-
Notifications
You must be signed in to change notification settings - Fork 27
/
backends.py
70 lines (56 loc) · 2.51 KB
/
backends.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
from django.contrib.auth.backends import ModelBackend
from mozilla_django_oidc.auth import OIDCAuthenticationBackend
from pydash import get
class OCLOIDCAuthenticationBackend(OIDCAuthenticationBackend):
def create_user(self, claims):
"""Return object for a newly created user account."""
# {
# 'sub': '<str:uuid>',
# 'email_verified': <boolean>,
# 'realm_access': {
# 'roles': ['offline_access', 'default-roles-ocl', 'uma_authorization']
# },
# 'name': 'Inactive User',
# 'preferred_username': 'inactive',
# 'given_name': 'Inactive',
# 'family_name': 'User',
# 'email': 'inactive@user.com'
# }
from core.users.models import UserProfile
return UserProfile.objects.create_user(
claims.get('preferred_username'),
email=claims.get('email'),
**dict(
first_name=claims.get('given_name'),
last_name=claims.get('family_name'),
verified=claims.get('email_verified')
)
)
def update_user(self, user, claims):
user.first_name = claims.get('given_name') or user.first_name
user.last_name = claims.get('family_name') or user.last_name
user.email = claims.get('email') or user.email
user.save()
return user
def filter_users_by_claims(self, claims):
from core.users.models import UserProfile
username = claims.get('preferred_username')
if not username:
return UserProfile.objects.none()
return UserProfile.objects.filter(username=username)
class OCLAuthenticationBackend(ModelBackend):
def get_auth_backend(self, request=None):
if get(self, '_authentication_backend'):
return get(self, '_authentication_backend')
from core.common.services import AuthService
if AuthService.is_valid_django_token(request):
klass = ModelBackend
else:
from core.common.services import AuthService
klass = AuthService.get().authentication_backend_class
self._authentication_backend = klass()
return self._authentication_backend
def authenticate(self, request, username=None, password=None, **kwargs):
return self.get_auth_backend(request).authenticate(request=request, username=username, password=password, **kwargs)
def get_user(self, user_id):
return self.get_auth_backend().get_user(user_id=user_id)