From aa4c5be520939d1e5f45015033a03981477b966a Mon Sep 17 00:00:00 2001
From: Sawyer Bergeron <sbergeron@iol.unh.edu>
Date: Tue, 11 Aug 2020 19:14:42 +0000
Subject: Revert "Revert "Enable OpenID""

This reverts commit 57d1635845df4a8b045805b66e8fbec5010ce97f.

Reason for revert: <INSERT REASONING HERE>


Change-Id: I18b59409bc5b89ac5b82f767e7af52c43ae668b8
Signed-off-by: Sawyer Bergeron <sbergeron@iol.unh.edu>
---
 src/account/views.py                         | 15 +++++++++++++++
 src/laas_dashboard/settings.py               | 17 ++++++++++++++++-
 src/laas_dashboard/urls.py                   |  3 ++-
 src/templates/akraino/base.html              | 20 ++++++++++++++++++++
 src/templates/akraino/dashboard/landing.html |  7 +++++++
 src/templates/base/base.html                 |  2 ++
 src/templates/base/dashboard/landing.html    |  2 ++
 7 files changed, 64 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/account/views.py b/src/account/views.py
index d11a199..d0cfb22 100644
--- a/src/account/views.py
+++ b/src/account/views.py
@@ -28,6 +28,7 @@ from django.views.generic import RedirectView, TemplateView, UpdateView
 from django.shortcuts import render
 from jira import JIRA
 from rest_framework.authtoken.models import Token
+from mozilla_django_oidc.auth import OIDCAuthenticationBackend
 
 
 from account.forms import AccountSettingsForm
@@ -58,6 +59,20 @@ class AccountSettingsView(UpdateView):
         return context
 
 
+class MyOIDCAB(OIDCAuthenticationBackend):
+    def filter_users_by_claims(self, claims):
+        email = claims.get(email=email)
+        if not email:
+            return self.UserModel.objects.none()
+
+        try:
+            profile = Profile.objects.get(email=email)
+            return profile.user
+
+        except Profile.DoesNotExist:
+            return self.UserModel.objects.none()
+
+
 class JiraLoginView(RedirectView):
     def get_redirect_url(self, *args, **kwargs):
         consumer = oauth.Consumer(settings.OAUTH_CONSUMER_KEY, settings.OAUTH_CONSUMER_SECRET)
diff --git a/src/laas_dashboard/settings.py b/src/laas_dashboard/settings.py
index 86778c1..92f763f 100644
--- a/src/laas_dashboard/settings.py
+++ b/src/laas_dashboard/settings.py
@@ -31,6 +31,7 @@ INSTALLED_APPS = [
     'analytics',
     'django.contrib.admin',
     'django.contrib.auth',
+    'mozilla_django_oidc',  # needs to be defined after auth
     'django.contrib.contenttypes',
     'django.contrib.sessions',
     'django.contrib.messages',
@@ -38,7 +39,7 @@ INSTALLED_APPS = [
     'django.contrib.humanize',
     'bootstrap4',
     'rest_framework',
-    'rest_framework.authtoken'
+    'rest_framework.authtoken',
 ]
 
 MIDDLEWARE = [
@@ -52,6 +53,20 @@ MIDDLEWARE = [
     'account.middleware.TimezoneMiddleware',
 ]
 
+AUTHENTICATION_BACKENDS = ['account.views.MyOIDCAB']
+
+
+# OpenID Authentications
+OIDC_RP_CLIENT_ID = os.environ['OIDC_CLIENT_ID']
+OIDC_RP_CLIENT_SECRET = os.environ['OIDC_CLIENT_SECRET']
+
+OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ['OIDC_AUTHORIZATION_ENDPOINT']
+OIDC_OP_TOKEN_ENDPOINT = os.environ['OIDC_TOKEN_ENDPOINT']
+OIDC_OP_USER_ENDPOINT = os.environ['OIDC_USER_ENDPOINT']
+
+LOGIN_REDIRECT_URL = os.environ['DASHBOARD_URL']
+LOGOUT_REDIRECT_URL = os.environ['DASHBOARD_URL']
+
 ROOT_URLCONF = 'laas_dashboard.urls'
 
