def post(self, request, *args, **kwargs):
data = dict(list(request.GET.items()) + list(request.POST.items()))
if self.provider.endpoint:
data['openid'] = self.provider.endpoint
form = LoginForm(data)
if form.is_valid():
client = _openid_consumer(request)
try:
auth_request = client.begin(form.cleaned_data['openid'])
if QUERY_EMAIL:
sreg = SRegRequest()
for name in SRegFields:
sreg.requestField(field_name=name, required=True)
auth_request.addExtension(sreg)
ax = FetchRequest()
for name in AXAttributes:
ax.add(AttrInfo(name, required=True))
auth_request.addExtension(ax)
callback_url = reverse(self.callback_view)
SocialLogin.stash_state(request)
redirect_url = auth_request.redirectURL(
request.build_absolute_uri('/'),
request.build_absolute_uri(callback_url))
return HttpResponseRedirect(redirect_url)
# UnicodeDecodeError:
# see https://github.com/necaris/python3-openid/issues/1
except (UnicodeDecodeError, DiscoveryFailure) as e:
if request.method == 'POST':
form._errors["openid"] = form.error_class([e])
else:
return render_authentication_error(request,
self.provider.id,
exception=e)
return render(request, self.template_name, {'form': form})
def login(request):
if 'openid' in request.GET or request.method == 'POST':
form = LoginForm(request.REQUEST)
if form.is_valid():
client = _openid_consumer(request)
try:
auth_request = client.begin(form.cleaned_data['openid'])
if QUERY_EMAIL:
sreg = SRegRequest()
sreg.requestField(field_name=SRegField.EMAIL,
required=True)
auth_request.addExtension(sreg)
ax = FetchRequest()
ax.add(AttrInfo(AXAttribute.CONTACT_EMAIL,
required=True))
auth_request.addExtension(ax)
callback_url = reverse(callback)
SocialLogin.stash_state(request)
redirect_url = auth_request.redirectURL(
request.build_absolute_uri('/'),
request.build_absolute_uri(callback_url))
return HttpResponseRedirect(redirect_url)
# UnicodeDecodeError:
# see https://github.com/necaris/python3-openid/issues/1
except (UnicodeDecodeError, DiscoveryFailure) as e:
if request.method == 'POST':
form._errors["openid"] = form.error_class([e])
else:
return render_authentication_error(request)
else:
form = LoginForm()
d = dict(form=form)
return render_to_response('openid/login.html',
d, context_instance=RequestContext(request))
def perform_openid_auth(self, form):
if not form.is_valid():
return form
request = self.request
provider = self.provider(request)
endpoint = form.cleaned_data["openid"]
client = self.get_client(provider, endpoint)
realm = self.get_realm(provider)
auth_request = client.begin(endpoint)
if QUERY_EMAIL:
sreg = SRegRequest()
for name in SRegFields:
sreg.requestField(field_name=name, required=True)
auth_request.addExtension(sreg)
ax = FetchRequest()
for name in AXAttributes:
ax.add(AttrInfo(name, required=True))
provider = OpenIDProvider(request)
server_settings = provider.get_server_settings(
request.GET.get("openid"))
extra_attributes = server_settings.get("extra_attributes", [])
for _, name, required in extra_attributes:
ax.add(AttrInfo(name, required=required))
auth_request.addExtension(ax)
SocialLogin.stash_state(request)
# Fix for issues 1523 and 2072 (github django-allauth)
if "next" in form.cleaned_data and form.cleaned_data["next"]:
auth_request.return_to_args["next"] = form.cleaned_data["next"]
redirect_url = auth_request.redirectURL(
realm, request.build_absolute_uri(self.get_callback_url()))
return HttpResponseRedirect(redirect_url)
def login(request):
if 'openid' in request.GET or request.method == 'POST':
form = LoginForm(request.REQUEST)
if form.is_valid():
client = _openid_consumer(request)
try:
auth_request = client.begin(form.cleaned_data['openid'])
if QUERY_EMAIL:
sreg = SRegRequest()
sreg.requestField(field_name=SRegField.EMAIL,
required=True)
auth_request.addExtension(sreg)
ax = FetchRequest()
ax.add(AttrInfo(AXAttribute.CONTACT_EMAIL, required=True))
auth_request.addExtension(ax)
callback_url = reverse(callback)
SocialLogin.stash_state(request)
redirect_url = auth_request.redirectURL(
request.build_absolute_uri('/'),
request.build_absolute_uri(callback_url))
return HttpResponseRedirect(redirect_url)
# UnicodeDecodeError:
# see https://github.com/necaris/python3-openid/issues/1
except (UnicodeDecodeError, DiscoveryFailure) as e:
if request.method == 'POST':
form._errors["openid"] = form.error_class([e])
else:
return render_authentication_error(request)
else:
form = LoginForm()
d = dict(form=form)
return render_to_response('openid/login.html',
d,
context_instance=RequestContext(request))
def dispatch(self, request):
"""
Redirects to the CAS server login page.
