2012-08-14 12:46:36 +00:00
|
|
|
import logging
|
|
|
|
|
2012-08-15 18:09:13 +00:00
|
|
|
import urllib
|
2012-09-26 09:43:36 +00:00
|
|
|
import urlparse
|
2012-08-12 23:26:12 +00:00
|
|
|
import urllib2
|
2012-08-13 12:33:33 +00:00
|
|
|
import simplejson
|
2012-08-12 23:26:12 +00:00
|
|
|
|
|
|
|
import openerp
|
|
|
|
from openerp.osv import osv, fields
|
2012-08-31 13:51:36 +00:00
|
|
|
from openerp import SUPERUSER_ID
|
2012-08-12 23:26:12 +00:00
|
|
|
|
2012-08-14 12:46:36 +00:00
|
|
|
_logger = logging.getLogger(__name__)
|
|
|
|
|
2012-08-12 23:26:12 +00:00
|
|
|
class res_users(osv.Model):
|
|
|
|
_inherit = 'res.users'
|
|
|
|
|
2012-08-14 06:34:13 +00:00
|
|
|
_columns = {
|
2012-08-15 21:10:04 +00:00
|
|
|
'oauth_provider_id': fields.many2one('auth.oauth.provider','OAuth Provider'),
|
2012-08-15 18:09:13 +00:00
|
|
|
'oauth_uid': fields.char('OAuth User ID', help="Oauth Provider user_id"),
|
|
|
|
'oauth_access_token': fields.char('OAuth Token', readonly=True),
|
2012-08-14 06:34:13 +00:00
|
|
|
}
|
|
|
|
|
2012-08-14 11:55:55 +00:00
|
|
|
def auth_oauth_rpc(self, cr, uid, endpoint, access_token, context=None):
|
2012-09-26 09:43:36 +00:00
|
|
|
params = urllib.urlencode({ 'access_token': access_token })
|
|
|
|
if urlparse.urlparse(endpoint)[4]:
|
|
|
|
url = endpoint + '&' + params
|
|
|
|
else:
|
|
|
|
url = endpoint + '?' + params
|
2012-08-14 06:34:13 +00:00
|
|
|
f = urllib2.urlopen(url)
|
2012-08-14 11:55:55 +00:00
|
|
|
response = f.read()
|
|
|
|
return simplejson.loads(response)
|
2012-08-14 06:34:13 +00:00
|
|
|
|
2012-08-15 22:47:08 +00:00
|
|
|
def auth_oauth(self, cr, uid, provider, params, context=None):
|
2012-08-13 12:33:33 +00:00
|
|
|
# Advice by Google (to avoid Confused Deputy Problem)
|
|
|
|
# if validation.audience != OUR_CLIENT_ID:
|
|
|
|
# abort()
|
|
|
|
# else:
|
|
|
|
# continue with the process
|
2012-08-14 11:55:55 +00:00
|
|
|
access_token = params.get('access_token')
|
2012-08-15 22:47:08 +00:00
|
|
|
p = self.pool.get('auth.oauth.provider').browse(cr, uid, provider, context=context)
|
|
|
|
|
|
|
|
validation = self.auth_oauth_rpc(cr, uid, p.validation_endpoint, access_token)
|
2012-08-14 11:55:55 +00:00
|
|
|
if validation.get("error"):
|
2012-10-10 12:19:19 +00:00
|
|
|
raise Exception(validation['error'])
|
2012-09-26 09:43:36 +00:00
|
|
|
if p.data_endpoint:
|
|
|
|
data = self.auth_oauth_rpc(cr, uid, p.data_endpoint, access_token)
|
|
|
|
validation.update(data)
|
|
|
|
# required
|
2012-08-14 06:34:13 +00:00
|
|
|
oauth_uid = validation['user_id']
|
2012-09-26 09:43:36 +00:00
|
|
|
if not oauth_uid:
|
|
|
|
raise openerp.exceptions.AccessDenied
|
|
|
|
email = validation.get('email', 'provider_%d_user_%d' % (p.id, oauth_uid))
|
|
|
|
# optional
|
|
|
|
name = validation.get('name', email)
|
2012-08-14 11:55:55 +00:00
|
|
|
res = self.search(cr, uid, [("oauth_uid", "=", oauth_uid)])
|
|
|
|
if res:
|
2012-09-26 09:43:36 +00:00
|
|
|
self.write(cr, uid, res[0], { 'oauth_access_token': access_token })
|
2012-08-14 11:55:55 +00:00
|
|
|
else:
|
|
|
|
# New user
|
|
|
|
new_user = {
|
|
|
|
'name': name,
|
2012-09-26 09:43:36 +00:00
|
|
|
'login': email,
|
|
|
|
'user_email': email,
|
|
|
|
'oauth_provider_id': p.id,
|
2012-08-14 11:55:55 +00:00
|
|
|
'oauth_uid': oauth_uid,
|
|
|
|
'oauth_access_token': access_token,
|
|
|
|
'active': True,
|
|
|
|
}
|
2012-10-10 12:55:45 +00:00
|
|
|
self._signup_create_user(cr, uid, new_user)
|
2012-09-26 09:43:36 +00:00
|
|
|
credentials = (cr.dbname, email, access_token)
|
2012-08-15 18:09:13 +00:00
|
|
|
return credentials
|
2012-08-13 12:33:33 +00:00
|
|
|
|
2012-08-15 21:10:04 +00:00
|
|
|
def check_credentials(self, cr, uid, password):
|
2012-08-14 06:34:13 +00:00
|
|
|
try:
|
2012-08-15 21:10:04 +00:00
|
|
|
return super(res_users, self).check_credentials(cr, uid, password)
|
|
|
|
except openerp.exceptions.AccessDenied:
|
2012-08-31 13:51:36 +00:00
|
|
|
res = self.search(cr, SUPERUSER_ID, [('id','=',uid),('oauth_access_token','=',password)])
|
2012-08-15 21:10:04 +00:00
|
|
|
if not res:
|
2012-08-14 06:34:13 +00:00
|
|
|
raise
|
2012-08-13 12:33:33 +00:00
|
|
|
|
2012-08-12 23:26:12 +00:00
|
|
|
#
|