 TEMPLATE_OVERRIDE = os.environ.get("TEMPLATE_OVERRIDE_DIR", "")  # the user's custom template dir
diff --git a/src/laas_dashboard/urls.py b/src/laas_dashboard/urls.py
index 17cbe84..7a37d7e 100644
--- a/src/laas_dashboard/urls.py
+++ b/src/laas_dashboard/urls.py
@@ -41,7 +41,8 @@ urlpatterns = [
     url(r'^admin/', admin.site.urls),
     url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')),
     url(r'^api/', include('api.urls')),
-    url(r'^messages/', include('notifier.urls', namespace='notifier'))
+    url(r'^messages/', include('notifier.urls', namespace='notifier')),
+    url(r'^oidc/', include('mozilla_django_oidc.urls')),
 ]
 
 if settings.DEBUG is True:
diff --git a/src/templates/akraino/base.html b/src/templates/akraino/base.html
index 1368476..b93dcd2 100644
--- a/src/templates/akraino/base.html
+++ b/src/templates/akraino/base.html
@@ -22,3 +22,23 @@
 {% endblock logo %}
 {% block dropDown %}
 {% endblock dropDown %}
+
+{% block login %}
+    <div class="dropdown-menu dropdown-menu-right">
+        {% if user.is_authenticated %}
+        <a href="{% url 'account:settings' %}" class="text-dark dropdown-item">
+            <i class="fas fa-cog"></i>
+                Settings
+        </a>
+        <a href="{% url 'oidc_logout' %}" class="text-dark dropdown-item">
+            <i class="fas fa-sign-out-alt"></i>
+                Logout
+        </a>
+        {% else %}
+        <a href="{% url 'oidc_authentication_init' %}" class="text-dark dropdown-item">
+            <i class="fas fa-sign-in-alt"></i>
+                Login with LFID
+        </a>
+        {% endif %}
+    </div>
+{% endblock login %}
\ No newline at end of file
diff --git a/src/templates/akraino/dashboard/landing.html b/src/templates/akraino/dashboard/landing.html
index d7f434b..39eebb6 100644
--- a/src/templates/akraino/dashboard/landing.html
+++ b/src/templates/akraino/dashboard/landing.html
@@ -18,5 +18,12 @@
 <p>To get started, book a pod below:</p>
 <a class="btn btnAkr btn-lg d-flex flex-column justify-content-center align-content-center border text-white p-4" href="/booking/quick/">Book a Pod</a>
 {% endblock btnGrp %}
+
+{% block biglogin %}
+<h4 class="text-center">
+    To get started, please log in with <a href="{% url 'oidc_authentication_init' %}"> Linux Foundation ID</a>
+</h4>
+{% endblock biglogin %}
+
 {% block returningUsers %}
 {% endblock returningUsers %}
diff --git a/src/templates/base/base.html b/src/templates/base/base.html
index cc6d38d..f86cff8 100644
--- a/src/templates/base/base.html
+++ b/src/templates/base/base.html
@@ -44,6 +44,7 @@
                             {% endif %}
                             <i class="fas fa-caret-down rotate"></i>
                         </a>
+                        {% block login %}
                         <div class="dropdown-menu dropdown-menu-right">
                             {% if user.is_authenticated %}
                                 <a href="{% url 'account:settings' %}" class="text-dark dropdown-item">
@@ -61,6 +62,7 @@
                                 </a>
                             {% endif %}
                         </div>
+                        {% endblock login %}
                     </li>
                 </ul>
             </div>
diff --git a/src/templates/base/dashboard/landing.html b/src/templates/base/dashboard/landing.html
index ecb12c6..3291606 100644
--- a/src/templates/base/dashboard/landing.html
+++ b/src/templates/base/dashboard/landing.html
@@ -43,9 +43,11 @@
     <div class="col-12 col-lg-6 mb-4">
         <h2 class="border-bottom">Get Started</h2>
         {% if request.user.is_anonymous %}
+        {% block biglogin %}
         <h4 class="text-center">
             To get started, please log in with your <a href="/accounts/login">Linux Foundation Jira account</a>
         </h4>
+        {% endblock biglogin %}
         {% else %}
         {% block btnGrp %}
         <p>To get started, book a server below:</p>
-- 
cgit 1.2.3-korg