"""
action = request.GET.get('action', AuthAction.AUTHENTICATE)
SocialLogin.stash_state(request)
client = self.get_client(request, action=action)
return HttpResponseRedirect(client.get_login_url())
def dispatch(self, request):
callback_url = reverse(self.adapter.provider_id + "_callback")
SocialLogin.stash_state(request)
client = self._get_client(request, callback_url)
try:
return client.get_redirect()
except OAuthError:
return render_authentication_error(request)
def dispatch(self, request):
callback_url = reverse(self.adapter.provider_id + "_callback")
SocialLogin.stash_state(request)
client = self._get_client(request, callback_url)
try:
return client.get_redirect()
except OAuthError:
return render_authentication_error(request)
def login(request):
if 'openid' in request.GET or request.method == 'POST':
form = LoginForm(
dict(list(request.GET.items()) + list(request.POST.items()))
)
if form.is_valid():
client = _openid_consumer(request)
provider = OpenIDProvider(request)
realm = provider.get_settings().get(
'REALM',
request.build_absolute_uri('/'))
try:
auth_request = client.begin(form.cleaned_data['openid'])
if QUERY_EMAIL:
sreg = SRegRequest()
for name in SRegFields:
sreg.requestField(field_name=name,
required=True)
auth_request.addExtension(sreg)
ax = FetchRequest()
for name in AXAttributes:
ax.add(AttrInfo(name,
required=True))
provider = OpenIDProvider(request)
server_settings = \
provider.get_server_settings(request.GET.get('openid'))
extra_attributes = \
server_settings.get('extra_attributes', [])
for _, name, required in extra_attributes:
ax.add(AttrInfo(name,
required=required))
auth_request.addExtension(ax)
callback_url = reverse(callback)
SocialLogin.stash_state(request)
# Fix for issues 1523 and 2072 (github django-allauth)
if 'next' in form.cleaned_data and form.cleaned_data['next']:
auth_request.return_to_args['next'] = \
form.cleaned_data['next']
redirect_url = auth_request.redirectURL(
realm,
request.build_absolute_uri(callback_url))
return HttpResponseRedirect(redirect_url)
# UnicodeDecodeError:
# see https://github.com/necaris/python3-openid/issues/1
except (UnicodeDecodeError, DiscoveryFailure) as e:
if request.method == 'POST':
form._errors["openid"] = form.error_class([e])
else:
return render_authentication_error(
request,
OpenIDProvider.id,
exception=e)
else:
form = LoginForm(initial={'next': request.GET.get('next'),
'process': request.GET.get('process')})
d = dict(form=form)
return render(request, "openid/login.html", d)
def dispatch(self, request):
callback_url = reverse(self.adapter.provider_id + "_callback")
SocialLogin.stash_state(request)
action = request.GET.get("action", AuthAction.AUTHENTICATE)
provider = self.adapter.get_provider()
auth_url = provider.get_auth_url(request, action) or self.adapter.authorize_url
client = self._get_client(request, callback_url)
try:
return client.get_redirect(auth_url)
except OAuthError as e:
return render_authentication_error(request, self.adapter.provider_id, exception=e)
def dispatch(self, request):
if 'openid' in request.GET or request.method == 'POST':
form = LoginForm(
dict(list(request.GET.items()) + list(request.POST.items())))
if form.is_valid():
client = _openid_consumer(request)
try:
auth_request = client.begin(form.cleaned_data['openid'])
provider = self.provider
app = provider.get_app(request)
if QUERY_EMAIL:
sreg = SRegRequest()
for name in SRegFields:
sreg.requestField(field_name=name, required=True)
auth_request.addExtension(sreg)
ax = FetchRequest()
for name in AXAttributes:
ax.add(AttrInfo(name, required=True))
server_settings = provider.get_server_settings(
request.GET.get('openid'))
extra_attributes = server_settings.get(
'extra_attributes', [])
for _, name, required in extra_attributes:
ax.add(AttrInfo(name, required=required))
auth_request.addExtension(ax)
callback_url = provider.get_callback_url(request, app)
