Skip to content

Commit

Permalink
Switch to oauth2 authentication (#697)
Browse files Browse the repository at this point in the history 
* Switch to oauth2 authentication

* Update ChangesetCommentAPI to use oauth2

* FIx comment api tests

* Update social-user's extra_data param in tests

* Update tests to oauth2 fields

* Fix client.post and token check
  • Loading branch information
@willemarcel
willemarcel authored May 30, 2024
1 parent 53e1ed1 commit 680789c
Show file tree
Hide file tree
Showing 21 changed files with 206 additions and 221 deletions.
14 changes: 8 additions & 6 deletions config/settings/common.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -254,14 +254,16 @@
SOCIAL_AUTH_DEFAULT_USERNAME = lambda u: slugify(u)
SOCIAL_AUTH_ASSOCIATE_BY_EMAIL = True

SOCIAL_AUTH_OPENSTREETMAP_KEY = env('OAUTH_OSM_KEY', default='')
SOCIAL_AUTH_OPENSTREETMAP_SECRET = env('OAUTH_OSM_SECRET', default='')
SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_KEY = env("OAUTH2_OSM_KEY", default="")
SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_SECRET = env("OAUTH2_OSM_SECRET", default="")
SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_SCOPE = ["read_prefs", "write_api"]
SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_USE_PKCE = False

# AUTHENTICATION CONFIGURATION
# ------------------------------------------------------------------------------
AUTHENTICATION_BACKENDS = (
'social_core.backends.openstreetmap.OpenStreetMapOAuth',
'django.contrib.auth.backends.ModelBackend',
"social_core.backends.openstreetmap_oauth2.OpenStreetMapOAuth2",
"django.contrib.auth.backends.ModelBackend",
)

SOCIAL_AUTH_PIPELINE = (
Expand Down Expand Up @@ -372,7 +374,7 @@
# in OSM website
OAUTH_REDIRECT_URI = env(
'OAUTH_REDIRECT_URI',
default='http://localhost:8000/oauth-landing.html'
default='http://127.0.0.1:3000/oauth-landing.html'
)

OSMCHA_URL = env('OSMCHA_URL', default='https://osmcha.org')
OSMCHA_URL = env('OSMCHA_URL', default='https://osmcha.org')
21 changes: 12 additions & 9 deletions osmchadjango/changeset/tasks.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
from django.db.utils import IntegrityError

import requests
from requests_oauthlib import OAuth1Session
from requests_oauthlib import OAuth2Session
from osmcha.changeset import Analyse, ChangesetList

from .models import Changeset, SuspicionReasons, Import
Expand Down Expand Up @@ -119,21 +119,24 @@ class ChangesetCommentAPI(object):

def __init__(self, user, changeset_id):
self.changeset_id = changeset_id
user_token = user.social_auth.all().first().access_token
self.client = OAuth1Session(
settings.SOCIAL_AUTH_OPENSTREETMAP_KEY,
client_secret=settings.SOCIAL_AUTH_OPENSTREETMAP_SECRET,
resource_owner_key=user_token["oauth_token"],
resource_owner_secret=user_token["oauth_token_secret"],
user_token = user.social_auth.all().first().extra_data
user_token['token_type'] = 'Bearer'
self.client = OAuth2Session(
settings.SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_KEY,
token=user_token,
)
self.url = "{}/api/0.6/changeset/{}/comment/".format(
settings.OSM_SERVER_URL, changeset_id
)

def post_comment(self, message=None):
"""Post comment to changeset."""
response = self.client.post(
self.url, data="text={}".format(quote(message)).encode("utf-8")
response = self.client.request(
'POST',
self.url,
data="text={}".format(quote(message)).encode("utf-8"),
client_id=settings.SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_KEY,
client_secret=settings.SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_SECRET
)
if response.status_code == 200:
print(
Expand Down
8 changes: 4 additions & 4 deletions osmchadjango/changeset/tests/test_add_feature_views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123'
)

Expand All @@ -41,7 +41,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.staff_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='443324'
)

Expand Down Expand Up @@ -327,7 +327,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.token = Token.objects.create(user=self.user)
Expand Down Expand Up @@ -370,7 +370,7 @@ def test_is_not_staff_user_request(self):
)
UserSocialAuth.objects.create(
user=user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='444444',
)
token = Token.objects.create(user=user)
Expand Down
52 changes: 23 additions & 29 deletions osmchadjango/changeset/tests/test_changeset_views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.url = reverse('changeset:list')
Expand Down Expand Up @@ -313,7 +313,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.client.login(username=self.user.username, password='password')
Expand Down Expand Up @@ -369,7 +369,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.client.login(username=self.user.username, password='password')
Expand Down Expand Up @@ -509,7 +509,7 @@ def test_authenticated_changeset_detail_response(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.client.login(username=self.user.username, password='password')
Expand All @@ -535,7 +535,7 @@ def test_changeset_detail_response_with_staff_user(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.client.login(username=self.user.username, password='password')
Expand Down Expand Up @@ -564,7 +564,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.admin_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.user = User.objects.create_user(
Expand All @@ -574,7 +574,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='234312',
)
self.reason_1 = SuspicionReasons.objects.create(name='possible import')
Expand Down Expand Up @@ -724,14 +724,11 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
extra_data={
'id': '123123',
'access_token': {
'oauth_token': 'aaaa',
'oauth_token_secret': 'bbbb'
}
'access_token': '1shjasgw'
}
)
self.tag_1 = TagFactory(name='Illegal import')
Expand Down Expand Up @@ -980,14 +977,11 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
extra_data={
'id': '123123',
'access_token': {
'oauth_token': 'aaaa',
'oauth_token_secret': 'bbbb'
}
'access_token': 'ajhsjhags'
}
)
self.suspect_changeset = SuspectChangesetFactory()
Expand Down Expand Up @@ -1072,7 +1066,7 @@ def test_staff_user_uncheck_any_changeset(self):
)
UserSocialAuth.objects.create(
user=staff_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='87873',
)
self.client.login(username=staff_user.username, password='password')
Expand Down Expand Up @@ -1101,7 +1095,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='999',
)
self.changeset_user = User.objects.create_user(
Expand All @@ -1111,7 +1105,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.changeset_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.changeset = ChangesetFactory()
Expand Down Expand Up @@ -1183,7 +1177,7 @@ def test_other_user_can_not_add_tag_to_checked_changeset(self):
)
UserSocialAuth.objects.create(
user=other_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='28763',
)
self.client.login(username=other_user.username, password='password')
Expand All @@ -1203,7 +1197,7 @@ def test_staff_user_add_tag_to_checked_changeset(self):
)
UserSocialAuth.objects.create(
user=staff_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='28763',
)
self.client.login(username=staff_user.username, password='password')
Expand All @@ -1224,7 +1218,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='999',
)
self.changeset_user = User.objects.create_user(
Expand All @@ -1234,7 +1228,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.changeset_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)
self.changeset = ChangesetFactory()
Expand Down Expand Up @@ -1298,7 +1292,7 @@ def test_other_user_can_not_remove_tag_to_checked_changeset(self):
)
UserSocialAuth.objects.create(
user=other_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='28763',
)
self.client.login(username=other_user.username, password='password')
Expand All @@ -1318,7 +1312,7 @@ def test_staff_user_remove_tag_to_checked_changeset(self):
)
UserSocialAuth.objects.create(
user=staff_user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='28763',
)
self.client.login(username=staff_user.username, password='password')
Expand All @@ -1341,7 +1335,7 @@ def setUp(self):
)
UserSocialAuth.objects.create(
user=self.user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='123123',
)

Expand Down Expand Up @@ -1390,7 +1384,7 @@ def test_set_good_by_staff_user(self):
)
UserSocialAuth.objects.create(
user=user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='8987',
)
self.client.login(username=user.username, password='password')
Expand All @@ -1411,7 +1405,7 @@ def test_set_harmful_by_staff_user(self):
)
UserSocialAuth.objects.create(
user=user,
provider='openstreetmap',
provider='openstreetmap-oauth2',
uid='8987',
)
self.client.login(username=user.username, password='password')
Expand Down
Loading

0 comments on commit 680789c

Please sign in to comment.