auth0login updates
Start using JWT from auth0, along with updated social-auth-app plugin and newer jose. Tested locally but only with a http redirect, will test ssl in dev Signed-off-by: Corey Shields <cshields@gmail.com>spacecruft
parent
46eb5aa8c8
commit
bcee356c24
|
@ -1,5 +1,6 @@
|
|||
"""SatNOGS DB Auth0 login module auth backend"""
|
||||
import requests
|
||||
from jose import jwt
|
||||
from social_core.backends.oauth import BaseOAuth2
|
||||
|
||||
|
||||
|
@ -8,6 +9,7 @@ class Auth0(BaseOAuth2):
|
|||
name = 'auth0'
|
||||
SCOPE_SEPARATOR = ' '
|
||||
ACCESS_TOKEN_METHOD = 'POST'
|
||||
REDIRECT_STATE = False
|
||||
EXTRA_DATA = [('email', 'email')]
|
||||
|
||||
def authorization_url(self):
|
||||
|
@ -27,14 +29,19 @@ class Auth0(BaseOAuth2):
|
|||
return details['user_id']
|
||||
|
||||
def get_user_details(self, response):
|
||||
url = 'https://' + self.setting('DOMAIN') + '/userinfo'
|
||||
headers = {'authorization': 'Bearer ' + response['access_token']}
|
||||
resp = requests.get(url, headers=headers)
|
||||
userinfo = resp.json()
|
||||
# Obtain JWT and the keys to validate the signature
|
||||
id_token = response.get('id_token')
|
||||
jwks = requests.get('https://' + self.setting('DOMAIN') + '/.well-known/jwks.json')
|
||||
issuer = 'https://' + self.setting('DOMAIN') + '/'
|
||||
audience = self.setting('KEY') # CLIENT_ID
|
||||
payload = jwt.decode(
|
||||
id_token, jwks.json(), algorithms=['RS256'], audience=audience, issuer=issuer
|
||||
)
|
||||
|
||||
return {
|
||||
'username': userinfo['nickname'],
|
||||
'email': userinfo['email'],
|
||||
# 'first_name': userinfo['name'],
|
||||
'user_id': userinfo['sub']
|
||||
'username': payload['nickname'],
|
||||
# 'first_name': payload['name'],
|
||||
# 'picture': payload['picture'],
|
||||
'user_id': payload['sub'],
|
||||
'email': payload['email']
|
||||
}
|
||||
|
|
|
@ -33,6 +33,7 @@ django-shortuuidfield==0.1.3
|
|||
django-widget-tweaks==1.4.8
|
||||
djangorestframework==3.12.2
|
||||
dnspython==1.16.0
|
||||
ecdsa==0.14.1
|
||||
enum34==1.1.10
|
||||
eventlet==0.30.0
|
||||
frozendict==1.2
|
||||
|
@ -52,12 +53,14 @@ mysqlclient==2.0.2
|
|||
numpy==1.19.4
|
||||
oauthlib==3.1.0
|
||||
Pillow==8.0.1
|
||||
pyasn1==0.4.8
|
||||
pycparser==2.20
|
||||
PyJWT==2.0.0
|
||||
PyLD==2.0.3
|
||||
python-dateutil==2.8.1
|
||||
python-decouple==3.3
|
||||
python-dotenv==0.15.0
|
||||
python-jose==3.2.0
|
||||
python3-openid==3.2.0
|
||||
pytz==2020.5
|
||||
PyYAML==5.3.1
|
||||
|
@ -67,6 +70,7 @@ Represent==1.6.0.post0
|
|||
requests==2.25.1
|
||||
requests-oauthlib==1.3.0
|
||||
rjsmin==1.1.0
|
||||
rsa==4.6
|
||||
rush==2018.12.1
|
||||
satellitetle==0.10.1
|
||||
satnogs-decoders~=1.0
|
||||
|
@ -75,7 +79,7 @@ sgp4==2.14
|
|||
shortuuid==1.0.1
|
||||
simplejson==3.17.2
|
||||
six==1.15.0
|
||||
social-auth-app-django==3.4.0
|
||||
social-auth-app-django==4.0.0
|
||||
social-auth-core==3.3.3
|
||||
spacetrack==0.15.0
|
||||
sqlparse==0.4.1
|
||||
|
|
Loading…
Reference in New Issue