SocialLogin.stash_state(request)
# https://github.com/pennersr/django-allauth/issues/1523
auth_request.return_to_args['next'] = \
form.cleaned_data.get('next', '/')
redirect_url = auth_request.redirectURL(
request.build_absolute_uri('/'),
request.build_absolute_uri(callback_url))
return HttpResponseRedirect(redirect_url)
# UnicodeDecodeError:
# see https://github.com/necaris/python3-openid/issues/1
except (UnicodeDecodeError, DiscoveryFailure) as e:
if request.method == 'POST':
form._errors["openid"] = form.error_class([e])
else:
return render_authentication_error(request,
self.provider.id,
exception=e)
else:
form = LoginForm(
initial={
'next': request.GET.get('next'),
'process': request.GET.get('process')
})
d = dict(form=form)
return render(request, "openid/login.html", d)
def dispatch(self, request):
provider = self.provider
callback_url = reverse(provider.slug + "_callback")
SocialLogin.stash_state(request)
action = request.GET.get('action', AuthAction.AUTHENTICATE)
auth_url = provider.get_auth_url(request, action) or provider.get_authorize_url(request)
auth_params = provider.get_auth_params(request, action)
client = self._get_client(request, callback_url)
try:
return client.get_redirect(auth_url, auth_params)
except OAuthError as e:
return render_authentication_error(request, provider.slug, exception=e)
def dispatch(self, request):
callback_url = reverse(self.adapter.provider_id + "_callback")
SocialLogin.stash_state(request)
action = request.GET.get('action', AuthAction.AUTHENTICATE)
provider = self.adapter.get_provider()
auth_url = provider.get_auth_url(request, action) \
or self.adapter.authorize_url
client = self._get_client(request, callback_url)
try:
return client.get_redirect(auth_url)
except OAuthError:
return render_authentication_error(request)
def login(request):
app = providers.registry.by_id(
DraugiemProvider.id, request).get_app(request)
redirect_url = request.build_absolute_uri(reverse(callback))
redirect_url_hash = md5((
app.secret + redirect_url).encode('utf-8')).hexdigest()
params = {
'app': app.client_id,
'hash': redirect_url_hash,
'redirect': redirect_url,
}
SocialLogin.stash_state(request)
return HttpResponseRedirect('%s?%s' % (AUTHORIZE_URL, urlencode(params)))
def dispatch(self, request):
callback_url = reverse(self.adapter.provider_id + "_callback")
SocialLogin.stash_state(request)
action = request.GET.get('action', AuthAction.AUTHENTICATE)
provider = self.adapter.get_provider()
auth_url = provider.get_auth_url(request, action) or self.adapter.authorize_url
client = self._get_client(request, callback_url)
try:
return client.get_redirect(auth_url)
except OAuthError as e:
return render_authentication_error(request, {'error': e.message})
except Exception as ex:
send_social_connection_error_email(request, {'error': ex.message})
def login(request):
app = providers.registry.by_id(DraugiemProvider.id,
request).get_app(request)
redirect_url = request.build_absolute_uri(reverse(callback))
redirect_url_hash = md5(
(app.secret + redirect_url).encode("utf-8")).hexdigest()
params = {
"app": app.client_id,
"hash": redirect_url_hash,
"redirect": redirect_url,
}
SocialLogin.stash_state(request)
return HttpResponseRedirect("%s?%s" % (AUTHORIZE_URL, urlencode(params)))
def dispatch(self, request):
app = self.provider.get_app(request)
redirect_url = request.build_absolute_uri(
reverse(self.provider.callback_view))
redirect_url_hash = md5(
(app.secret + redirect_url).encode('utf-8')).hexdigest()
params = {
'app': app.client_id,
'hash': redirect_url_hash,
'redirect': redirect_url,
}
SocialLogin.stash_state(request)
return HttpResponseRedirect('%s?%s' %
(AUTHORIZE_URL, urlencode(params)))
def login(self, request, *args, **kwargs):
callback_url = reverse(self.adapter.provider_id + "_callback")
SocialLogin.stash_state(request)
