Fix sso

server/config/settings/base.py

@@ -88,6 +88,7 @@ THIRD_PARTY_APPS = [
 LOCAL_APPS = [
     "vbv_lernwelt.core",
     "vbv_lernwelt.simpletodo",
+    "vbv_lernwelt.sso",
     # Your stuff: custom apps go here
 ]
 # https://docs.djangoproject.com/en/dev/ref/settings/#installed-apps
@@ -452,14 +453,16 @@ if "django_redis.cache.RedisCache" in env("VBV_DJANGO_CACHE_BACKEND", default=""
 
 OAUTH = {
     "client_name": env("OAUTH_CLIENT_NAME", default="lernetz"),
-    "client_id": env("OAUTH_CLIENT_ID", default=""),
+    "client_id": env("OAUTH_CLIENT_ID", default="iterativ"),
     "client_secret": env("OAUTH_CLIENT_SECRET", default=""),
     "access_token_url": env("OAUTH_ACCESS_TOKEN_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/token"),
-    "authorize_url": env("OAUTH_AUTHORIZE_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/tokenk"),
+    "authorize_url": env("OAUTH_AUTHORIZE_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/auth"),
     "api_base_url": env("OAUTH_API_BASE_URL", default="https://sso.test.b.lernetz.host/auth/realms/vbv/protocol/openid-connect/"),
-    "local_redirect_uri": env("OAUTH_LOCAL_DIRECT_URI", default="http://localhost:8000/api/oauth/callback/"),
+    "local_redirect_uri": env("OAUTH_LOCAL_DIRECT_URI", default="http://localhost:8000/sso/callback/"),
-    'client_kwargs': {
+    "client_kwargs": {
         'scope': '',
+        'token_endpoint_auth_method': 'client_secret_post',
+        'token_placement': 'header',
     }
 }
 

server/config/urls.py

@@ -36,6 +36,7 @@ urlpatterns = [
     path("login/", django_view_authentication_exempt(auth_views.LoginView.as_view(template_name="core/login.html"))),
     path("checkratelimit/", check_rate_limit),
     path("todo/", include("vbv_lernwelt.simpletodo.urls")),
+    path("sso/", include("vbv_lernwelt.sso.urls")),
 ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 if settings.DEBUG:
     # Static file serving when using Gunicorn + Uvicorn for local web socket development

server/vbv_lernwelt/sso/urls.py

@@ -3,12 +3,10 @@ from django.conf.urls import url, include
 from rest_framework.routers import DefaultRouter
 
 from . import views
-
+from ..core.middleware.auth import django_view_authentication_exempt
-router = DefaultRouter()
 
 app_name = 'sso'
 urlpatterns = [
-    path(r'^login/', views.login, name='login'),
+    path(r'login/', django_view_authentication_exempt(views.login), name='login'),
-    path(r'^callback/', views.authorize, name='authorize'),
+    path(r'callback/', django_view_authentication_exempt(views.authorize), name='authorize'),
-    url(r"^sso/", include(router.urls)),
 ]

server/vbv_lernwelt/sso/views.py

@@ -13,14 +13,16 @@ OAUTH_REDIRECT = 'oauth-redirect'
 
 
 def login(request):
-    hep_oauth_client = oauth.create_client('hep')
+    oauth_client = oauth.create_client(settings.OAUTH["client_name"])
-    redirect_uri = settings.OAUTH_LOCAL_REDIRECT_URI
+    redirect_uri = settings.OAUTH["local_redirect_uri"]
-    return hep_oauth_client.authorize_redirect(request, redirect_uri)
+    return oauth_client.authorize_redirect(request, redirect_uri)
 
 
 def authorize(request):
     try:
         logger.debug(request)
+        token = oauth.lernetz.authorize_access_token(request)
+        print(token)
     except OAuthError as e:
         logger.warning(f'OAuth error: {e}')
         if not settings.DEBUG: