_authentication_error( request, self.adapter.provider_id, error=error) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(request, app) try: access_token = client.get_access_token(request.GET['code']) token = self.adapter.parse_token(access_token) token.app = app login = self.adapter.complete_login(request, app, token, response=access_token) login.token = token if self.adapter.supports_state: login.state = SocialLogin \ .verify_and_unstash_state( request, get_request_param(request, 'state')) else: login.state = SocialLogin.unstash_state(request) return complete_social_login(request, login) except (PermissionDenied, OAuth2Error, RequestException, ProviderException) as e: if isinstance(e, PermissionDenied) or isinstance(e, OAuth2Error): # One of these errors are raised when a user authenticated through dataporten # uses the browser back button. Simply redirect to ``/``. return HttpResponseRedirect('/') return render_authentication_error( request, self.adapter.provider_id, exception=e)
def dispatch(self, request): if 'error' in request.GET or 'code' not in request.GET: # Distinguish cancel from error auth_error = request.GET.get('error', None) if auth_error == self.adapter.login_cancelled_error: error = AuthError.CANCELLED else: error = AuthError.UNKNOWN return render_authentication_error( request, self.adapter.provider_id, error=error) app = self.adapter.get_provider().get_app(self.request) client = self.get_client(request, app) try: access_token = client.get_access_token(request.GET['code']) token = self.adapter.parse_token(access_token) token.app = app login = self.adapter.complete_login(request, app, token, response=access_token) login.token = token if self.adapter.supports_state: login.state = SocialLogin \ .verify_and_unstash_state( request, get_request_param(request, 'state')) else: login.state = SocialLogin.unstash_state(request) return complete_social_login(request, login) except (PermissionDenied, OAuth2Error, RequestException, ProviderException) as e: return render_authentication_error( request, self.adapter.provider_id, exception=e)
def provider_login_url(request, provider_id='fxa', **query): """ This function adapts the django-allauth templatetags that don't support jinja2. @TODO: land support for the jinja2 tags in the django-allauth. """ provider = providers.registry.by_id(provider_id) auth_params = query.get('auth_params', None) query['scope'] = 'profile:uid profile:email profile:display_name' process = query.get('process', None) if auth_params == '': del query['auth_params'] if 'next' not in query: next_ = get_request_param(request, 'next') if next_: query['next'] = next_ elif process == 'redirect': query['next'] = request.get_full_path() else: if not query['next']: del query['next'] return provider.get_login_url(request, **query)