From 647694d525147349f6126fc63d76729ac98422a8 Mon Sep 17 00:00:00 2001 From: Maximillian Dornseif Date: Sun, 28 Mar 2010 21:45:40 +0200 Subject: [PATCH] GOOGLE_OPENID_ENDPOINT and GOOGLE_API_SCOPE not required anymore, ignoring of access_token --- CHANGES | 2 ++ README.rst | 8 +++----- googleappsauth/__init__.py | 9 +++------ googleappsauth/views.py | 10 +++++----- setup.py | 10 ++-------- 5 files changed, 15 insertions(+), 24 deletions(-) diff --git a/CHANGES b/CHANGES index 0500586..ef19386 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ +1.02 GOOGLE_OPENID_ENDPOINT and GOOGLE_API_SCOPE not required anymore, + ignoring of access_token 1.01p4 - graceful handling of broken session engine 1.01 - tranport QUERY_STRING through google Authentication, Logout at Google 1.0 - stand alone package diff --git a/README.rst b/README.rst index 9486a3e..8990e70 100644 --- a/README.rst +++ b/README.rst @@ -16,16 +16,14 @@ To use googleappsauth, configuration in `settings.py` should look like this:: GOOGLE_APPS_DOMAIN = 'example.com' GOOGLE_APPS_CONSUMER_KEY = 'example.com' GOOGLE_APPS_CONSUMER_SECRET = '*sekret*' - GOOGLE_OPENID_ENDPOINT = 'https://www.google.com/a/%s/o8/ud?be=o8' % GOOGLE_APPS_DOMAIN - GOOGLE_API_SCOPE = 'http://www.google.com/m8/feeds/+http://docs.google.com/feeds/+http://spreadsheets.google.com/feeds/' # domain where your application is running GOOGLE_OPENID_REALM = 'http://*.hudora.biz/' -You also have to tell googleappsauth where various views life:: +You also can tell googleappsauth where to go after successfull authentication, in case +the redirect_url had not been set. `LOGIN_REDIRECT_URL` defaults to `/`. +:: - LOGIN_URL = '/login' LOGIN_REDIRECT_URL = '/admin' - LOGOUT_URL = '/logout' To activate googleappsauth, set the appropriate Authentication backend and include a callback view. :: diff --git a/googleappsauth/__init__.py b/googleappsauth/__init__.py index 8ec8612..7aff433 100644 --- a/googleappsauth/__init__.py +++ b/googleappsauth/__init__.py @@ -4,30 +4,27 @@ googleauth/__init__.py Created by Axel Schlüter on 2009-12 -Copyright (c) 2009 HUDORA GmbH. All rights reserved. +Copyright (c) 2009, 2010 HUDORA GmbH. All rights reserved. To use it configuration in settings.py should look like this (this is also in global_django_settings): GOOGLE_APPS_DOMAIN = 'hudora.de' GOOGLE_APPS_CONSUMER_KEY = 'hudora.de' GOOGLE_APPS_CONSUMER_SECRET = '*sekret*' -GOOGLE_OPENID_ENDPOINT = 'https://www.google.com/a/%s/o8/ud?be=o8' % GOOGLE_APPS_DOMAIN GOOGLE_API_SCOPE = 'http://www.google.com/m8/feeds/+http://docs.google.com/feeds/+http://spreadsheets.google.com/feeds/' You also have to set the domain where your application is running GOOGLE_OPENID_REALM = 'http://*.hudora.biz/' Then you have to tell where various views live. -LOGIN_URL = '/login' LOGIN_REDIRECT_URL = '/admin' -LOGOUT_URL = '/logout' To activate the whole thing set the appropriate Authentication backend and include a callback view. settings.py: - AUTHENTICATION_BACKENDS = ('hudoratools.googleauth.backends.GoogleAuthBackend',) + AUTHENTICATION_BACKENDS = ('googleappsauth.backends.GoogleAuthBackend',) urls.py: - (r'^callback_hudoratools_googleauth/', 'hudoratools.googleauth.views.callback'), + (r'^callback_googleappsauth/', 'googleappsauth.views.callback'), Using a special middleware you can block access to a compete site. diff --git a/googleappsauth/views.py b/googleappsauth/views.py index bfd0db6..3ff1413 100644 --- a/googleappsauth/views.py +++ b/googleappsauth/views.py @@ -29,7 +29,7 @@ def login(request, redirect_field_name=REDIRECT_FIELD_NAME, redirect_url=None): if not redirect_url: redirect_url = request.REQUEST.get(redirect_field_name) if not redirect_url: - redirect_url = settings.LOGIN_REDIRECT_URL + redirect_url = settings.get('LOGIN_REDIRECT_URL', '/') request.session['redirect_url'] = redirect_url # jetzt bauen wir uns die URL fuer den Callback zusammen, unter @@ -48,7 +48,7 @@ def login(request, redirect_field_name=REDIRECT_FIELD_NAME, redirect_url=None): def callback(request): # haben wir einen erfolgreichen Login? Wenn nicht gehen wir # sofort zurueck, ohne einen Benutzer einzuloggen - callback_url = request.session['callback_url'] + callback_url = request.session.get('callback_url', '/') identifier = googleappsauth.openid.parse_login_response(request, callback_url) if not identifier: # TODO: was ist hier los? @@ -64,9 +64,9 @@ def callback(request): # wenn wir ein OAuth request token bekommen haben machen wir # daraus jetzt noch flott ein access token request_token = googleappsauth.openid.get_oauth_request_token(request) - if request_token: - attributes['access_token'] = None - raise Exception('access token handling not yet implemented!') + #if request_token: + # attributes['access_token'] = None + # raise Exception('access token handling not yet implemented!') # Usernames are based on E-Mail Addresses which are unique. username = attributes.get('email', identifier).split('@')[0].replace('.', '') diff --git a/setup.py b/setup.py index aa2e34d..415bf1f 100644 --- a/setup.py +++ b/setup.py @@ -4,20 +4,14 @@ setup(name='googleappsauth', maintainer='Maximillian Dornseif', maintainer_email='md@hudora.de', - version='1.01p4', + version='1.02', description='googleappsauth authenticates Django Users against a Google Apps Domain', long_description=codecs.open('README.rst', "r", "utf-8").read(), license='BSD', - url='http://github.com/hudora/django-googleappsauth', + url='http://github.com/hudora/django-googleappsauth#readme', classifiers=['Intended Audience :: Developers', 'Programming Language :: Python'], packages = find_packages(), - package_data = { - # If any package contains *.txt or *.rst files, include them: - #'': ['*.xml', '*.jrxml', '*.jar', '*.py', '*.sh'], - #backend/lib/ - #backend/webapps/ - }, install_requires = ['Django'], zip_safe = False, )