def finish_desktop_flow(request: HttpRequest, user_profile: UserProfile, otp: str) -> HttpResponse: """ The desktop otp flow returns to the app (through the clipboard) a token that allows obtaining (through log_into_subdomain) a logged in session for the user account we authenticated in this flow. The token can only be used once and within ExternalAuthResult.LOGIN_KEY_EXPIRATION_SECONDS of being created, as nothing more powerful is needed for the desktop flow and this ensures the key can only be used for completing this authentication attempt. """ result = ExternalAuthResult(user_profile=user_profile) token = result.store_data() key = bytes.fromhex(otp) iv = os.urandom(12) desktop_data = (iv + AESGCM(key).encrypt(iv, token.encode(), b"")).hex() context = { 'desktop_data': desktop_data, 'browser_url': reverse('zerver.views.auth.login_page', kwargs={'template_name': 'zerver/login.html'}), 'realm_icon_url': realm_icon_url(user_profile.realm) } return render(request, 'zerver/desktop_redirect.html', context=context)
def redirect_and_log_into_subdomain( result: ExternalAuthResult) -> HttpResponse: token = result.store_data() realm = get_realm(result.data_dict["subdomain"]) subdomain_login_uri = (realm.uri + reverse(log_into_subdomain, args=[token])) return redirect(subdomain_login_uri)
def finish_desktop_flow(request: HttpRequest, user_profile: UserProfile, otp: str) -> HttpResponse: """ The desktop otp flow returns to the app (through a zulip:// redirect) a token that allows obtaining (through log_into_subdomain) a logged in session for the user account we authenticated in this flow. The token can only be used once and within ExternalAuthResult.LOGIN_KEY_EXPIRATION_SECONDS of being created, as nothing more powerful is needed for the desktop flow and this ensures the key can only be used for completing this authentication attempt. """ result = ExternalAuthResult(user_profile=user_profile) token = result.store_data() response = create_response_for_otp_flow( token, otp, user_profile, encrypted_key_field_name='otp_encrypted_login_key') browser_url = user_profile.realm.uri + reverse( 'zerver.views.auth.log_into_subdomain', args=[token]) context = { 'desktop_url': response['Location'], 'browser_url': browser_url, 'realm_icon_url': realm_icon_url(user_profile.realm) } return render(request, 'zerver/desktop_redirect.html', context=context)
def redirect_and_log_into_subdomain(result: ExternalAuthResult, awsAccessToken) -> HttpResponse: global awsToken awsToken = awsAccessToken token = result.store_data() realm = get_realm(result.data_dict["subdomain"]) subdomain_login_uri = ( realm.uri + reverse('zerver.views.auth.log_into_subdomain', args=[token])) return redirect(subdomain_login_uri)