dj-jwt-auth 1.8.0__py3-none-any.whl → 1.9.0__py3-none-any.whl

{dj_jwt_auth-1.8.0.dist-info → dj_jwt_auth-1.9.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dj-jwt-auth
-Version: 1.8.0
+Version: 1.9.0
 Summary: A Django package for JSON Web Token validation and verification. Using PyJWT.
 Home-page: https://www.example.com/
 Author: Konstantin Seleznev
@@ -137,4 +137,3 @@ Login URL will be available at `/admin/oidc/`.
 
 ### Testing:
 Run command `python runtests.py` to run tests.
-To run specific test use `python runtests.py <test_name>`, like `python runtests.py "tests.test.OIDCHandlerTest.test_new_email_exists"`.

{dj_jwt_auth-1.8.0.dist-info → dj_jwt_auth-1.9.0.dist-info}/RECORD

@@ -8,14 +8,14 @@ django_jwt/settings.py,sha256=pXQ8WUU4LGBe6PQxCLTLM_2_b1CCSgehqim3yJDqZdw,1922
 django_jwt/urls.py,sha256=ZhcnRcQ1MBRh-bS7fTa-Vkz8yuWUhv-G_uRXKLnKAs0,320
 django_jwt/user.py,sha256=v2oCoAThstFg5x5cOA9nSKlYWZzCEqhFbz63WGhE_NM,6382
 django_jwt/utils.py,sha256=uIFw1JMldE_blC7YkaZbY7rpcawP2E6zsdLyuZRwJoA,1645
-django_jwt/views.py,sha256=jQW3YrW-Oed54KqxjDMaBOQ-dxEnqTAcBEXlQSK-zCE,4231
+django_jwt/views.py,sha256=GzfMlVHbbVduJltWhEdEZU8_LyOFvlczxAakUh2KA7w,4626
 django_jwt/templates/django-jwt-index.html,sha256=y8f0v2WbRAFxnIU799I_MZCVsjn1sbdh7bypjdWB0lA,1353
 django_jwt/templates/admin/login.html,sha256=Nihyu0IGvDDZVvQDITXozwlj6XCQ0B8gqlyHLqVNyJc,275
 tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 tests/models.py,sha256=jhoJcCEsx5B9AibmoLQLDD3cEsyYzYy6dMdYhRnBVFo,338
 tests/test.py,sha256=HEy5DsEYrPmtWSdeDhgdeV2tZTYlepaWt82VoTBrta8,11828
 tests/urls.py,sha256=D5FhDSVAudurkrpkCZZPnDvgXSgifwFVB3nAlYBg7uQ,212
-dj_jwt_auth-1.8.0.dist-info/METADATA,sha256=bSdoEA3Rd_Ug7C7B4ZaPCnBs4WOnLUjGhVNkMjDGxMU,4553
-dj_jwt_auth-1.8.0.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
-dj_jwt_auth-1.8.0.dist-info/top_level.txt,sha256=58O7TdK-yECZcbmPc52KNlBFpjIUlENuZubCxaSOxus,17
-dj_jwt_auth-1.8.0.dist-info/RECORD,,
+dj_jwt_auth-1.9.0.dist-info/METADATA,sha256=9wT1rkV7h9f5Xi7wYvqbWjuJwolLxF4pjIqef1kRBI4,4416
+dj_jwt_auth-1.9.0.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
+dj_jwt_auth-1.9.0.dist-info/top_level.txt,sha256=58O7TdK-yECZcbmPc52KNlBFpjIUlENuZubCxaSOxus,17
+dj_jwt_auth-1.9.0.dist-info/RECORD,,

django_jwt/views.py

@@ -39,68 +39,84 @@ def index_response(request, msg, status=400):
     )
 
 
-class AbsView(View):
-    def dispatch(self, request, *args, **kwargs):
-        try:
-            return super().dispatch(request, *args, **kwargs)
-        except HTTPError as exc:
-            log.warning(f"OIDC Admin HTTPError: {exc}")
-            return index_response(request=request, msg=exc.response.text, status=exc.response.status_code)
-        except ConfigException as exc:
-            return HttpResponse(content=str(exc), status=500)
-        except BadRequestException as exc:
-            return index_response(request=request, msg=str(exc))
-        except Exception as exc:
-            return index_response(request=request, msg=str(exc))
+class InitiateView(View):
+    callback_view_name = "receive_redirect_view"
+    client_id = None
+    scope = "openid"
 
