Compare commits
10 Commits
43c7ef837f
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
1f1d1a8782
|
|||
|
b2a64e4227
|
|||
|
03a7eda48e
|
|||
|
ce0577744b
|
|||
|
490eb6cbff
|
|||
|
7867d49593
|
|||
|
ee4ca6a481
|
|||
|
adb2f71aae
|
|||
|
ac880b7e5b
|
|||
|
ae5a97d7ec
|
@ -1,12 +1,24 @@
|
||||
asgiref==3.4.1
|
||||
certifi==2021.10.8
|
||||
cffi==1.15.0
|
||||
charset-normalizer==2.0.10
|
||||
cryptography==36.0.1
|
||||
Deprecated==1.2.13
|
||||
Django==3.2
|
||||
django-basicauth==0.5.3
|
||||
django-oauth-toolkit==1.6.3
|
||||
django-scim2==0.17.0
|
||||
gunicorn==20.1.0
|
||||
idna==3.3
|
||||
jwcrypto==1.0
|
||||
oauthlib==3.1.1
|
||||
psycopg2-binary==2.9.3
|
||||
pycparser==2.21
|
||||
python-dateutil==2.8.2
|
||||
pytz==2021.3
|
||||
requests==2.27.1
|
||||
scim2-filter-parser==0.3.5
|
||||
six==1.16.0
|
||||
sly==0.3
|
||||
sqlparse==0.4.2
|
||||
urllib3==1.26.8
|
||||
wrapt==1.13.3
|
||||
|
||||
0
scim_app/core/__init__.py
Normal file
0
scim_app/core/__init__.py
Normal file
5
scim_app/core/admin.py
Normal file
5
scim_app/core/admin.py
Normal file
@ -0,0 +1,5 @@
|
||||
from django.contrib import admin
|
||||
from django.contrib.auth.admin import UserAdmin
|
||||
from .models import User
|
||||
|
||||
admin.site.register(User, UserAdmin)
|
||||
14
scim_app/core/apps.py
Normal file
14
scim_app/core/apps.py
Normal file
@ -0,0 +1,14 @@
|
||||
from django.apps import AppConfig
|
||||
from django.db.models.signals import post_save
|
||||
|
||||
|
||||
from . import signals
|
||||
|
||||
class CoreConfig(AppConfig):
|
||||
default_auto_field = 'django.db.models.BigAutoField'
|
||||
name = 'core'
|
||||
|
||||
def ready(self) -> None:
|
||||
from oauth2_provider.models import get_access_token_model
|
||||
TokenModel = get_access_token_model()
|
||||
post_save.connect(signals.set_user_on_application_token, sender=TokenModel)
|
||||
45
scim_app/core/migrations/0001_initial.py
Normal file
45
scim_app/core/migrations/0001_initial.py
Normal file
@ -0,0 +1,45 @@
|
||||
# Generated by Django 3.2 on 2022-01-17 13:41
|
||||
|
||||
import django.contrib.auth.models
|
||||
import django.contrib.auth.validators
|
||||
from django.db import migrations, models
|
||||
import django.utils.timezone
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('auth', '0012_alter_user_first_name_max_length'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='User',
|
||||
fields=[
|
||||
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
|
||||
('password', models.CharField(max_length=128, verbose_name='password')),
|
||||
('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
|
||||
('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
|
||||
('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
|
||||
('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
|
||||
('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
|
||||
('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
|
||||
('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
|
||||
('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
|
||||
('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
|
||||
('scim_id', models.CharField(blank=True, default=None, help_text='A unique identifier for a SCIM resource as defined by the service provider.', max_length=254, null=True, unique=True, verbose_name='SCIM ID')),
|
||||
('scim_external_id', models.CharField(blank=True, db_index=True, default=None, help_text='A string that is an identifier for the resource as defined by the provisioning client.', max_length=254, null=True, verbose_name='SCIM External ID')),
