[IMP] Improved auth_oauth and added OpeneERP Accounts provider demo data
bzr revid: fme@openerp.com-20121002084343-3v1a0vn1pck01tx7
This commit is contained in:
commit
f285c0e481
|
@ -38,7 +38,10 @@ Allow users to login through Google OAuth2.
|
|||
'security/ir.model.access.csv'
|
||||
],
|
||||
'js': ['static/src/js/auth_oauth.js'],
|
||||
'css': ['static/lib/zocial/css/zocial.css'],
|
||||
'css': [
|
||||
'static/lib/zocial/css/zocial.css',
|
||||
'static/src/css/auth_oauth.css',
|
||||
],
|
||||
'qweb': ['static/src/xml/auth_oauth.xml'],
|
||||
'installable': True,
|
||||
'auto_install': False,
|
||||
|
|
|
@ -2,6 +2,15 @@
|
|||
<openerp>
|
||||
<data>
|
||||
|
||||
<record id="provider_openerp" model="auth.oauth.provider">
|
||||
<field name="name">OpenERP Accounts</field>
|
||||
<field name="auth_endpoint">https://accounts.openerp.com/oauth2/auth</field>
|
||||
<field name="scope">userinfo</field>
|
||||
<field name="validation_endpoint">https://accounts.openerp.com/oauth2/tokeninfo</field>
|
||||
<field name="data_endpoint"></field>
|
||||
<field name="css_class">zocial openerp</field>
|
||||
<field name="body">Sign in with OpenERP account</field>
|
||||
</record>
|
||||
<record id="provider_facebook" model="auth.oauth.provider">
|
||||
<field name="name">Facebook Graph</field>
|
||||
<field name="auth_endpoint">https://www.facebook.com/dialog/oauth</field>
|
||||
|
|
|
@ -16,10 +16,13 @@ class OAuthController(openerpweb.Controller):
|
|||
|
||||
@openerpweb.jsonrequest
|
||||
def list_providers(self, req, dbname):
|
||||
registry = openerp.modules.registry.RegistryManager.get(dbname)
|
||||
with registry.cursor() as cr:
|
||||
providers = registry.get('auth.oauth.provider')
|
||||
l = providers.read(cr, SUPERUSER_ID, providers.search(cr, SUPERUSER_ID, [('enabled','=',True)]))
|
||||
try:
|
||||
registry = openerp.modules.registry.RegistryManager.get(dbname)
|
||||
with registry.cursor() as cr:
|
||||
providers = registry.get('auth.oauth.provider')
|
||||
l = providers.read(cr, SUPERUSER_ID, providers.search(cr, SUPERUSER_ID, [('enabled','=',True)]))
|
||||
except Exception:
|
||||
l = []
|
||||
return l
|
||||
|
||||
@openerpweb.httprequest
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
import logging
|
||||
|
||||
import urllib
|
||||
import urlparse
|
||||
import urllib2
|
||||
import simplejson
|
||||
|
||||
|
@ -20,8 +21,11 @@ class res_users(osv.Model):
|
|||
}
|
||||
|
||||
def auth_oauth_rpc(self, cr, uid, endpoint, access_token, context=None):
|
||||
params = urllib.urlencode({'access_token':access_token})
|
||||
url = endpoint + '?' + params
|
||||
params = urllib.urlencode({ 'access_token': access_token })
|
||||
if urlparse.urlparse(endpoint)[4]:
|
||||
url = endpoint + '&' + params
|
||||
else:
|
||||
url = endpoint + '?' + params
|
||||
f = urllib2.urlopen(url)
|
||||
response = f.read()
|
||||
return simplejson.loads(response)
|
||||
|
@ -38,26 +42,32 @@ class res_users(osv.Model):
|
|||
validation = self.auth_oauth_rpc(cr, uid, p.validation_endpoint, access_token)
|
||||
if validation.get("error"):
|
||||
raise openerp.exceptions.AccessDenied
|
||||
login = validation['email']
|
||||
if p.data_endpoint:
|
||||
data = self.auth_oauth_rpc(cr, uid, p.data_endpoint, access_token)
|
||||
validation.update(data)
|
||||
# required
|
||||
oauth_uid = validation['user_id']
|
||||
name = self.auth_oauth_rpc(cr, uid, p.data_endpoint, access_token)['name']
|
||||
|
||||
credentials = (cr.dbname, login, access_token)
|
||||
if not oauth_uid:
|
||||
raise openerp.exceptions.AccessDenied
|
||||
email = validation.get('email', 'provider_%d_user_%d' % (p.id, oauth_uid))
|
||||
# optional
|
||||
name = validation.get('name', email)
|
||||
res = self.search(cr, uid, [("oauth_uid", "=", oauth_uid)])
|
||||
if res:
|
||||
self.write(cr, uid, res[0], {'oauth_access_token':access_token})
|
||||
self.write(cr, uid, res[0], { 'oauth_access_token': access_token })
|
||||
else:
|
||||
# New user
|
||||
new_user = {
|
||||
'name': name,