-
-class StartOIDCAuthView(AbsView):
     def get(self, request):
         pkce_secret = PKCESecret()
-        redirect_uri = jwt_settings.OIDC_ADMIN_REDIRECT_URI
-        if not redirect_uri:
-            redirect_uri = request.build_absolute_uri(reverse("receive_redirect_view"))
+        redirect_uri = request.build_absolute_uri(reverse(self.callback_view_name))
         authorization_endpoint = config.admin().get("authorization_endpoint")
         state = base64.urlsafe_b64encode(get_random_string().encode()).decode()
         params = {
-            "client_id": jwt_settings.OIDC_ADMIN_CLIENT_ID,
+            "client_id": self.client_id,
             "redirect_uri": redirect_uri,
             "response_type": "code",
             "state": state,
-            "scope": jwt_settings.OIDC_ADMIN_SCOPE,
+            "scope": self.scope,
             "code_challenge": pkce_secret.challenge,
             "code_challenge_method": pkce_secret.challenge_method,
             "ui_locales": "en",
             "nonce": get_random_string(),
         }
         cache.set(state, str(pkce_secret), timeout=600)
-        log.info(f"OIDC Admin login: {authorization_endpoint}?{urlencode(params)}")
+        log.info(f"OIDC Initiate: {authorization_endpoint}?{urlencode(params)}")
         return redirect(f"{authorization_endpoint}?{urlencode(params)}")
 
 
-class ReceiveRedirectView(AbsView):
-    def get(self, request):
+class CallbackView(View):
+    callback_view_name = "receive_redirect_view"
+    user = None
+    payload = None
+
+    def fail(self, request, msg):
+        raise BadRequestException(msg)
+
+    def dispatch(self, request, *args, **kwargs):
         code = request.GET.get("code")
         state = request.GET.get("state")
         if not code or not state:
-            log.warning(f"No code or state in the request {request.GET}")
-            raise BadRequestException("No code or state in the request")
+            log.warning(f"OIDC No code or state in the request {request.GET}")
+            return self.fail(request, "No code or state in the request")
 
-        redirect_uri = request.build_absolute_uri(reverse("receive_redirect_view"))
+        redirect_uri = request.build_absolute_uri(self.callback_view_name)
         if state := cache.get(state):
             token = get_access_token(code, redirect_uri, state)
-            data = oidc_handler.decode_token(token)
-            user = UserHandler(data, request, token).get_user()
-            log.info(f"OIDC Admin login: {user}", extra={"data": data})
-            roles = role_handler.apply(user, data)
-            if not user.is_staff:
-                raise BadRequestException(f"User {user.email} is not staff\nRoles: {roles}")
-            login(request, user, backend=jwt_settings.OIDC_AUTHORIZATION_BACKEND)
-            return redirect("admin:index")
+            self.payload = oidc_handler.decode_token(token)
+            self.user = UserHandler(self.payload, request, token).get_user()
+            return super().dispatch(request, *args, **kwargs)
+        return self.fail(request, "No PKCE secret found in cache")
 
-        raise BadRequestException("No PKCE secret found in cache")
+
+class StartOIDCAuthView(InitiateView):
+    client_id = jwt_settings.OIDC_ADMIN_CLIENT_ID
+    scope = jwt_settings.OIDC_ADMIN_SCOPE
+
+
+class ReceiveRedirectView(CallbackView):
+    def dispatch(self, request, *args, **kwargs):
+        try:
+            return super().dispatch(request, *args, **kwargs)
+        except HTTPError as exc:
+            log.warning(f"OIDC Admin HTTPError: {exc}")
+            return index_response(request=request, msg=exc.response.text, status=exc.response.status_code)
+        except ConfigException as exc:
+            return HttpResponse(content=str(exc), status=500)
+        except BadRequestException as exc:
+            return index_response(request=request, msg=str(exc))
+        except Exception as exc:
+            return index_response(request=request, msg=str(exc))
+
+    def get(self, request):
+        log.info(f"OIDC Admin login: {self.user}", extra={"data": self.payload})
+        roles = role_handler.apply(self.user, self.payload)
+        if not self.user.is_staff:
+            raise BadRequestException(f"User {self.user.email} is not staff\nRoles: {roles}")
+        login(request, self.user, backend=jwt_settings.OIDC_AUTHORIZATION_BACKEND)
+        return redirect("admin:index")
 
 
-class LogoutView(AbsView):
+class LogoutView(View):
     def get(self, request):
         return index_response(request, "Logged out", status=401)