|
||||
('scim_username', models.CharField(blank=True, db_index=True, default=None, help_text="A service provider's unique identifier for the user", max_length=254, null=True, verbose_name='SCIM Username')),
|
||||
('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.Group', verbose_name='groups')),
|
||||
('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.Permission', verbose_name='user permissions')),
|
||||
],
|
||||
options={
|
||||
'abstract': False,
|
||||
},
|
||||
managers=[
|
||||
('objects', django.contrib.auth.models.UserManager()),
|
||||
],
|
||||
),
|
||||
]
|
||||
37
scim_app/core/migrations/0002_auto_20220118_1452.py
Normal file
37
scim_app/core/migrations/0002_auto_20220118_1452.py
Normal file
@ -0,0 +1,37 @@
|
||||
# Generated by Django 3.2 on 2022-01-18 14:52
|
||||
|
||||
import django.contrib.auth.models
|
||||
from django.db import migrations, models
|
||||
import django.db.models.deletion
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('auth', '0012_alter_user_first_name_max_length'),
|
||||
('core', '0001_initial'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='Group',
|
||||
fields=[
|
||||
('group_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='auth.group')),
|
||||
('scim_id', models.CharField(blank=True, default=None, help_text='A unique identifier for a SCIM resource as defined by the service provider.', max_length=254, null=True, unique=True, verbose_name='SCIM ID')),
|
||||
('scim_external_id', models.CharField(blank=True, db_index=True, default=None, help_text='A string that is an identifier for the resource as defined by the provisioning client.', max_length=254, null=True, verbose_name='SCIM External ID')),
|
||||
('scim_display_name', models.CharField(blank=True, db_index=True, default=None, help_text='A human-readable name for the Group.', max_length=254, null=True, verbose_name='SCIM Display Name')),
|
||||
],
|
||||
options={
|
||||
'abstract': False,
|
||||
},
|
||||
bases=('auth.group', models.Model),
|
||||
managers=[
|
||||
('objects', django.contrib.auth.models.GroupManager()),
|
||||
],
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name='user',
|
||||
name='groups',
|
||||
field=models.ManyToManyField(to='core.Group'),
|
||||
),
|
||||
]
|
||||
0
scim_app/core/migrations/__init__.py
Normal file
0
scim_app/core/migrations/__init__.py
Normal file
19
scim_app/core/models.py
Normal file
19
scim_app/core/models.py
Normal file
@ -0,0 +1,19 @@
|
||||
from django.contrib.auth.models import AbstractUser, Group
|
||||
from django.db import models
|
||||
|
||||
from django_scim.models import AbstractSCIMUserMixin, AbstractSCIMGroupMixin
|
||||
|
||||
class Group(AbstractSCIMGroupMixin, Group):
|
||||
def __str__(self) -> str:
|
||||
return self.scim_display_name
|
||||
|
||||
|
||||
class User(AbstractSCIMUserMixin, AbstractUser):
|
||||
groups = models.ManyToManyField(Group)
|
||||
|
||||
@property
|
||||
def scim_groups(self):
|
||||
return self.groups
|
||||
|
||||
def __str__(self) -> str:
|
||||
return self.email
|
||||
5
scim_app/core/signals.py
Normal file
5
scim_app/core/signals.py
Normal file
@ -0,0 +1,5 @@
|
||||
def set_user_on_application_token(sender, **kwargs):
|
||||
instance = kwargs['instance']
|
||||
if kwargs['created'] and not instance.user:
|
||||
instance.user = instance.application.user
|
||||
instance.save()
