From 70448db8e5a1e667a6100c3cf504f4541ff5eccf Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Mon, 21 Sep 2020 10:31:42 +0200 Subject: [PATCH 1/5] Remove Django CAS server and add oauth toolkit --- .gitlab-ci.yml | 4 +- Dockerfile | 2 +- README.md | 2 +- ansible/roles/1-apt-basic/tasks/main.yml | 2 +- note_kfet/admin.py | 6 -- note_kfet/fixtures/cas.json | 11 --- note_kfet/settings/__init__.py | 7 -- note_kfet/settings/secrets_example.py | 1 - note_kfet/templates/cas_server/base.html | 99 ------------------------ note_kfet/urls.py | 6 -- requirements.txt | 2 +- 11 files changed, 6 insertions(+), 136 deletions(-) delete mode 100644 note_kfet/fixtures/cas.json delete mode 100644 note_kfet/templates/cas_server/base.html diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index cada9068..61d5988c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -16,7 +16,7 @@ py37-django22: apt-get install --no-install-recommends -t buster-backports -y python3-django python3-django-crispy-forms python3-django-extensions python3-django-filters python3-django-polymorphic - python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil + python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil python3-babel python3-lockfile python3-pip python3-phonenumbers python3-bs4 python3-setuptools tox texlive-xetex script: tox -e py37-django22 @@ -33,7 +33,7 @@ py38-django22: apt-get install --no-install-recommends -y python3-django python3-django-crispy-forms python3-django-extensions python3-django-filters python3-django-polymorphic - python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil + python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil python3-babel python3-lockfile python3-pip python3-phonenumbers python3-bs4 python3-setuptools tox texlive-xetex script: tox -e py38-django22 diff --git a/Dockerfile b/Dockerfile index 0dd1ce8b..9696de7c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ RUN apt-get update && \ apt-get install --no-install-recommends -t buster-backports -y \ python3-django python3-django-crispy-forms \ python3-django-extensions python3-django-filters python3-django-polymorphic \ - python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil \ + python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil \ python3-babel python3-lockfile python3-pip python3-phonenumbers ipython3 \ python3-bs4 python3-setuptools \ uwsgi uwsgi-plugin-python3 \ diff --git a/README.md b/README.md index f2ada2a8..910fd19a 100644 --- a/README.md +++ b/README.md @@ -93,7 +93,7 @@ Sinon vous pouvez suivre les étapes décrites ci-dessous. $ sudo apt install --no-install-recommends -t buster-backports -y \ python3-django python3-django-crispy-forms \ python3-django-extensions python3-django-filters python3-django-polymorphic \ - python3-djangorestframework python3-django-cas-server python3-psycopg2 python3-pil \ + python3-djangorestframework python3-django-oauth-toolkit python3-psycopg2 python3-pil \ python3-babel python3-lockfile python3-pip python3-phonenumbers ipython3 \ python3-bs4 python3-setuptools \ uwsgi uwsgi-plugin-python3 \ diff --git a/ansible/roles/1-apt-basic/tasks/main.yml b/ansible/roles/1-apt-basic/tasks/main.yml index 1ca1b3d6..95f6d40a 100644 --- a/ansible/roles/1-apt-basic/tasks/main.yml +++ b/ansible/roles/1-apt-basic/tasks/main.yml @@ -23,10 +23,10 @@ - python3-babel - python3-bs4 - python3-django - - python3-django-cas-server - python3-django-crispy-forms - python3-django-extensions - python3-django-filters + - python3-django-oauth-toolkit - python3-django-polymorphic - python3-djangorestframework - python3-lockfile diff --git a/note_kfet/admin.py b/note_kfet/admin.py index f128b237..1fa228fe 100644 --- a/note_kfet/admin.py +++ b/note_kfet/admin.py @@ -44,9 +44,3 @@ if "rest_framework" in settings.INSTALLED_APPS: from rest_framework.authtoken.admin import * from rest_framework.authtoken.models import * admin_site.register(Token, TokenAdmin) - -if "cas_server" in settings.INSTALLED_APPS: - from cas_server.admin import * - from cas_server.models import * - admin_site.register(ServicePattern, ServicePatternAdmin) - admin_site.register(FederatedIendityProvider, FederatedIendityProviderAdmin) diff --git a/note_kfet/fixtures/cas.json b/note_kfet/fixtures/cas.json deleted file mode 100644 index c3109d19..00000000 --- a/note_kfet/fixtures/cas.json +++ /dev/null @@ -1,11 +0,0 @@ -[ - { - "model": "cas_server.servicepattern", - "pk": 1, - "fields": { - "pos": 1, - "pattern": ".