[IMP] Improved auth_oauth and added OpeneERP Accounts provider demo data

bzr revid: fme@openerp.com-20121002084343-3v1a0vn1pck01tx7

addons/auth_oauth/__openerp__.py

@@ -38,7 +38,10 @@ Allow users to login through Google OAuth2.
         'security/ir.model.access.csv'
     ],
     'js': ['static/src/js/auth_oauth.js'],
-    'css': ['static/lib/zocial/css/zocial.css'],
+    'css': [
+        'static/lib/zocial/css/zocial.css',
+        'static/src/css/auth_oauth.css',
+    ],
     'qweb': ['static/src/xml/auth_oauth.xml'],
     'installable': True,
     'auto_install': False,

addons/auth_oauth/auth_oauth_data.xml

@@ -2,6 +2,15 @@
 <openerp>
     <data>
 
+        <record id="provider_openerp" model="auth.oauth.provider">
+            <field name="name">OpenERP Accounts</field>
+            <field name="auth_endpoint">https://accounts.openerp.com/oauth2/auth</field>
+            <field name="scope">userinfo</field>
+            <field name="validation_endpoint">https://accounts.openerp.com/oauth2/tokeninfo</field>
+            <field name="data_endpoint"></field>
+            <field name="css_class">zocial openerp</field>
+            <field name="body">Sign in with OpenERP account</field>
+        </record>
         <record id="provider_facebook" model="auth.oauth.provider">
             <field name="name">Facebook Graph</field>
             <field name="auth_endpoint">https://www.facebook.com/dialog/oauth</field>

addons/auth_oauth/controllers/main.py

@@ -16,10 +16,13 @@ class OAuthController(openerpweb.Controller):
 
     @openerpweb.jsonrequest
     def list_providers(self, req, dbname):
-        registry = openerp.modules.registry.RegistryManager.get(dbname)
-        with registry.cursor() as cr:
-            providers = registry.get('auth.oauth.provider')
-            l = providers.read(cr, SUPERUSER_ID, providers.search(cr, SUPERUSER_ID, [('enabled','=',True)]))
+        try:
+            registry = openerp.modules.registry.RegistryManager.get(dbname)
+            with registry.cursor() as cr:
+                providers = registry.get('auth.oauth.provider')
+                l = providers.read(cr, SUPERUSER_ID, providers.search(cr, SUPERUSER_ID, [('enabled','=',True)]))
+        except Exception:
+            l = []
         return l
 
     @openerpweb.httprequest

addons/auth_oauth/res_users.py

@@ -1,6 +1,7 @@
 import logging
 
 import urllib
+import urlparse
 import urllib2
 import simplejson
 
@@ -20,8 +21,11 @@ class res_users(osv.Model):
     }
 
     def auth_oauth_rpc(self, cr, uid, endpoint, access_token, context=None):
-        params = urllib.urlencode({'access_token':access_token})
-        url = endpoint + '?' + params
+        params = urllib.urlencode({ 'access_token': access_token })
+        if urlparse.urlparse(endpoint)[4]:
+            url = endpoint + '&' + params
+        else:
+            url = endpoint + '?' + params
         f = urllib2.urlopen(url)
         response = f.read()
         return simplejson.loads(response)
@@ -38,26 +42,32 @@ class res_users(osv.Model):
         validation = self.auth_oauth_rpc(cr, uid, p.validation_endpoint, access_token)
         if validation.get("error"):
             raise openerp.exceptions.AccessDenied
-        login = validation['email']
+        if p.data_endpoint:
+            data = self.auth_oauth_rpc(cr, uid, p.data_endpoint, access_token)
+            validation.update(data)
+        # required
         oauth_uid = validation['user_id']
-        name = self.auth_oauth_rpc(cr, uid, p.data_endpoint, access_token)['name']
-
-        credentials = (cr.dbname, login, access_token)
+        if not oauth_uid:
+            raise openerp.exceptions.AccessDenied
+        email = validation.get('email', 'provider_%d_user_%d' % (p.id, oauth_uid))
+        # optional
+        name = validation.get('name', email)
         res = self.search(cr, uid, [("oauth_uid", "=", oauth_uid)])
         if res:
-            self.write(cr, uid, res[0], {'oauth_access_token':access_token})
+            self.write(cr, uid, res[0], { 'oauth_access_token': access_token })
         else:
             # New user
             new_user = {
                 'name': name,
-                'login': login,
-                'user_email': login,
-                'oauth_provider_id': 1,
+                'login': email,
+                'user_email': email,
+                'oauth_provider_id': p.id,
                 'oauth_uid': oauth_uid,
                 'oauth_access_token': access_token,
                 'active': True,
             }
             self.auth_signup_create(cr, uid, new_user)
+        credentials = (cr.dbname, email, access_token)
         return credentials
 