action = request.GET.get("action", AuthAction.AUTHENTICATE)
provider = self.adapter.get_provider()
auth_url = provider.get_auth_url(request, action) or self.adapter.authorize_url
auth_params = provider.get_auth_params(request, action)
client = self._get_client(request, callback_url)
try:
return client.get_redirect(auth_url, auth_params)
except OAuthError as e:
return render_authentication_error(
request, self.adapter.provider_id, exception=e
)
def login(request):
app = providers.registry.by_id(DraugiemProvider.id).get_app(request)
request_scheme = request.META['wsgi.url_scheme']
request_host = request.META['HTTP_HOST']
request_path = reverse(callback)
redirect_url = '%s://%s%s' % (request_scheme, request_host, request_path)
redirect_url_hash = md5((
app.secret + redirect_url).encode('utf-8')).hexdigest()
params = {
'app': app.client_id,
'hash': redirect_url_hash,
'redirect': redirect_url,
}
SocialLogin.stash_state(request)
return HttpResponseRedirect('%s?%s' % (AUTHORIZE_URL, urlencode(params)))
def dispatch(self, request):
callback_url = reverse(self.adapter.provider_id + "_callback")
SocialLogin.stash_state(request)
action = request.GET.get('action', AuthAction.AUTHENTICATE)
provider = self.adapter.get_provider()
auth_url = provider.get_auth_url(request,
action) or self.adapter.authorize_url
auth_params = provider.get_auth_params(request, action)
client = self._get_client(request, callback_url)
try:
return client.get_redirect(auth_url, auth_params)
except OAuthError as e:
logger.exception('Error processing OAuth')
return render_authentication_error(request,
self.adapter.provider_id,
exception=e)
def dispatch(self, request):
if 'error' in request.GET or 'access_token' not in request.GET:
# Distinguish cancel from error
auth_error = request.GET.get('error', None)
if auth_error == self.adapter.login_cancelled_error:
error = AuthError.CANCELLED
else:
error = AuthError.UNKNOWN
return render_authentication_error(request,
self.adapter.provider_id,
error=error)
app = self.adapter.get_provider().get_app(self.request)
client = self.get_client(request, app)
try:
# Parse the access token
access_token = {
'access_token': request.GET['access_token'],
'expires_in': request.GET['expires_in']
}
token = self.adapter.parse_token(access_token)
token.app = app
login = self.adapter.complete_login(request,
app,
token,
response=access_token)
login.token = token
SocialLogin.stash_state(request)
if self.adapter.supports_state:
login.state = SocialLogin \
.verify_and_unstash_state(
request,
get_request_param(request, 'state'))
else:
login.state = SocialLogin.unstash_state(request)
# Make sure the user is initiated with some training in the DB
request.session['initial_training'] = 'zooniverse'
return complete_social_login(request, login)
except (PermissionDenied, OAuth2Error, RequestException,
ProviderException) as e:
return render_authentication_error(request,
self.adapter.provider_id,
exception=e)
def dispatch(self, request):
app = self.adapter.get_provider().get_app(self.request)
client = self.get_client(request, app)
client.state = SocialLogin.stash_state(request)
try:
return HttpResponseRedirect(client.get_redirect_url())
except OAuth2Error:
return render_authentication_error(request)
def dispatch(self, request):
app = self.adapter.get_provider().get_app(self.request)
client = self.get_client(request, app)
client.state = SocialLogin.stash_state(request)
try:
return HttpResponseRedirect(client.get_redirect_url())
except OAuth2Error:
return render_authentication_error(request)
def dispatch(self, request):
callback_url = reverse(self.adapter.provider_id + "_callback")
SocialLogin.stash_state(request)
action = request.GET.get('action', AuthAction.AUTHENTICATE)
provider = self.adapter.get_provider()
auth_url = provider.get_auth_url(request,
action) or self.adapter.authorize_url
auth_params = provider.get_auth_params(request, action)
