Skip to content
This repository has been archived by the owner on Sep 12, 2024. It is now read-only.

Added model method to list auth providers #23

Merged
merged 1 commit into from
Apr 3, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 52 additions & 1 deletion g2p_portal_auth/models/auth_oauth_provider.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
from odoo import fields, models
import base64
import hashlib
import json
import secrets

from werkzeug.urls import url_encode

from odoo import api, fields, models


class G2PSelfServiceOauthProvider(models.Model):
Expand All @@ -8,3 +15,47 @@
g2p_service_provider_allowed = fields.Boolean("Allowed in Service Provider Portal", default=False)
g2p_portal_login_image_icon_url = fields.Text()
g2p_portal_oauth_callback_url = fields.Char()

@api.model
def get_portal_auth_providers(
self,
domain=(("enabled", "=", True),),
redirect="/selfservice",
base_url="",
db_name="",
):
"""
base_url example: request.httprequest.url_root.rstrip("/")
db_name example: request.session.db
"""
if redirect.startswith("/"):
redirect = base_url + redirect
oauth_redirect_uri = f"{base_url}/auth_oauth/signin"
providers = self.search_read(domain)

Check warning on line 34 in g2p_portal_auth/models/auth_oauth_provider.py

View check run for this annotation

Codecov / codecov/patch

g2p_portal_auth/models/auth_oauth_provider.py#L32-L34

Added lines #L32 - L34 were not covered by tests
for provider in providers:
params = dict(

Check warning on line 36 in g2p_portal_auth/models/auth_oauth_provider.py

View check run for this annotation

Codecov / codecov/patch

g2p_portal_auth/models/auth_oauth_provider.py#L36

Added line #L36 was not covered by tests
response_type="token",
client_id=provider["client_id"],
redirect_uri=oauth_redirect_uri,
scope=provider["scope"],
state=json.dumps(dict(d=db_name, p=provider["id"], r=redirect), separators=(",", ":")),
)
flow = provider.get("flow")

Check warning on line 43 in g2p_portal_auth/models/auth_oauth_provider.py

View check run for this annotation

Codecov / codecov/patch

g2p_portal_auth/models/auth_oauth_provider.py#L43

Added line #L43 was not covered by tests
if flow in ("id_token", "id_token_code"):
response_type = "id_token token"

Check warning on line 45 in g2p_portal_auth/models/auth_oauth_provider.py

View check run for this annotation

Codecov / codecov/patch

g2p_portal_auth/models/auth_oauth_provider.py#L45

Added line #L45 was not covered by tests
if flow == "id_token_code":
response_type = "code"
params.update(

Check warning on line 48 in g2p_portal_auth/models/auth_oauth_provider.py

View check run for this annotation

Codecov / codecov/patch

g2p_portal_auth/models/auth_oauth_provider.py#L47-L48

Added lines #L47 - L48 were not covered by tests
dict(
response_type=response_type,
nonce=secrets.token_urlsafe(),
code_challenge=base64.urlsafe_b64encode(
hashlib.sha256(provider["code_verifier"].encode("ascii")).digest()
).rstrip(b"="),
code_challenge_method="S256",
)
)
extra_auth_params = json.loads(provider.get("extra_authorize_params") or "{}")
params.update(extra_auth_params)
provider["auth_link"] = f"{provider['auth_endpoint']}?{url_encode(params)}"
return providers

Check warning on line 61 in g2p_portal_auth/models/auth_oauth_provider.py

View check run for this annotation

Codecov / codecov/patch

g2p_portal_auth/models/auth_oauth_provider.py#L58-L61

Added lines #L58 - L61 were not covered by tests
Loading