Skip to content

Commit

Permalink
OpenConceptLab/ocl_issues#1338 | API to migrate user from django to SSO
Browse files Browse the repository at this point in the history
  • Loading branch information
snyaggarwal committed Aug 31, 2022
1 parent d61820f commit a1c5306
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 7 deletions.
14 changes: 7 additions & 7 deletions core/common/services.py
Original file line number Diff line number Diff line change
Expand Up @@ -308,7 +308,7 @@ def credential_representation_from_hash(hash_, temporary=False):
}

@classmethod
def add_user(cls, user):
def add_user(cls, user, username=None, password=None):
response = requests.post(
cls.USERS_URL,
json=dict(
Expand All @@ -321,7 +321,7 @@ def add_user(cls, user):
credentials=[cls.credential_representation_from_hash(hash_=user.password)]
),
verify=False,
headers=OIDCAuthService.get_admin_headers()
headers=OIDCAuthService.get_admin_headers(username=username, password=password)
)
if response.status_code == 201:
return True
Expand All @@ -335,13 +335,13 @@ def get_token(self):
return self.token_type + ' ' + get(token, 'access_token')

@staticmethod
def get_admin_token():
def get_admin_token(username=None, password=None):
response = requests.post(
OIDCAuthService.OIDP_ADMIN_TOKEN_URL,
data=dict(
grant_type='password',
username=settings.KEYCLOAK_ADMIN,
password=settings.KEYCLOAK_ADMIN_PASSWORD,
username=username or settings.KEYCLOAK_ADMIN,
password=password or settings.KEYCLOAK_ADMIN_PASSWORD,
client_id='admin-cli'
),
verify=False,
Expand Down Expand Up @@ -385,8 +385,8 @@ def exchange_code_for_token(code, redirect_uri):
return response.json()

@staticmethod
def get_admin_headers():
return dict(Authorization=f'Bearer {OIDCAuthService.get_admin_token()}')
def get_admin_headers(**kwargs):
return dict(Authorization=f'Bearer {OIDCAuthService.get_admin_token(**kwargs)}')

def get_user_headers(self):
return dict(Authorization=self.get_token())
Expand Down
5 changes: 5 additions & 0 deletions core/users/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,11 @@
views.UserDetailView.as_view(),
name='userprofile-detail'
),
path(
'<str:user>/sso-migrate/',
views.SSOMigrateView.as_view(),
name='userprofile-sso-migrate'
),
path(
'<str:user>/verify/<str:verification_token>/',
views.UserEmailVerificationView.as_view(),
Expand Down
23 changes: 23 additions & 0 deletions core/users/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,29 @@ def post(request):
OIDCAuthService.exchange_code_for_token(code, redirect_uri))


class SSOMigrateView(APIView):
permission_classes = (AllowAny, )

def get_object(self):
username = self.kwargs.get('user')
user = UserProfile.objects.filter(username=username).first()
if not user:
raise Http404()
return user

def post(self, request, **kwargs): # pylint: disable=unused-argument
username = request.data.get('username')
password = request.data.get('password')
if not username or not password:
return Response(
dict(error='keycloak admin username/password are required'),
status=status.HTTP_400_BAD_REQUEST
)
user = self.get_object()
result = OIDCAuthService.add_user(user=user, username=username, password=password)
return Response(result)


class TokenAuthenticationView(ObtainAuthToken):
"""Implementation of ObtainAuthToken with last_login update"""

Expand Down

0 comments on commit a1c5306

Please sign in to comment.