|
||||
3
scim_app/core/tests.py
Normal file
3
scim_app/core/tests.py
Normal file
@ -0,0 +1,3 @@
|
||||
from django.test import TestCase
|
||||
|
||||
# Create your tests here.
|
||||
3
scim_app/core/views.py
Normal file
3
scim_app/core/views.py
Normal file
@ -0,0 +1,3 @@
|
||||
from django.shortcuts import render
|
||||
|
||||
# Create your views here.
|
||||
@ -42,6 +42,9 @@ INSTALLED_APPS = [
|
||||
'django.contrib.staticfiles',
|
||||
|
||||
'django_scim',
|
||||
'oauth2_provider',
|
||||
|
||||
'core',
|
||||
]
|
||||
|
||||
MIDDLEWARE = [
|
||||
@ -50,7 +53,7 @@ MIDDLEWARE = [
|
||||
'django.middleware.common.CommonMiddleware',
|
||||
'django.middleware.csrf.CsrfViewMiddleware',
|
||||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||
'basicauth.middleware.BasicAuthMiddleware',
|
||||
'oauth2_provider.middleware.OAuth2TokenMiddleware',
|
||||
'django_scim.middleware.SCIMAuthCheckMiddleware',
|
||||
'django.contrib.messages.middleware.MessageMiddleware',
|
||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||
@ -61,7 +64,9 @@ ROOT_URLCONF = 'scim_app.urls'
|
||||
TEMPLATES = [
|
||||
{
|
||||
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
||||
'DIRS': [],
|
||||
'DIRS': [
|
||||
BASE_DIR / 'templates',
|
||||
],
|
||||
'APP_DIRS': True,
|
||||
'OPTIONS': {
|
||||
'context_processors': [
|
||||
@ -133,7 +138,7 @@ STATIC_URL = 'static/'
|
||||
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
||||
|
||||
SCIM_SERVICE_PROVIDER = {
|
||||
'NETLOC': 'localhost',
|
||||
'NETLOC': 'scim.xeryus.rug.nl',
|
||||
'AUTHENTICATION_SCHEMES': [
|
||||
{
|
||||
'type': 'oauth2',
|
||||
@ -146,7 +151,11 @@ SCIM_SERVICE_PROVIDER = {
|
||||
STATIC_ROOT = '/var/www/scim_app/static'
|
||||
STATIC_URL = '/static/'
|
||||
|
||||
BASICAUTH_USERS = {
|
||||
'xeryus': 'development',
|
||||
'scim': 'scim',
|
||||
}
|
||||
LOGIN_URL = '/admin/login/'
|
||||
|
||||
AUTHENTICATION_BACKENDS = [
|
||||
'oauth2_provider.backends.OAuth2Backend',
|
||||
'django.contrib.auth.backends.ModelBackend',
|
||||
]
|
||||
|
||||
AUTH_USER_MODEL = 'core.User'
|
||||
|
||||
@ -20,6 +20,9 @@ from . import views
|
||||
|
||||
urlpatterns = [
|
||||
path('auth/', views.AuthView.as_view()),
|
||||
path('oauth/', include('oauth2_provider.urls', namespace='oauth2_provider')),
|
||||
path('admin/', admin.site.urls),
|
||||
path('scim/v2/', include('django_scim.urls')),
|
||||
path('api/hello/', views.ApiEndpoint.as_view()),
|
||||
path('secret/', views.secret_page, name='secret'),
|
||||
]
|
||||
|
||||
@ -1,7 +1,20 @@
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.http import HttpResponse
|
||||
from django.utils.decorators import method_decorator
|
||||
from django.views.generic import View
|
||||
from basicauth.decorators import basic_auth_required
|
||||
from django.views.generic import TemplateView
|
||||
|
||||
@method_decorator(basic_auth_required, name='dispatch')
|
||||
class AuthView(View):
|
||||
pass
|
||||
from oauth2_provider.views.generic import ProtectedResourceView
|
||||
|
||||
|
||||
class AuthView(TemplateView):
|
||||
template_name = "index.html"
|
||||
|
||||
|
||||
class ApiEndpoint(ProtectedResourceView):
|
||||
def get(self, request, *args, **kwargs):
|
||||
return HttpResponse('Hello world!')
|
||||
|
||||
|
||||
@login_required
|
||||
def secret_page(request, *args, **kwargs):
|
||||
return HttpResponse('Secret contents!', status=200)
|
||||
|
||||
14
scim_app/templates/index.html
Normal file
14
scim_app/templates/index.html
Normal file
@ -0,0 +1,14 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>SCIM app</title>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
Hallo!
|
||||
|
||||
<pre>
|
||||
{{ user }}
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
||||
Reference in New Issue
Block a user