def callback(request):
if 'oauth_state' not in request.session:
return HttpResponseRedirect(
request.build_absolute_uri(reverse(oauthadmin.views.login)))
redirect_uri = request.build_absolute_uri(
reverse(oauthadmin.views.callback))
oauth = OAuth2Session(
app_setting('CLIENT_ID'),
state=request.session['oauth_state'].decode('utf-8'),
redirect_uri=redirect_uri,
)
try:
token = oauth.fetch_token(
app_setting('TOKEN_URL'),
client_secret=app_setting('CLIENT_SECRET'),
authorization_response=app_setting('AUTH_URL') + "?" +
request.GET.urlencode())
except (MismatchingStateError, InvalidGrantError):
return HttpResponseRedirect(
request.build_absolute_uri(reverse(oauthadmin.views.login)))
user = import_by_path(app_setting('GET_USER'))(token)
request.session['last_verified_at'] = int(time())
request.session['oauth_token'] = token
request.session['user'] = user
next = json.loads(
base64.b64decode(
request.session['oauth_state']).decode('utf-8'))['next']
if not next:
next = app_setting('DEFAULT_NEXT_URL')
return redirect(request.build_absolute_uri(next))
def callback(request):
if 'oauth_state' not in request.session:
return HttpResponseRedirect(request.build_absolute_uri(reverse(oauthadmin.views.login)))
redirect_uri = request.build_absolute_uri(reverse(oauthadmin.views.callback))
oauth = OAuth2Session(
app_setting('CLIENT_ID'),
state=request.session['oauth_state'].decode('utf-8'),
redirect_uri=redirect_uri,
)
try:
token = oauth.fetch_token(
app_setting('TOKEN_URL'),
client_secret=app_setting('CLIENT_SECRET'),
authorization_response=app_setting('AUTH_URL') + "?" + request.GET.urlencode()
)
except (MismatchingStateError, InvalidGrantError):
return HttpResponseRedirect(request.build_absolute_uri(reverse(oauthadmin.views.login)))
user = import_by_path(app_setting('GET_USER'))(token)
request.session['last_verified_at'] = int(time())
request.session['oauth_token'] = token
request.session['user'] = user
next = json.loads(base64.b64decode(request.session['oauth_state']).decode('utf-8'))['next']
if not next:
next = '/admin'
return redirect(request.build_absolute_uri(next))
def process_request(self, request):
if hasattr(request, 'session') and 'user' in request.session:
request.user = request.session['user']
request._cached_user = request.session['user']
if app_setting('PING_INTERVAL') and app_setting('PING'):
_verify_ping_interval(request, app_setting('PING_INTERVAL'),
import_by_path(app_setting('PING')))
else:
from django.contrib.auth.models import AnonymousUser
request.user = AnonymousUser()
def process_request(self, request):
if hasattr(request, 'session') and 'user' in request.session:
request.user = request.session['user']
request._cached_user = request.session['user']
if app_setting('PING_INTERVAL') and app_setting('PING'):
_verify_ping_interval(
request,
app_setting('PING_INTERVAL'),
import_by_path(app_setting('PING'))
)
else:
from django.contrib.auth.models import AnonymousUser
request.user = AnonymousUser()