def test_build_backend_social_auth_5(self):
social_django = MagicMock()
sys.modules["social_django"] = social_django
sys.modules["social_django.utils"] = social_django.utils
del social_django.utils.BACKENDS
build_backend()
def keycloak_k_logout(request):
backend = build_backend()
data = backend.parse_incomming_data(request.body.decode('utf-8'))
logger.debug("processing backchannel logout request")
from importlib import import_module
ss = import_module(settings.SESSION_ENGINE).SessionStore()
for session_key in data.get('adapterSessionIds', ()):
logger.debug("removing session {}".format(session_key))
ss.delete(session_key=session_key)
return HttpResponse(status=204)
def oauth_discovery(request):
keycloak_auth_backend = build_backend()
endpoints = {
'flows': [
"Authorization Code Grant",
"Resource Owner Password Credentials Grant"
],
'auth_endpoint':
keycloak_auth_backend.authorization_url(),
'token_endpoint':
keycloak_auth_backend.access_token_url(),
'default_redirect_uri':
get_absolute_reverse_url('oauth.default_redirect_uri', request),
'version':
'2.0',
}
return HttpResponse(json.dumps(endpoints, sort_keys=True),
content_type='application/json; charset=UTF-8')
def logout(request):
external_domain = 'HTTP_ORIGIN' in request.META
# Check if the logout request is originated in a different domain
if external_domain:
origin = request.META['HTTP_ORIGIN']
if origin not in ALLOWED_ORIGINS:
return build_error_response(request, 403, '')
# Force not redirect by using next_page=None
response = wirecloud_logout(request, next_page=None)
response['Access-Control-Allow-Origin'] = origin
response['Access-Control-Allow-Credentials'] = 'true'
return response
elif callable(
request.user.is_authenticated) and request.user.is_authenticated(
) or request.user.is_authenticated is True:
backend = build_backend()
next_page = str(
getattr(settings, 'LOGOUT_REDIRECT_URL',
get_absolute_reverse_url('wirecloud.root', request)))
if REDIRECT_FIELD_NAME in request.GET:
url_next_page = request.GET.get(REDIRECT_FIELD_NAME)
url_is_safe = is_safe_url(
url=url_next_page,
allowed_hosts={request.get_host()},
require_https=request.is_secure(),
)
if url_is_safe:
next_page = url_next_page
keycloak_logout_url = backend.end_session_url(
) + '?redirect_uri=' + quote(request.build_absolute_uri(next_page))
request.GET = {}
return wirecloud_logout(request, next_page=keycloak_logout_url)
else:
return wirecloud_logout(request)
def test_build_backend_social_auth_4(self):
social_django = MagicMock()
sys.modules["social_django"] = social_django
sys.modules["social_django.utils"] = social_django.utils
build_backend()
# along with Wirecloud. If not, see <http://www.gnu.org/licenses/>.
import os
from django.conf import settings
from django.conf.urls import url
from django.utils.translation import ugettext_lazy as _
from django.views.decorators.cache import cache_page
from wirecloud.keycloak.utils import build_version_hash, build_backend, get_social_auth_model
from wirecloud.platform.plugins import WirecloudPlugin
get_version_hash = build_version_hash()
try:
KEYCLOAK_SOCIAL_AUTH_BACKEND = build_backend()
IDM_SUPPORT_ENABLED = 'wirecloud.keycloak' in settings.INSTALLED_APPS and 'social_django' in settings.INSTALLED_APPS \
and getattr(settings, 'SOCIAL_AUTH_KEYCLOAK_KEY', None) is not None and getattr(settings, 'SOCIAL_AUTH_KEYCLOAK_SECRET', None) is not None
except:
IDM_SUPPORT_ENABLED = False
def auth_keycloak_token(auth_type, token):
UserSocialAuth = get_social_auth_model()
user_data = KEYCLOAK_SOCIAL_AUTH_BACKEND.user_data(token)
return UserSocialAuth.objects.get(provider='keycloak',
uid=user_data['username']).user