forked from 00dani/lemoncurry
Half-implement an IndieAuth authorization endpoint - it accepts the right parameters, verifies your client_id, and displays a prompt, but you can't actually approve the auth yet
This commit is contained in:
parent
d234fd942d
commit
93be2f5a32
7 changed files with 145 additions and 1 deletions
1
Pipfile
1
Pipfile
|
@ -22,6 +22,7 @@ qrcode = "*"
|
|||
django-otp-agents = "*"
|
||||
python-slugify = "*"
|
||||
django-markdown-deux = "*"
|
||||
"mf2py" = "*"
|
||||
|
||||
|
||||
[dev-packages]
|
||||
|
|
65
Pipfile.lock
generated
65
Pipfile.lock
generated
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"_meta": {
|
||||
"hash": {
|
||||
"sha256": "c32114b4f91b4ef6f4023a180c8db8c0567a6f9206da1af2136af17dd6026b93"
|
||||
"sha256": "ead57b340efa8b663100364efa6b9037299456bb3e37d533b6d7c4404608749c"
|
||||
},
|
||||
"host-environment-markers": {
|
||||
"implementation_name": "cpython",
|
||||
|
@ -27,6 +27,28 @@
|
|||
]
|
||||
},
|
||||
"default": {
|
||||
"beautifulsoup4": {
|
||||
"hashes": [
|
||||
"sha256:7015e76bf32f1f574636c4288399a6de66ce08fb7b2457f628a8d70c0fbabb11",
|
||||
"sha256:11a9a27b7d3bddc6d86f59fb76afb70e921a25ac2d6cc55b40d072bd68435a76",
|
||||
"sha256:808b6ac932dccb0a4126558f7dfdcf41710dd44a4ef497a0bb59a77f9f078e89"
|
||||
],
|
||||
"version": "==4.6.0"
|
||||
},
|
||||
"certifi": {
|
||||
"hashes": [
|
||||
"sha256:54a07c09c586b0e4c619f02a5e94e36619da8e2b053e20f594348c0611803704",
|
||||
"sha256:40523d2efb60523e113b44602298f0960e900388cf3bb6043f645cf57ea9e3f5"
|
||||
],
|
||||
"version": "==2017.7.27.1"
|
||||
},
|
||||
"chardet": {
|
||||
"hashes": [
|
||||
"sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691",
|
||||
"sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae"
|
||||
],
|
||||
"version": "==3.0.4"
|
||||
},
|
||||
"django": {
|
||||
"hashes": [
|
||||
"sha256:7ab6a9c798a5f9f359ee6da3677211f883fb02ef32cebe9b29751eb7a871febf",
|
||||
|
@ -120,6 +142,20 @@
|
|||
],
|
||||
"version": "==19.7.1"
|
||||
},
|
||||
"html5lib": {
|
||||
"hashes": [
|
||||
"sha256:b8934484cf22f1db684c0fae27569a0db404d0208d20163fbf51cc537245d008",
|
||||
"sha256:ee747c0ffd3028d2722061936b5c65ee4fe13c8e4613519b4447123fc4546298"
|
||||
],
|
||||
"version": "==0.999999999"
|
||||
},
|
||||
"idna": {
|
||||
"hashes": [
|
||||
"sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4",
|
||||
"sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f"
|
||||
],
|
||||
"version": "==2.6"
|
||||
},
|
||||
"lxml": {
|
||||
"hashes": [
|
||||
"sha256:7a8715539adb41c78129983ba69d852e0102a3f51d559eeb91dce1f6290c4ad0",
|
||||
|
@ -159,6 +195,12 @@
|
|||
],
|
||||
"version": "==2.3.4"
|
||||
},
|
||||
"mf2py": {
|
||||
"hashes": [
|
||||
"sha256:021b675c0732bdbc3b8c153e1ee8e1f476c3d0ffc56a7908f9e9f90147c5fccd"
|
||||
],
|
||||
"version": "==1.0.5"
|
||||
},
|
||||
"olefile": {
|
||||
"hashes": [
|
||||
"sha256:61f2ca0cd0aa77279eb943c07f607438edf374096b66332fae1ee64a6f0f73ad"
|
||||
|
@ -300,6 +342,13 @@
|
|||
],
|
||||
"version": "==2.10.6"
|
||||
},
|
||||
"requests": {
|
||||
"hashes": [
|
||||
"sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b",
|
||||
"sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e"
|
||||
],
|
||||
"version": "==2.18.4"
|
||||
},
|
||||
"rjsmin": {
|
||||
"hashes": [
|
||||
"sha256:dd9591aa73500b08b7db24367f8d32c6470021f39d5ab4e50c7c02e4401386f1"
|
||||
|
@ -319,6 +368,20 @@
|
|||
"sha256:280a6ab88e1f2eb5af79edff450021a0d3f0448952847cd79677e55e58bad051"
|
||||
],
|
||||
"version": "==0.4.21"
|
||||
},
|
||||
"urllib3": {
|
||||
"hashes": [
|
||||
"sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b",
|
||||
"sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f"
|
||||
],
|
||||
"version": "==1.22"
|
||||
},
|
||||
"webencodings": {
|
||||
"hashes": [
|
||||
