[Python-modules-commits] [python-social-auth] 298/322: Added provider for Microsoft Azure Active Directory OAuth2
Wolfgang Borgert
debacle at moszumanska.debian.org
Sat Dec 24 15:13:22 UTC 2016
This is an automated email from the git hooks/post-receive script.
debacle pushed a commit to tag v0.2.10
in repository python-social-auth.
commit 92f259b4eec126a418570ef10a2ea3d653868450
Author: vinhub <vin.bhalerao at gmail.com>
Date: Mon May 11 12:04:28 2015 -0700
Added provider for Microsoft Azure Active Directory OAuth2
---
social/backends/azuread.py | 79 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 79 insertions(+)
diff --git a/social/backends/azuread.py b/social/backends/azuread.py
new file mode 100644
index 0000000..c0e6bed
--- /dev/null
+++ b/social/backends/azuread.py
@@ -0,0 +1,79 @@
+"""
+Azure AD OAuth2 backend, docs at:
+ http://psa.matiasaguirre.net/docs/backends/azuread.html
+"""
+import datetime
+from calendar import timegm
+from social.exceptions import AuthException, AuthFailed, AuthCanceled, \
+ AuthUnknownError, AuthMissingParameter, \
+ AuthTokenError
+from jwt import DecodeError, ExpiredSignature, decode as jwt_decode
+from social.backends.oauth import BaseOAuth2
+import urllib
+
+class AzureADOAuth2(BaseOAuth2):
+ name = 'azuread-oauth2'
+ SCOPE_SEPARATOR = ' '
+ AUTHORIZATION_URL = 'https://login.windows.net/common/oauth2/authorize'
+ ACCESS_TOKEN_URL = 'https://login.windows.net/common/oauth2/token'
+ ACCESS_TOKEN_METHOD = 'POST'
+ REDIRECT_STATE = False
+ DEFAULT_SCOPE = ['openid', 'profile', 'user_impersonation']
+ EXTRA_DATA = [
+ ('access_token', 'access_token'),
+ ('id_token', 'id_token'),
+ ('refresh_token', 'refresh_token'),
+ ('expires_in', 'expires'),
+ ('given_name', 'first_name'),
+ ('family_name', 'last_name'),
+ ('token_type', 'token_type')
+ ]
+
+ def auth_extra_arguments(self):
+ """Return extra arguments needed on auth process. The defaults can be
+ overriden by GET parameters."""
+ extra_arguments = {}
+ resource = self.setting('SHAREPOINT_SITE')
+
+ if resource:
+ extra_arguments = {
+ 'resource': resource
+ }
+
+ return extra_arguments
+
+ def get_user_id(self, details, response):
+ """Use upn as unique id"""
+ return response.get('upn')
+
+ def get_user_details(self, response):
+ """Return user details from Azure AD account"""
+ fullname, first_name, last_name = (
+ response.get('name', ''),
+ response.get('given_name', ''),
+ response.get('family_name', '')
+ )
+ return {'username': fullname,
+ 'email': response.get('upn'),
+ 'fullname': fullname,
+ 'first_name': first_name,
+ 'last_name': last_name}
+
+ def user_data(self, access_token, *args, **kwargs):
+ response = kwargs.get('response')
+ id_token = response.get('id_token')
+
+ try:
+ decoded_id_token = jwt_decode(id_token, verify=False)
+ except (DecodeError, ExpiredSignature) as de:
+ raise AuthTokenError(self, de)
+
+ return decoded_id_token
+
+ def extra_data(self, user, uid, response, details=None):
+ """Return access_token and extra defined names to store in
+ extra_data field"""
+ data = super(BaseOAuth2, self).extra_data(user, uid, response, details)
+ data['sharepoint_site'] = self.setting('SHAREPOINT_SITE')
+ return data
+
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-social-auth.git
More information about the Python-modules-commits
mailing list