Compare commits
No commits in common. "master" and "069a61e4d7ed872a60a9964324a357d5a1484427" have entirely different histories.
master
...
069a61e4d7
@ -1,24 +1,9 @@
|
|||||||
asgiref==3.4.1
|
asgiref==3.4.1
|
||||||
certifi==2021.10.8
|
Django==4.0.1
|
||||||
cffi==1.15.0
|
|
||||||
charset-normalizer==2.0.10
|
|
||||||
cryptography==36.0.1
|
|
||||||
Deprecated==1.2.13
|
|
||||||
Django==3.2
|
|
||||||
django-oauth-toolkit==1.6.3
|
|
||||||
django-scim2==0.17.0
|
django-scim2==0.17.0
|
||||||
gunicorn==20.1.0
|
|
||||||
idna==3.3
|
|
||||||
jwcrypto==1.0
|
|
||||||
oauthlib==3.1.1
|
|
||||||
psycopg2-binary==2.9.3
|
psycopg2-binary==2.9.3
|
||||||
pycparser==2.21
|
|
||||||
python-dateutil==2.8.2
|
python-dateutil==2.8.2
|
||||||
pytz==2021.3
|
|
||||||
requests==2.27.1
|
|
||||||
scim2-filter-parser==0.3.5
|
scim2-filter-parser==0.3.5
|
||||||
six==1.16.0
|
six==1.16.0
|
||||||
sly==0.3
|
sly==0.3
|
||||||
sqlparse==0.4.2
|
sqlparse==0.4.2
|
||||||
urllib3==1.26.8
|
|
||||||
wrapt==1.13.3
|
|
||||||
|
|||||||
@ -1,5 +1,3 @@
|
|||||||
from django.contrib import admin
|
from django.contrib import admin
|
||||||
from django.contrib.auth.admin import UserAdmin
|
|
||||||
from .models import User
|
|
||||||
|
|
||||||
admin.site.register(User, UserAdmin)
|
# Register your models here.
|
||||||
|
|||||||
@ -1,14 +1,6 @@
|
|||||||
from django.apps import AppConfig
|
from django.apps import AppConfig
|
||||||
from django.db.models.signals import post_save
|
|
||||||
|
|
||||||
|
|
||||||
from . import signals
|
|
||||||
|
|
||||||
class CoreConfig(AppConfig):
|
class CoreConfig(AppConfig):
|
||||||
default_auto_field = 'django.db.models.BigAutoField'
|
default_auto_field = 'django.db.models.BigAutoField'
|
||||||
name = 'core'
|
name = 'core'
|
||||||
|
|
||||||
def ready(self) -> None:
|
|
||||||
from oauth2_provider.models import get_access_token_model
|
|
||||||
TokenModel = get_access_token_model()
|
|
||||||
post_save.connect(signals.set_user_on_application_token, sender=TokenModel)
|
|
||||||
|
|||||||
@ -1,45 +0,0 @@
|
|||||||
# Generated by Django 3.2 on 2022-01-17 13:41
|
|
||||||
|
|
||||||
import django.contrib.auth.models
|
|
||||||
import django.contrib.auth.validators
|
|
||||||
from django.db import migrations, models
|
|
||||||
import django.utils.timezone
|
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
|
||||||
|
|
||||||
initial = True
|
|
||||||
|
|
||||||
dependencies = [
|
|
||||||
('auth', '0012_alter_user_first_name_max_length'),
|
|
||||||
]
|
|
||||||
|
|
||||||
operations = [
|
|
||||||
migrations.CreateModel(
|
|
||||||
name='User',
|
|
||||||
fields=[
|
|
||||||
('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
|
|
||||||
('password', models.CharField(max_length=128, verbose_name='password')),
|
|
||||||
('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
|
|
||||||
('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
|
|
||||||
('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
|
|
||||||
('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
|
|
||||||
('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
|
|
||||||
('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
|
|
||||||
('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
|
|
||||||
('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
|
|
||||||
('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
|
|
||||||
('scim_id', models.CharField(blank=True, default=None, help_text='A unique identifier for a SCIM resource as defined by the service provider.', max_length=254, null=True, unique=True, verbose_name='SCIM ID')),
|
|
||||||