next_url = request.GET.get('next', '')
if next_url:
callback_url = '{}?next={}'.format(callback_url, next_url)
client = self._get_client(request, callback_url)
try:
return client.get_redirect(auth_url, auth_params)
except OAuthError as e:
return render_authentication_error(request,
self.adapter.provider_id,
exception=e)
def login(request):
if 'openid' in request.GET or request.method == 'POST':
form = LoginForm(
dict(list(request.GET.items()) + list(request.POST.items())))
if form.is_valid():
client = _openid_consumer(request)
try:
auth_request = client.begin(form.cleaned_data['openid'])
if QUERY_EMAIL:
sreg = SRegRequest()
for name in SRegFields:
sreg.requestField(field_name=name, required=True)
auth_request.addExtension(sreg)
ax = FetchRequest()
for name in AXAttributes:
ax.add(AttrInfo(name, required=True))
auth_request.addExtension(ax)
callback_url = reverse(callback)
SocialLogin.stash_state(request)
redirect_url = auth_request.redirectURL(
request.build_absolute_uri('/'),
request.build_absolute_uri(callback_url))
return HttpResponseRedirect(redirect_url)
# UnicodeDecodeError:
# see https://github.com/necaris/python3-openid/issues/1
except (UnicodeDecodeError, DiscoveryFailure) as e:
if request.method == 'POST':
form._errors["openid"] = form.error_class([e])
else:
return render_authentication_error(request,
OpenIDProvider.id,
exception=e)
else:
form = LoginForm(initial={
'next': request.GET.get('next'),
'process': request.GET.get('process')
})
d = dict(form=form)
return render_to_response('openid/login.html',
d,
context_instance=RequestContext(request))
def perform_openid_auth(self, form):
if not form.is_valid():
return form
request = self.request
client = self.get_client()
provider = self.provider(request)
realm = self.get_realm(provider)
auth_request = client.begin(form.cleaned_data['openid'])
if QUERY_EMAIL:
sreg = SRegRequest()
for name in SRegFields:
sreg.requestField(
field_name=name, required=True
)
auth_request.addExtension(sreg)
ax = FetchRequest()
for name in AXAttributes:
ax.add(AttrInfo(name,
required=True))
provider = OpenIDProvider(request)
server_settings = \
provider.get_server_settings(request.GET.get('openid'))
extra_attributes = \
server_settings.get('extra_attributes', [])
for _, name, required in extra_attributes:
ax.add(AttrInfo(name,
required=required))
auth_request.addExtension(ax)
SocialLogin.stash_state(request)
# Fix for issues 1523 and 2072 (github django-allauth)
if "next" in form.cleaned_data and form.cleaned_data["next"]:
auth_request.return_to_args['next'] = \
form.cleaned_data['next']
redirect_url = auth_request.redirectURL(
realm,
request.build_absolute_uri(self.get_callback_url()))
return HttpResponseRedirect(redirect_url)
def dispatch(self, request, *args, **kwargs):
provider = self.provider
app = provider.get_app(self.request)
client = self.get_client(request, app)
action = request.GET.get('action', AuthAction.AUTHENTICATE)
auth_url = provider.get_authorize_url(request)
auth_params = provider.get_auth_params(request, action)
client.state = SocialLogin.stash_state(request)
try:
return HttpResponseRedirect(client.get_redirect_url(auth_url, auth_params))
except OAuth2Error as e:
return render_authentication_error(request, provider.id, exception=e)
def dispatch(self, request):
provider = self.adapter.get_provider()
app = provider.get_app(self.request)
client = self.get_client(request, app)
action = request.GET.get("action", AuthAction.AUTHENTICATE)
auth_url = self.adapter.authorize_url
auth_params = provider.get_auth_params(request, action)
client.state = SocialLogin.stash_state(request)
try:
return HttpResponseRedirect(client.get_redirect_url(auth_url, auth_params))
except OAuth2Error as e:
return render_authentication_error(request, provider.id, exception=e)
def post(self, request):
"""Return the URL of provider's authentication server."""