*", - "name": "REPLACEME" - } - } -] diff --git a/note_kfet/settings/__init__.py b/note_kfet/settings/__init__.py index dcfa88a8..0c76b6f4 100644 --- a/note_kfet/settings/__init__.py +++ b/note_kfet/settings/__init__.py @@ -49,13 +49,6 @@ try: except ImportError: pass -if "cas_server" in INSTALLED_APPS: - # CAS Settings - CAS_AUTO_CREATE_USER = False - CAS_LOGO_URL = "/static/img/Saperlistpopette.png" - CAS_FAVICON_URL = "/static/favicon/favicon-32x32.png" - CAS_SHOW_POWERED = False - if "logs" in INSTALLED_APPS: MIDDLEWARE += ('note_kfet.middlewares.SessionMiddleware',) diff --git a/note_kfet/settings/secrets_example.py b/note_kfet/settings/secrets_example.py index b1f9e399..656e558b 100644 --- a/note_kfet/settings/secrets_example.py +++ b/note_kfet/settings/secrets_example.py @@ -3,7 +3,6 @@ # CAS OPTIONAL_APPS = [ -# 'cas_server', # 'debug_toolbar' ] diff --git a/note_kfet/templates/cas_server/base.html b/note_kfet/templates/cas_server/base.html deleted file mode 100644 index 4e93cee0..00000000 --- a/note_kfet/templates/cas_server/base.html +++ /dev/null @@ -1,99 +0,0 @@ -{% load i18n %}{% load static %}{% get_current_language as LANGUAGE_CODE %} - - - - - - {% block title %}{% trans "Central Authentication Service" %}{% endblock %} - - - - - {% if settings.CAS_FAVICON_URL %}{% endif %} - - - -
-
- {% if auto_submit %}{% endif %} -
-
-
- {% if auto_submit %}{% endif %} - {% block content %}{% endblock %} -
-
-
-
-
-
- {% if settings.CAS_SHOW_POWERED %} - - {% endif %} - - - - - {% block javascript %}{% endblock %} - - - diff --git a/note_kfet/urls.py b/note_kfet/urls.py index ae6bf3db..74731a62 100644 --- a/note_kfet/urls.py +++ b/note_kfet/urls.py @@ -41,12 +41,6 @@ if settings.DEBUG: urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) -if "cas_server" in settings.INSTALLED_APPS: - urlpatterns += [ - # Include CAS Server routers - path('cas/', include('cas_server.urls', namespace="cas_server")), - ] - if "debug_toolbar" in settings.INSTALLED_APPS: import debug_toolbar urlpatterns = [ diff --git a/requirements.txt b/requirements.txt index dccb8988..f7aa0d8a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,13 +1,13 @@ beautifulsoup4~=4.7.1 Django~=2.2.15 django-bootstrap-datepicker-plus~=3.0.5 -django-cas-server>=1.2.0 django-colorfield~=0.3.2 django-crispy-forms~=1.7.2 django-extensions~=2.1.4 django-filter~=2.1.0 django-htcpcp-tea~=0.3.1 django-mailer~=2.0.1 +django-oauth-toolkit~=0.11.0 django-phonenumber-field~=5.0.0 django-polymorphic~=2.0.3 djangorestframework~=3.9.0 From 8052152ea589bbf148b4ce76b03e1273d781f000 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Mon, 21 Sep 2020 11:03:07 +0200 Subject: [PATCH 2/5] Add OAuth2 endpoints --- note.cron | 2 ++ note_kfet/settings/base.py | 1 + note_kfet/urls.py | 3 +++ 3 files changed, 6 insertions(+) diff --git a/note.cron b/note.cron index 078856ea..44db347a 100644 --- a/note.cron +++ b/note.cron @@ -20,3 +20,5 @@ 55 6 * * * root cd /var/www/note_kfet && env/bin/python manage.py send_reports # Mettre à jour les boutons mis en avant 00 9 * * * root cd /var/www/note_kfet && env/bin/python manage.py refresh_highlighted_buttons +# Vider les tokens Oauth2 + 00 6 * * * root cd /var/www/note_kfet && env/bin/python manage.py cleartokens diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index 27010fef..3c2cd4f9 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -35,6 +35,7 @@ INSTALLED_APPS = [ 'mailer', 'phonenumber_field', 'polymorphic', + 'oauth2_provider', # Django contrib 'django.contrib.admin', diff --git a/note_kfet/urls.py b/note_kfet/urls.py index 74731a62..6049bfde 100644 --- a/note_kfet/urls.py +++ b/note_kfet/urls.py @@ -32,6 +32,9 @@ urlpatterns = [ path('api/', include('api.urls')), path('permission/', include('permission.urls')), + # OAuth2 provider + path('o/', include('oauth2_provider.urls', namespace='oauth2_provider')), + # Make coffee path('coffee/', include('django_htcpcp_tea.urls')), ] From 6d54aae61488f17ebd9accf5ece835d324bcee57 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Mon, 21 Sep 2020 11:15:00 +0200 Subject: [PATCH 3/5] Fix django-oauth-toolkit version --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index f7aa0d8a..33ba454a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,7 @@ django-extensions~=2.1.4 django-filter~=2.1.0 django-htcpcp-tea~=0.3.1 django-mailer~=2.0.1 -django-oauth-toolkit~=0.11.0 +django-oauth-toolkit~=1.1.2 django-phonenumber-field~=5.0.0 django-polymorphic~=2.0.3 djangorestframework~=3.9.0 From 72bac75fbdae836005b3652868d2c91231f3e9c3 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Mon, 21 Sep 2020 12:15:40 +0200 Subject: [PATCH 4/5] Add Django OAuth toolkit admin --- note_kfet/admin.py | 8 ++++++++ note_kfet/settings/base.py | 4 +++- note_kfet/urls.py | 8 +++++--- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/note_kfet/admin.py b/note_kfet/admin.py index 1fa228fe..fa192b57 100644 --- a/note_kfet/admin.py +++ b/note_kfet/admin.py @@ -26,6 +26,14 @@ admin_site = StrongAdminSite() admin_site.register(Site, SiteAdmin) # Add external apps model +if "oauth2_provider" in settings.INSTALLED_APPS: + from oauth2_provider.admin import Application, ApplicationAdmin, Grant, \ + GrantAdmin, AccessToken, AccessTokenAdmin, RefreshToken, RefreshTokenAdmin + admin_site.register(Application, ApplicationAdmin) + admin_site.register(Grant, GrantAdmin) + admin_site.register(AccessToken, AccessTokenAdmin) + admin_site.register(RefreshToken, RefreshTokenAdmin) + if "django_htcpcp_tea" in settings.INSTALLED_APPS: from django_htcpcp_tea.admin import * from django_htcpcp_tea.models import * diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index 3c2cd4f9..f393cab1 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -38,7 +38,9 @@ INSTALLED_APPS = [ 'oauth2_provider', # Django contrib - 'django.contrib.admin', + # We do not import Django Admin directly to disable autodiscover. + # Autodiscover does not work with custom admin sites. + 'django.contrib.admin.apps.SimpleAdminConfig', 'django.contrib.admindocs', 'django.contrib.auth', 'django.contrib.contenttypes', diff --git a/note_kfet/urls.py b/note_kfet/urls.py index 6049bfde..d9e51b63 100644 --- a/note_kfet/urls.py +++ b/note_kfet/urls.py @@ -32,9 +32,6 @@ urlpatterns = [ path('api/', include('api.urls')), path('permission/', include('permission.urls')), - # OAuth2 provider - path('o/', include('oauth2_provider.urls', namespace='oauth2_provider')), - # Make coffee path('coffee/', include('django_htcpcp_tea.urls')), ] @@ -43,6 +40,11 @@ urlpatterns = [ if settings.DEBUG: urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) +if "oauth2_provider" in settings.INSTALLED_APPS: + # OAuth2 provider + urlpatterns.append( + path('o/', include('oauth2_provider.urls', namespace='oauth2_provider')) + ) if "debug_toolbar" in settings.INSTALLED_APPS: import debug_toolbar From 4f188ca3e5161236d1d3452d4e551465a0f3f935 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Mon, 21 Sep 2020 12:34:34 +0200 Subject: [PATCH 5/5] Admin is autodiscovering partially --- note_kfet/settings/base.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/note_kfet/settings/base.py b/note_kfet/settings/base.py index f393cab1..ac9dd050 100644 --- a/note_kfet/settings/base.py +++ b/note_kfet/settings/base.py @@ -38,9 +38,8 @@ INSTALLED_APPS = [ 'oauth2_provider', # Django contrib - # We do not import Django Admin directly to disable autodiscover. - # Autodiscover does not work with custom admin sites. - 'django.contrib.admin.apps.SimpleAdminConfig', + # Django Admin will autodiscover our apps for our custom admin site. + 'django.contrib.admin', 'django.contrib.admindocs', 'django.contrib.auth', 'django.contrib.contenttypes',