('scim_external_id', models.CharField(blank=True, db_index=True, default=None, help_text='A string that is an identifier for the resource as defined by the provisioning client.', max_length=254, null=True, verbose_name='SCIM External ID')),
|
|
||||||
('scim_username', models.CharField(blank=True, db_index=True, default=None, help_text="A service provider's unique identifier for the user", max_length=254, null=True, verbose_name='SCIM Username')),
|
|
||||||
('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.Group', verbose_name='groups')),
|
|
||||||
('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.Permission', verbose_name='user permissions')),
|
|
||||||
],
|
|
||||||
options={
|
|
||||||
'abstract': False,
|
|
||||||
},
|
|
||||||
managers=[
|
|
||||||
('objects', django.contrib.auth.models.UserManager()),
|
|
||||||
],
|
|
||||||
),
|
|
||||||
]
|
|
||||||
@ -1,37 +0,0 @@
|
|||||||
# Generated by Django 3.2 on 2022-01-18 14:52
|
|
||||||
|
|
||||||
import django.contrib.auth.models
|
|
||||||
from django.db import migrations, models
|
|
||||||
import django.db.models.deletion
|
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
|
||||||
|
|
||||||
dependencies = [
|
|
||||||
('auth', '0012_alter_user_first_name_max_length'),
|
|
||||||
('core', '0001_initial'),
|
|
||||||
]
|
|
||||||
|
|
||||||
operations = [
|
|
||||||
migrations.CreateModel(
|
|
||||||
name='Group',
|
|
||||||
fields=[
|
|
||||||
('group_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='auth.group')),
|
|
||||||
('scim_id', models.CharField(blank=True, default=None, help_text='A unique identifier for a SCIM resource as defined by the service provider.', max_length=254, null=True, unique=True, verbose_name='SCIM ID')),
|
|
||||||
('scim_external_id', models.CharField(blank=True, db_index=True, default=None, help_text='A string that is an identifier for the resource as defined by the provisioning client.', max_length=254, null=True, verbose_name='SCIM External ID')),
|
|
||||||
('scim_display_name', models.CharField(blank=True, db_index=True, default=None, help_text='A human-readable name for the Group.', max_length=254, null=True, verbose_name='SCIM Display Name')),
|
|
||||||
],
|
|
||||||
options={
|
|
||||||
'abstract': False,
|
|
||||||
},
|
|
||||||
bases=('auth.group', models.Model),
|
|
||||||
managers=[
|
|
||||||
('objects', django.contrib.auth.models.GroupManager()),
|
|
||||||
],
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
|
||||||
model_name='user',
|
|
||||||
name='groups',
|
|
||||||
field=models.ManyToManyField(to='core.Group'),
|
|
||||||
),
|
|
||||||
]
|
|
||||||
@ -1,19 +1,3 @@
|
|||||||
from django.contrib.auth.models import AbstractUser, Group
|
|
||||||
from django.db import models
|
from django.db import models
|
||||||
|
|
||||||
from django_scim.models import AbstractSCIMUserMixin, AbstractSCIMGroupMixin
|
# Create your models here.
|
||||||
|
|
||||||
class Group(AbstractSCIMGroupMixin, Group):
|
|
||||||
def __str__(self) -> str:
|
|
||||||
return self.scim_display_name
|
|
||||||
|
|
||||||
|
|
||||||
class User(AbstractSCIMUserMixin, AbstractUser):
|
|
||||||
groups = models.ManyToManyField(Group)
|
|
||||||
|
|
||||||
@property
|
|
||||||
def scim_groups(self):
|
|
||||||
return self.groups
|
|
||||||
|
|
||||||
def __str__(self) -> str:
|
|
||||||
return self.email
|
|
||||||
|
|||||||
@ -1,5 +0,0 @@
|
|||||||
def set_user_on_application_token(sender, **kwargs):
|
|
||||||
instance = kwargs['instance']
|
|
||||||
if kwargs['created'] and not instance.user:
|
|
||||||
instance.user = instance.application.user
|
|
||||||
instance.save()
|
|
||||||
@ -25,10 +25,7 @@ SECRET_KEY = 'django-insecure-zzde2t39t5d7xhj&=yq+@ox3w(*euu-^&1v0g(wo0fcyapn0m%