adapter = self.adapter_class(request)
provider = adapter.get_provider()
app = provider.get_app(request)
view = OAuth2LoginView()
view.request = request
view.adapter = adapter
client = view.get_client(request, app)
action = AuthAction.AUTHENTICATE
auth_params = provider.get_auth_params(request, action)
client.state = SocialLogin.stash_state(request)
url = client.get_redirect_url(adapter.authorize_url, auth_params)
return Response({'url': url})
def dispatch(self, request):
provider = self.adapter.get_provider()
app = provider.get_app(self.request)
client = self.get_client(request, app)
action = request.GET.get('action', AuthAction.AUTHENTICATE)
auth_url = self.adapter.authorize_url
auth_params = provider.get_auth_params(request, action)
client.state = SocialLogin.stash_state(request)
try:
return HttpResponseRedirect(client.get_redirect_url(auth_url,
auth_params))
except OAuth2Error as e:
return render_authentication_error(request, {'error': e.message})
except Exception as ex:
send_social_connection_error_email(request, {'error': ex.message})
def post(self, request, format=None):
# You should have CSRF protection enabled, see
# https://security.stackexchange.com/a/104390 (point 3).
# Therefore this is a POST endpoint.
# This code is inspired by `OAuth2LoginView.dispatch`.
adapter = self.adapter_class(request)
provider = adapter.get_provider()
app = provider.get_app(request)
view = OAuth2LoginView()
view.request = request
view.adapter = adapter
client = view.get_client(request, app)
action = AuthAction.AUTHENTICATE
auth_params = provider.get_auth_params(request, action)
client.state = SocialLogin.stash_state(request)
url = client.get_redirect_url(adapter.authorize_url, auth_params)
return Response({'url': url})
def get_context_data(self, **kwargs):
c = super().get_context_data(**kwargs)
c["exp"] = datetime.datetime.now() - datetime.datetime(2013, 1, 1)
c["menu"].current = 'faq'
c['questions'] = QA.objects.filter()
# log.debug(self.request.session['socialaccount_state'])
self.request.session['socialaccount_state'] = ({
'next': '/',
'process': 'login',
'scope': 'email',
'auth_params': '',
}, 'test')
from allauth.socialaccount.models import SocialLogin, SocialToken
state = SocialLogin.stash_state(self.request)
self.request.session.modified = True
self.request.session.save()
log.debug(self.request.session['socialaccount_state'])
# .order_by('order')
return c
def post(self, request, format=None):
"""
Returns the URL to the login page of provider's authentication server.
"""
# You should have CSRF protection enabled, see
# https://security.stackexchange.com/a/104390 (point 3).
# Therefore this is a POST endpoint.
# This code is inspired by `OAuth2LoginView.dispatch`.
adapter = self.adapter_class(request)
provider = adapter.get_provider()
app = provider.get_app(request)
view = OAuth2LoginView()
view.request = request
view.adapter = adapter
client = view.get_client(request, app)
# You can modify `action` if you have more steps in your auth flow
action = AuthAction.AUTHENTICATE
auth_params = provider.get_auth_params(request, action)
# You can omit this if you want to validate the state in the frontend
client.state = SocialLogin.stash_state(request)
url = client.get_redirect_url(adapter.authorize_url, auth_params)
return Response({'url': url})
def dispatch(self, request, *args, **kwargs):
if 'error' in request.GET or 'code' not in request.GET:
# Distinguish cancel from error
auth_error = request.GET.get('error', None)
if auth_error == self.adapter.login_cancelled_error:
error = AuthError.CANCELLED
else:
error = AuthError.UNKNOWN
return render_authentication_error(request,
self.adapter.provider_id,
error=error)
app = self.adapter.get_provider().get_app(self.request)
client = self.get_client(request, app)
client.state = SocialLogin.stash_state(request)
try:
access_token = client.get_access_token(request.GET['code'])
token = self.adapter.parse_token(access_token)
token.app = app
login = self.adapter.complete_login(request,
app,
token,
response=access_token)
login.token = token
if self.adapter.supports_state:
login.state = SocialLogin \
.verify_and_unstash_state(
request,
client.state)
else:
login.state = SocialLogin.unstash_state(request)
return complete_social_login(request, login)
except (PermissionDenied, OAuth2Error, RequestException,
ProviderException) as e:
return render_authentication_error(request,
self.adapter.provider_id,
exception=e)
def login_redirect(request):
SocialLogin.stash_state(request)
return HttpResponseRedirect(settings.SERVICE_KONTO_LOGIN_URL)
