Mail

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/cilogon/provider.py

@@ -0,0 +1,56 @@
+from allauth.account.models import EmailAddress
+from allauth.socialaccount.app_settings import QUERY_EMAIL
+from allauth.socialaccount.providers.base import AuthAction, ProviderAccount
+from allauth.socialaccount.providers.oauth2.provider import OAuth2Provider
+
+
+class Scope(object):
+    OPENID = "openid"
+    EMAIL = "email"
+    PROFILE = "profile"
+    USERINFO = "org.cilogon.userinfo"
+
+
+class CILogonAccount(ProviderAccount):
+    def to_str(self):
+        dflt = super(CILogonAccount, self).to_str()
+        return self.account.extra_data.get("name", dflt)
+
+
+class CILogonProvider(OAuth2Provider):
+    id = "cilogon"
+    name = "CILogon"
+    account_class = CILogonAccount
+
+    def get_default_scope(self):
+        scope = [Scope.PROFILE, Scope.USERINFO, Scope.OPENID]
+        if QUERY_EMAIL:
+            scope.append(Scope.EMAIL)
+        return scope
+
+    def get_auth_params(self, request, action):
+        ret = super(CILogonProvider, self).get_auth_params(request, action)
+        if action == AuthAction.REAUTHENTICATE:
+            ret["prompt"] = "select_account consent"
+        return ret
+
+    def extract_uid(self, data):
+        return str(data.get("sub"))
+
+    def extract_common_fields(self, data):
+        return dict(
+            email=data.get("email"),
+            last_name=data.get("family_name"),
+            first_name=data.get("given_name"),
+            eppn=data.get("eppn"),
+        )
+
+    def extract_email_addresses(self, data):
+        ret = []
+        email = data.get("email")
+        if email and data.get("verified_email"):
+            ret.append(EmailAddress(email=email, verified=True, primary=True))
+        return ret
+
+
+provider_classes = [CILogonProvider]

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/cilogon/tests.py

@@ -0,0 +1,25 @@
+# -*- coding: utf-8 -*-
+from __future__ import absolute_import, unicode_literals
+
+from allauth.socialaccount.tests import OAuth2TestsMixin
+from allauth.tests import MockedResponse, TestCase
+
+from .provider import CILogonProvider
+
+
+class CILogonTests(OAuth2TestsMixin, TestCase):
+    provider_id = CILogonProvider.id
+
+    def get_mocked_response(self):
+        return MockedResponse(
+            200,
+            """
+        {
+            "email": "johndoe@example.edu",
+            "eppn": "u1234567@example.edu",
+            "firstname": "John",
+            "lastname": "Doe",
+            "idp_name": "Example University",
+            "sub": "http://cilogon.org/serverA/users/1234567"
+        }""",
+        )

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/cilogon/urls.py

@@ -0,0 +1,6 @@
+from allauth.socialaccount.providers.oauth2.urls import default_urlpatterns
+
+from .provider import CILogonProvider
+
+
+urlpatterns = default_urlpatterns(CILogonProvider)

venv/lib/python3.12/site-packages/allauth/socialaccount/providers/cilogon/views.py

@@ -0,0 +1,30 @@
+import requests
+
+from allauth.socialaccount.providers.oauth2.views import (
+    OAuth2Adapter,
+    OAuth2CallbackView,
+    OAuth2LoginView,
+)
+
+from .provider import CILogonProvider
+
+
+class CILogonOAuth2Adapter(OAuth2Adapter):
+    provider_id = CILogonProvider.id
+    access_token_url = "https://cilogon.org/oauth2/token"
+    authorize_url = "https://cilogon.org/authorize"
+    profile_url = "https://cilogon.org/oauth2/userinfo"
+
+    def complete_login(self, request, app, token, **kwargs):
+        resp = requests.get(
+            self.profile_url,
+            params={"access_token": token.token, "alt": "json"},
+        )
+        resp.raise_for_status()
+        extra_data = resp.json()
+        login = self.get_provider().sociallogin_from_response(request, extra_data)
+        return login
+
+
+oauth2_login = OAuth2LoginView.adapter_view(CILogonOAuth2Adapter)
+oauth2_callback = OAuth2CallbackView.adapter_view(CILogonOAuth2Adapter)