Commits

Alexis Metaireau  committed 4438a0b Merge

merge logout fixes

  • Participants
  • Parent commits 0da9dea, 1998886

Comments (0)

Files changed (7)

 Configuration
 --------------
 
-Then, you can either go to the admin interface to set up the tokens and websites
-you want to use. For this purpose, you need to have an existant admin instance
-in your application.
-
-You also can use the `oauth_createtoken` command ::
+Then, to set up you tokens and oauth providers, you can either go to the admin 
+interface (if you have one), or use the `oauthcreatetoken` command, for instance::
 
     $ python manage.py oauthcreatetoken
+    Token identifier: bisonvert
+    Token key: wsWLjVsSTPYd8H8xV8
+    Token secret: G64F6GNWfKV8kV2DTU66JkFSPKVhhTT9
+    Server URL: http://api.bisonvert.net 
+    Consumer Token and Server successfully configured
 
 
+Please note that you need the oauth provider token key and secret, *and* a token
+identifier, that represents the associated OAuth provider. it have to match the
+one provided in urls (see below). Default is `default`. 
+
 Setting up the constants
 -------------------------
 
-You also need to set up your session key in your settings. It need to be unique
-within all your applications::
+In order to prevent cookie based problems between your client and server, 
+please check that your `PERSISTENT_SESSION_KEY` settings are *differents* 
+in both applications:: 
 
     PERSISTENT_SESSION_KEY = 'unique persistant session key'
 
-
 Urls
 ----
     
 Now, you need to provide urls to access the oauthclient application, for your
-project. Here is a simple configuration::
+project. Here is a simple configuration, feel free to adapt to your needs::
     
     urlpatterns = patterns('',
         # your already existing urls

File TODO

-Write documentation
-Write view tests
+django-oauthclient
+==================
+
+* Write view tests
+* Use restkit.oauth2 and restkit instead of libhttp2

File oauthclient/models.py

 from django.db import models
+from django.conf import settings
+from oauthclient.settings import CONSUMER_KEY_SIZE, CONSUMER_SECRET_SIZE
 import oauth2
 
-KEY_SIZE = SECRET_SIZE = 16
-
 class OAuthServer(models.Model):
     """Defines the urls to use for the oauth authentication.
 
 
     """
     identifier = models.CharField(max_length=200, unique=True)
-    key = models.CharField(max_length=KEY_SIZE, null=True, blank=True)
-    secret = models.CharField(max_length=SECRET_SIZE, null=True, blank=True)
+    key = models.CharField(max_length=CONSUMER_KEY_SIZE, null=True, blank=True)
+    secret = models.CharField(max_length=CONSUMER_SECRET_SIZE, null=True, blank=True)
     server = models.ForeignKey(OAuthServer)
     last_modification = models.DateField(auto_now=True)
 

File oauthclient/settings.py

+from django.conf import settings
+
+CONSUMER_KEY_SIZE = getattr(settings, 'OAUTHCLIENT_CONSUMER_KEY_SIZE', 18)
+CONSUMER_SECRET_SIZE = getattr(settings, 'OAUTHCLIENT_CONSUMER_SECRET_SIZE', 32)
+REDIRECT_AFTER_LOGIN = getattr(settings, 'OAUTHCLIENT_REDIRECT_AFTER_LOGIN', None)
+REDIRECT_AFTER_LOGOUT = getattr(settings, 'OAUTHCLIENT_REDIRECT_AFTER_LOGOUT', None)
+LOGIN_TEMPLATE = getattr(settings, 'OAUTHCLIENT_LOGIN_TEMPLATE', 'login.html')
+LOGOUT_TEMPLATE = getattr(settings, 'OAUTHCLIENT_LOGOUT_TEMPLATE', 'logout.html')
+ERROR_TEMPLATE = getattr(settings, 'OAUTHCLIENT_ERROR_TEMPLATE', 'error.html')

File oauthclient/utils.py

 def get_consumer_token(identifier):
     return ConsumerToken.objects.get(identifier=identifier)
 
-def oauth_need_authentication(request, identifier, force=False):
-    """Authenticate user using oauth flow, if the an authentication does not
-    already exists.
+def is_oauth_authenticated(request, identifier):
+    """Tell if the user is authenticated to oauth, for the specified OAuth
+    provider identifier.
     
     """
-    return not (identifier + '_oauth_token' and identifier + '_oauth_token_secret' in request.session)
+    return (identifier + '_oauth_token' and identifier + '_oauth_token_secret' in request.session)
     
-def is_oauthenticated(identifier, force=False):
+def need_oauth_authentication(identifier, force=False):
     """Decorator when oauth authentication is needed.
     
     If the user is not authenticated, redirect the user to the oauth 
     def wrapper(func):
         def wrapped(*args, **kwargs):
             request = args[0]
-            if force or oauth_need_authentication(request=request,
-                    identifier=identifier, force=force):
+            if force or not is_oauth_authenticated(request=request,
+                    identifier=identifier):
                 return redirect('%s?next=%s' % (
                     reverse('oauth:request_token'), 
                     request.path))

File oauthclient/views.py

 # django imports
-from django.shortcuts import render_to_response as render, redirect
+from django.shortcuts import render_to_response, redirect
 from django.contrib.sites.models import Site
 from django.core.urlresolvers import reverse
 
 import urlparse
 
 #oauthclient import
-from utils import is_oauthenticated
 from models import ConsumerToken, OAuthServer
+from oauthclient import settings
 
-def get_request_token(request, identifier):
+"""These views are a generic way to do a three legged authentication with OAuth. 
+
+You can find more information on three legged authentication on the OAuth
+website: http://oauth.net/core/diagram.png
+
+"""
+
+def get_request_token(request, identifier='default'):
     """First and second step of the three-legged OAuth flow:
     
     Request a request token to the OAuth server, and redirect the user on the
-    OAuth server, to authorize user access.
+    OAuth server, to authorize user access, aka steps A, B and C.
     
     Once this done, the server redirect the user on the access_token_ready
     view.
     request.session.save()
     return redirect(redirect_url)
     
-def access_token_ready(request, identifier):
+def access_token_ready(request, identifier='default'):
     """Last step of the OAuth three-legged flow.
 
     The user is redirected here once he allowed (or not) the application to 
-    access private informations.
+    access private informations, aka steps D, E and F.
     
     Echange a valid request token against a valid access token. If a valid 
     access token is given, store it in session.
             'present in session.' % (identifier, identifier))
     
     if ('error' in request.GET):
-        return render('error.html', {
+        return render_to_response(settings.ERROR_TEMPLATE, {
             'error':request.GET['error']
         })
     
 
     if 'next' in request.session:
         return redirect(request.session['next'])
-        
-    return render('authenticated.html', {})
+    if settings.REDIRECT_AFTER_LOGIN == None:
+        return render_to_response(settings.LOGIN_TEMPLATE)
+    return redirect(settings.REDIRECT_AFTER_LOGIN)
     
-def logout(request, identifier):
+def logout(request, identifier='default'):
     """Destruct the active session oauth related keys.
     
     """
         if identifier + '_' + key in request.session:
             del request.session[identifier + '_' + key]
             
-    return render('logout.html', {})
+    if settings.REDIRECT_AFTER_LOGOUT == None:
+        return render_to_response(settings.LOGOUT_TEMPLATE)
+    return redirect(settings.REDIRECT_AFTER_LOGOUT)