     def check_credentials(self, cr, uid, password):

addons/auth_oauth/static/src/css/auth_oauth.css

@@ -0,0 +1,35 @@
+.openerp .oe_application .zocial {
+    font: white;
+}
+
+.openerp .zocial.openerp:before {
+    content: "\E02E";
+    font-style: italic;
+    text-shadow: 0 1px 1px black;
+}
+
+.openerp a.zocial.openerp {
+    float: right;
+    border: 1px solid #222222;
+    color: white;
+    margin: 0;
+    background-color: #b92020;
+    background-image: -webkit-gradient(linear, left top, left bottom, from(#b92020), to(#600606));
+    background-image: -webkit-linear-gradient(top, #b92020, #600606);
+    background-image: -moz-linear-gradient(top, #b92020, #600606);
+    background-image: -ms-linear-gradient(top, #b92020, #600606);
+    background-image: -o-linear-gradient(top, #b92020, #600606);
+    background-image: linear-gradient(to bottom, #b92020, #600606);
+    -moz-border-radius: 4px;
+    -webkit-border-radius: 4px;
+    border-radius: 4px;
+    -moz-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.1), 0 1px 1px rgba(155, 155, 155, 0.4) inset;
+    -webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.1), 0 1px 1px rgba(155, 155, 155, 0.4) inset;
+    box-shadow: 0 1px 2px rgba(0, 0, 0, 0.1), 0 1px 1px rgba(155, 155, 155, 0.4) inset;
+    text-shadow: none;
+    font-weight: normal;
+}
+
+.openerp .oe_login .oe_oauth_provider_login_button {
+    margin-top: 4px;
+}

addons/auth_oauth/static/src/js/auth_oauth.js

@@ -1,8 +1,9 @@
 openerp.auth_oauth = function(instance) {
     var QWeb = instance.web.qweb;
 
-    instance.web.Login = instance.web.Login.extend({
+    instance.web.Login.include({
         start: function(parent, params) {
+            var self = this;
             var d = this._super.apply(this, arguments);
             this.$el.on('click', 'a.zocial', this.on_oauth_sign_in);
             this.oauth_providers = [];
@@ -11,7 +12,13 @@ openerp.auth_oauth = function(instance) {
             } else if(this.params.oauth_error === 2) {
                 this.do_warn("Authentication error","");
             }
-            return d.then(this.do_oauth_load);
+            return d.then(this.do_oauth_load).fail(function() {
+                self.do_oauth_load([]);
+            });
+        },
+        on_db_loaded: function(result) {
+            this._super.apply(this, arguments);
+            this.$("form [name=db]").change(this.do_oauth_load);
         },
         do_oauth_load: function() {
             var db = this.$("form [name=db]").val();
@@ -21,6 +28,7 @@ openerp.auth_oauth = function(instance) {
         },
         on_oauth_loaded: function(result) {
             this.oauth_providers = result;
+            this.$('.oe_oauth_provider_login_button').remove();
             var buttons = QWeb.render("auth_oauth.Login.button",{"widget":this});
             this.$(".oe_login_pane form ul").after(buttons);
         },
@@ -33,7 +41,7 @@ openerp.auth_oauth = function(instance) {
             var state_object = {
                 d: dbname,
                 p: p.id
-            }
+            };
             var state = JSON.stringify(state_object);
             var params = {
                 response_type: 'token',

addons/auth_oauth/static/src/xml/auth_oauth.xml

@@ -2,8 +2,7 @@
 <templates id="template" xml:space="preserve">
 <t t-name="auth_oauth.Login.button">
     <t t-foreach="widget.oauth_providers" t-as="p">
-        <a href="#" t-att-class="p.css_class" t-att-data-index="p_index"><t t-esc="p.body"/></a>
-        <br/>
+        <a href="#" t-attf-class="oe_oauth_provider_login_button #{p.css_class}" t-att-data-index="p_index"><t t-esc="p.body"/></a>
     </t>
 </t>
 </templates>