|
|||||||
# SECURITY WARNING: don't run with debug turned on in production!
|
# SECURITY WARNING: don't run with debug turned on in production!
|
||||||
DEBUG = True
|
DEBUG = True
|
||||||
|
|
||||||
ALLOWED_HOSTS = [
|
ALLOWED_HOSTS = []
|
||||||
'localhost',
|
|
||||||
'scim.xeryus.rug.nl',
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
# Application definition
|
# Application definition
|
||||||
@ -42,9 +39,6 @@ INSTALLED_APPS = [
|
|||||||
'django.contrib.staticfiles',
|
'django.contrib.staticfiles',
|
||||||
|
|
||||||
'django_scim',
|
'django_scim',
|
||||||
'oauth2_provider',
|
|
||||||
|
|
||||||
'core',
|
|
||||||
]
|
]
|
||||||
|
|
||||||
MIDDLEWARE = [
|
MIDDLEWARE = [
|
||||||
@ -53,7 +47,6 @@ MIDDLEWARE = [
|
|||||||
'django.middleware.common.CommonMiddleware',
|
'django.middleware.common.CommonMiddleware',
|
||||||
'django.middleware.csrf.CsrfViewMiddleware',
|
'django.middleware.csrf.CsrfViewMiddleware',
|
||||||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||||
'oauth2_provider.middleware.OAuth2TokenMiddleware',
|
|
||||||
'django_scim.middleware.SCIMAuthCheckMiddleware',
|
'django_scim.middleware.SCIMAuthCheckMiddleware',
|
||||||
'django.contrib.messages.middleware.MessageMiddleware',
|
'django.contrib.messages.middleware.MessageMiddleware',
|
||||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||||
@ -64,9 +57,7 @@ ROOT_URLCONF = 'scim_app.urls'
|
|||||||
TEMPLATES = [
|
TEMPLATES = [
|
||||||
{
|
{
|
||||||
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
||||||
'DIRS': [
|
'DIRS': [],
|
||||||
BASE_DIR / 'templates',
|
|
||||||
],
|
|
||||||
'APP_DIRS': True,
|
'APP_DIRS': True,
|
||||||
'OPTIONS': {
|
'OPTIONS': {
|
||||||
'context_processors': [
|
'context_processors': [
|
||||||
@ -138,7 +129,7 @@ STATIC_URL = 'static/'
|
|||||||
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
||||||
|
|
||||||
SCIM_SERVICE_PROVIDER = {
|
SCIM_SERVICE_PROVIDER = {
|
||||||
'NETLOC': 'scim.xeryus.rug.nl',
|
'NETLOC': 'localhost',
|
||||||
'AUTHENTICATION_SCHEMES': [
|
'AUTHENTICATION_SCHEMES': [
|
||||||
{
|
{
|
||||||
'type': 'oauth2',
|
'type': 'oauth2',
|
||||||
@ -147,15 +138,3 @@ SCIM_SERVICE_PROVIDER = {
|
|||||||
},
|
},
|
||||||
],
|
],
|
||||||
}
|
}
|
||||||
|
|
||||||
STATIC_ROOT = '/var/www/scim_app/static'
|
|
||||||
STATIC_URL = '/static/'
|
|
||||||
|
|
||||||
LOGIN_URL = '/admin/login/'
|
|
||||||
|
|
||||||
AUTHENTICATION_BACKENDS = [
|
|
||||||
'oauth2_provider.backends.OAuth2Backend',
|
|
||||||
'django.contrib.auth.backends.ModelBackend',
|
|
||||||
]
|
|
||||||
|
|
||||||
AUTH_USER_MODEL = 'core.User'
|
|
||||||
|
|||||||
@ -16,13 +16,7 @@ Including another URLconf
|
|||||||
from django.contrib import admin
|
from django.contrib import admin
|
||||||
from django.urls import include, path
|
from django.urls import include, path
|
||||||
|
|
||||||
from . import views
|
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path('auth/', views.AuthView.as_view()),
|
|
||||||
path('oauth/', include('oauth2_provider.urls', namespace='oauth2_provider')),
|
|
||||||
path('admin/', admin.site.urls),
|
path('admin/', admin.site.urls),
|
||||||
path('scim/v2/', include('django_scim.urls')),
|
path('scim/v2/', include('django_scim.urls')),
|
||||||
path('api/hello/', views.ApiEndpoint.as_view()),
|
|
||||||
path('secret/', views.secret_page, name='secret'),
|
|
||||||
]
|
]
|
||||||
|
|||||||
@ -1,20 +0,0 @@
|
|||||||
from django.contrib.auth.decorators import login_required
|
|
||||||
from django.http import HttpResponse
|
|
||||||
from django.utils.decorators import method_decorator
|
|
||||||
from django.views.generic import TemplateView
|
|
||||||
|
|
||||||
from oauth2_provider.views.generic import ProtectedResourceView
|
|
||||||
|
|
||||||
|
|
||||||
class AuthView(TemplateView):
|
|
||||||
template_name = "index.html"
|
|
||||||
|
|
||||||
|
|
||||||
class ApiEndpoint(ProtectedResourceView):
|
|
||||||
def get(self, request, *args, **kwargs):
|
|
||||||
return HttpResponse('Hello world!')
|
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
|
||||||
def secret_page(request, *args, **kwargs):
|
|
||||||
return HttpResponse('Secret contents!', status=200)
|
|
||||||
@ -1,14 +0,0 @@
|
|||||||
<!DOCTYPE html>
|
|
||||||
<html>
|
|
||||||
<head>
|
|
||||||
<title>SCIM app</title>
|
|
||||||
</head>
|
|
||||||
|
|
||||||
<body>
|
|
||||||
Hallo!
|
|
||||||
|
|
||||||
<pre>
|
|
||||||
{{ user }}
|
|
||||||
</pre>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
||||||
Loading…
x
Reference in New Issue
Block a user