"sha256:a0af1213f3c2226497a97e2b3aa01a7e4bee4f403f95be16fc9acd2947514a78",
|
||||
"sha256:b36a1c245f2d304965eb4e0a82848379241dc04b865afcc4aab16748587e1923"
|
||||
],
|
||||
"version": "==0.5.1"
|
||||
}
|
||||
},
|
||||
"develop": {}
|
||||
|
|
24
lemonauth/templates/lemonauth/indie.html
Normal file
24
lemonauth/templates/lemonauth/indie.html
Normal file
|
@ -0,0 +1,24 @@
|
|||
{% extends 'lemoncurry/layout.html' %}
|
||||
{% block main %}
|
||||
<div class="container">
|
||||
<form class="card" method="post" action="{% url 'lemonauth:indie' %}">
|
||||
<h4 class="card-header">
|
||||
<a href="{{ params.client_id }}">{{ params.client_id }}</a>
|
||||
</h4>
|
||||
|
||||
<div class="card-body">
|
||||
<p class="card-text">do you want to confirm your identity, <a href="{{ params.me }}">{{ params.me }}</a>, with this app?</p>
|
||||
</div>
|
||||
|
||||
<div class="card-footer">
|
||||
<p class="card-text">you can't actually auth yet but this button is how you will do it</p>
|
||||
<button class="btn btn-success" type="button">
|
||||
<i class="fa fa-check"></i>
|
||||
approve
|
||||
</button>
|
||||
</div>
|
||||
|
||||
{% csrf_token %}
|
||||
</form>
|
||||
</div>
|
||||
{% endblock %}
|
|
@ -5,4 +5,5 @@ app_name = 'lemonauth'
|
|||
urlpatterns = [
|
||||
url('^login$', views.login, name='login'),
|
||||
url('^logout$', views.logout, name='logout'),
|
||||
url('^indie$', views.IndieView.as_view(), name='indie'),
|
||||
]
|
||||
|
|
|
@ -1,2 +1,3 @@
|
|||
from .login import login
|
||||
from .logout import logout
|
||||
from .indie import IndieView
|
||||
|
|
53
lemonauth/views/indie.py
Normal file
53
lemonauth/views/indie.py
Normal file
|
@ -0,0 +1,53 @@
|
|||
import mf2py
|
||||
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.http import HttpResponseForbidden, HttpResponseBadRequest
|
||||
from django.shortcuts import render
|
||||
from django.utils.decorators import method_decorator
|
||||
from django.views.generic import TemplateView
|
||||
from lemoncurry import breadcrumbs
|
||||
|
||||
breadcrumbs.add('lemonauth:indie', label='indieauth', parent='home:index')
|
||||
|
||||
|
||||
class IndieView(TemplateView):
|
||||
template_name = 'lemonauth/indie.html'
|
||||
required_params = ('me', 'client_id', 'redirect_uri')
|
||||
|
||||
@method_decorator(login_required)
|
||||
def dispatch(self, *args, **kwargs):
|
||||
return super(IndieView, self).dispatch(*args, **kwargs)
|
||||
|
||||
def get(self, request):
|
||||
params = request.GET
|
||||
for param in self.required_params:
|
||||
if param not in params:
|
||||
return HttpResponseBadRequest(
|
||||
'parameter {0} is required'.format(param),
|
||||
content_type='text/plain',
|
||||
)
|
||||
|
||||
me = params['me']
|
||||
user = '{0}://{1}{2}'.format(
|
||||
request.scheme,
|
||||
request.META['HTTP_HOST'],
|
||||
request.user.url
|
||||
)
|
||||
if me != user:
|
||||
return HttpResponseForbidden(
|
||||
'you are logged in but not as {0}'.format(me),
|
||||
content_type='text/plain',
|
||||
)
|
||||
|
||||
client = mf2py.parse(url=params['client_id'])
|
||||
rels = client['rel-urls'].get(params['redirect_uri'], {}).get('rels', ())
|
||||
if 'redirect_uri' not in rels:
|
||||
return HttpResponseBadRequest(
|
||||
'your redirect_uri is not published on your client_id page',
|
||||
content_type='text/plain'
|
||||
)
|
||||
|
||||
return render(request, self.template_name, {
|
||||
'params': params,
|
||||
'title': 'indieauth',
|
||||
})
|
|
@ -11,6 +11,7 @@
|
|||
{% include 'meta/meta.html' %}
|
||||
{% placeFavicon %}
|
||||
|
||||
<link rel="authorization_endpoint" href="{% url 'lemonauth:indie' %}" />
|
||||
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css"
|
||||
integrity="sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb" crossorigin="anonymous" />
|
||||
{% compress css %}
|
||||
|
|
Loading…
Reference in a new issue