|
||||
'login': login,
|
||||
'user_email': login,
|
||||
'oauth_provider_id': 1,
|
||||
'login': email,
|
||||
'user_email': email,
|
||||
'oauth_provider_id': p.id,
|
||||
'oauth_uid': oauth_uid,
|
||||
'oauth_access_token': access_token,
|
||||
'active': True,
|
||||
}
|
||||
self.auth_signup_create(cr, uid, new_user)
|
||||
credentials = (cr.dbname, email, access_token)
|
||||
return credentials
|
||||
|
||||
def check_credentials(self, cr, uid, password):
|
||||
|
|
|
@ -0,0 +1,35 @@
|
|||
.openerp .oe_application .zocial {
|
||||
font: white;
|
||||
}
|
||||
|
||||
.openerp .zocial.openerp:before {
|
||||
content: "\E02E";
|
||||
font-style: italic;
|
||||
text-shadow: 0 1px 1px black;
|
||||
}
|
||||
|
||||
.openerp a.zocial.openerp {
|
||||
float: right;
|
||||
border: 1px solid #222222;
|
||||
color: white;
|
||||
margin: 0;
|
||||
background-color: #b92020;
|
||||
background-image: -webkit-gradient(linear, left top, left bottom, from(#b92020), to(#600606));
|
||||
background-image: -webkit-linear-gradient(top, #b92020, #600606);
|
||||
background-image: -moz-linear-gradient(top, #b92020, #600606);
|
||||
background-image: -ms-linear-gradient(top, #b92020, #600606);
|
||||
background-image: -o-linear-gradient(top, #b92020, #600606);
|
||||
background-image: linear-gradient(to bottom, #b92020, #600606);
|
||||
-moz-border-radius: 4px;
|
||||
-webkit-border-radius: 4px;
|
||||
border-radius: 4px;
|
||||
-moz-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.1), 0 1px 1px rgba(155, 155, 155, 0.4) inset;
|
||||
-webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.1), 0 1px 1px rgba(155, 155, 155, 0.4) inset;
|
||||
box-shadow: 0 1px 2px rgba(0, 0, 0, 0.1), 0 1px 1px rgba(155, 155, 155, 0.4) inset;
|
||||
text-shadow: none;
|
||||
font-weight: normal;
|
||||
}
|
||||
|
||||
.openerp .oe_login .oe_oauth_provider_login_button {
|
||||
margin-top: 4px;
|
||||
}
|
|
@ -1,8 +1,9 @@
|
|||
openerp.auth_oauth = function(instance) {
|
||||
var QWeb = instance.web.qweb;
|
||||
|
||||
instance.web.Login = instance.web.Login.extend({
|
||||
instance.web.Login.include({
|
||||
start: function(parent, params) {
|
||||
var self = this;
|
||||
var d = this._super.apply(this, arguments);
|
||||
this.$el.on('click', 'a.zocial', this.on_oauth_sign_in);
|
||||
this.oauth_providers = [];
|
||||
|
@ -11,7 +12,13 @@ openerp.auth_oauth = function(instance) {
|
|||
} else if(this.params.oauth_error === 2) {
|
||||
this.do_warn("Authentication error","");
|
||||
}
|
||||
return d.then(this.do_oauth_load);
|
||||
return d.then(this.do_oauth_load).fail(function() {
|
||||
self.do_oauth_load([]);
|
||||
});
|
||||
},
|
||||
on_db_loaded: function(result) {
|
||||
this._super.apply(this, arguments);
|
||||
this.$("form [name=db]").change(this.do_oauth_load);
|
||||
},
|
||||
do_oauth_load: function() {
|
||||
var db = this.$("form [name=db]").val();
|
||||
|
@ -21,6 +28,7 @@ openerp.auth_oauth = function(instance) {
|
|||
},
|
||||
on_oauth_loaded: function(result) {
|
||||
this.oauth_providers = result;
|
||||
this.$('.oe_oauth_provider_login_button').remove();
|
||||
var buttons = QWeb.render("auth_oauth.Login.button",{"widget":this});
|
||||
this.$(".oe_login_pane form ul").after(buttons);
|
||||
},
|
||||
|
@ -33,7 +41,7 @@ openerp.auth_oauth = function(instance) {
|
|||
var state_object = {
|
||||
d: dbname,
|
||||
p: p.id
|
||||
}
|
||||
};
|
||||
var state = JSON.stringify(state_object);
|
||||
var params = {
|
||||
response_type: 'token',
|
||||
|
|
|
@ -2,8 +2,7 @@
|
|||
<templates id="template" xml:space="preserve">
|
||||
<t t-name="auth_oauth.Login.button">
|
||||
<t t-foreach="widget.oauth_providers" t-as="p">
|
||||
<a href="#" t-att-class="p.css_class" t-att-data-index="p_index"><t t-esc="p.body"/></a>
|
||||
<br/>
|
||||
<a href="#" t-attf-class="oe_oauth_provider_login_button #{p.css_class}" t-att-data-index="p_index"><t t-esc="p.body"/></a>
|
||||
</t>
|
||||
</t>
|
||||
</templates>
|
||||
|
|
Loading…
Reference in New Issue