├── OAuth20Server ├── __init__.py ├── __pycache__ │ ├── __init__.cpython-39.pyc │ ├── settings.cpython-39.pyc │ ├── urls.cpython-39.pyc │ └── wsgi.cpython-39.pyc ├── asgi.py ├── oauth2_validators.py ├── settings.py ├── urls.py └── wsgi.py ├── manage.py └── templates ├── base.html └── registration └── login.html /OAuth20Server/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tatiansa/OAuthServer/1e3cb03d0b2af75f41ac48470a3b2f598042cb80/OAuth20Server/__init__.py -------------------------------------------------------------------------------- /OAuth20Server/__pycache__/__init__.cpython-39.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tatiansa/OAuthServer/1e3cb03d0b2af75f41ac48470a3b2f598042cb80/OAuth20Server/__pycache__/__init__.cpython-39.pyc -------------------------------------------------------------------------------- /OAuth20Server/__pycache__/settings.cpython-39.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tatiansa/OAuthServer/1e3cb03d0b2af75f41ac48470a3b2f598042cb80/OAuth20Server/__pycache__/settings.cpython-39.pyc -------------------------------------------------------------------------------- /OAuth20Server/__pycache__/urls.cpython-39.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tatiansa/OAuthServer/1e3cb03d0b2af75f41ac48470a3b2f598042cb80/OAuth20Server/__pycache__/urls.cpython-39.pyc -------------------------------------------------------------------------------- /OAuth20Server/__pycache__/wsgi.cpython-39.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tatiansa/OAuthServer/1e3cb03d0b2af75f41ac48470a3b2f598042cb80/OAuth20Server/__pycache__/wsgi.cpython-39.pyc -------------------------------------------------------------------------------- /OAuth20Server/asgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | ASGI config for OAuth20Server project. 3 | 4 | It exposes the ASGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/4.1/howto/deployment/asgi/ 8 | """ 9 | 10 | import os 11 | 12 | from django.core.asgi import get_asgi_application 13 | 14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'OAuth20Server.settings') 15 | 16 | application = get_asgi_application() 17 | -------------------------------------------------------------------------------- /OAuth20Server/oauth2_validators.py: -------------------------------------------------------------------------------- 1 | from oauth2_provider.oauth2_validators import OAuth2Validator 2 | 3 | 4 | class CustomOAuth2Validator(OAuth2Validator): 5 | pass 6 | # Set `oidc_claim_scope = None` to ignore scopes that limit which claims to return, 7 | # otherwise the OIDC standard scopes are used. 8 | # oidc_claim_scope = None 9 | 10 | # def get_additional_claims(self, request): 11 | # return { 12 | # "given_name": request.user.first_name, 13 | # "family_name": request.user.last_name, 14 | # "name": ' '.join([request.user.first_name, request.user.last_name]), 15 | # "preferred_username": request.user.username, 16 | # "email": request.user.email, 17 | # } 18 | -------------------------------------------------------------------------------- /OAuth20Server/settings.py: -------------------------------------------------------------------------------- 1 | """ 2 | Django settings for OAuth20Server project. 3 | 4 | Generated by 'django-admin startproject' using Django 4.1.3. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/4.1/topics/settings/ 8 | 9 | For the full list of settings and their values, see 10 | https://docs.djangoproject.com/en/4.1/ref/settings/ 11 | """ 12 | import base64 13 | import os 14 | from pathlib import Path 15 | 16 | # Build paths inside the project like this: BASE_DIR / 'subdir'. 17 | BASE_DIR = Path(__file__).resolve().parent.parent 18 | 19 | 20 | # Quick-start development settings - unsuitable for production 21 | # See https://docs.djangoproject.com/en/4.1/howto/deployment/checklist/ 22 | 23 | # SECURITY WARNING: keep the secret key used in production secret! 24 | SECRET_KEY = 'django-insecure-%xw4t*tob&t#@!$r45ra56ftc%qe(d+#1vvw+$&t-(1_z916)&' 25 | 26 | # SECURITY WARNING: don't run with debug turned on in production! 27 | DEBUG = True 28 | 29 | ALLOWED_HOSTS = [] 30 | 31 | 32 | # Application definition 33 | 34 | INSTALLED_APPS = [ 35 | 'oauth2_provider', 36 | 'sslserver', 37 | 'django.contrib.admin', 38 | 'django.contrib.auth', 39 | 'django.contrib.contenttypes', 40 | 'django.contrib.sessions', 41 | 'django.contrib.messages', 42 | 'django.contrib.staticfiles', 43 | 'corsheaders', 44 | ] 45 | 46 | MIDDLEWARE = [ 47 | 'django.middleware.security.SecurityMiddleware', 48 | 'django.contrib.sessions.middleware.SessionMiddleware', 49 | 'corsheaders.middleware.CorsMiddleware', 50 | # 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', 51 | 'oauth2_provider.middleware.OAuth2TokenMiddleware', 52 | 'django.middleware.common.CommonMiddleware', 53 | 'django.middleware.csrf.CsrfViewMiddleware', 54 | 'django.contrib.auth.middleware.AuthenticationMiddleware', 55 | 'django.contrib.messages.middleware.MessageMiddleware', 56 | 'django.middleware.clickjacking.XFrameOptionsMiddleware', 57 | ] 58 | 59 | ROOT_URLCONF = 'OAuth20Server.urls' 60 | CORS_ORIGIN_ALLOW_ALL = True 61 | 62 | TEMPLATES = [ 63 | { 64 | 'BACKEND': 'django.template.backends.django.DjangoTemplates', 65 | 'DIRS': [os.path.join(BASE_DIR, 'templates')], 66 | 'APP_DIRS': True, 67 | 'OPTIONS': { 68 | 'context_processors': [ 69 | 'django.template.context_processors.debug', 70 | 'django.template.context_processors.request', 71 | 'django.contrib.auth.context_processors.auth', 72 | 'django.contrib.messages.context_processors.messages', 73 | ], 74 | }, 75 | }, 76 | ] 77 | 78 | WSGI_APPLICATION = 'OAuth20Server.wsgi.application' 79 | LOGIN_URL = '/admin/login/' 80 | 81 | # Database 82 | # https://docs.djangoproject.com/en/4.1/ref/settings/#databases 83 | 84 | DATABASES = { 85 | 'default': { 86 | 'ENGINE': 'django.db.backends.postgresql', 87 | 'NAME': 'OAuth20Db', 88 | 'USER': 'a2', 89 | 'PASSWORD': '32167', 90 | 'HOST': 'localhost', 91 | # 'PORT': '', 92 | } 93 | } 94 | 95 | 96 | # Password validation 97 | # https://docs.djangoproject.com/en/4.1/ref/settings/#auth-password-validators 98 | 99 | AUTH_PASSWORD_VALIDATORS = [ 100 | { 101 | 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', 102 | }, 103 | { 104 | 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', 105 | }, 106 | { 107 | 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', 108 | }, 109 | { 110 | 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', 111 | }, 112 | ] 113 | 114 | 115 | # Internationalization 116 | # https://docs.djangoproject.com/en/4.1/topics/i18n/ 117 | 118 | LANGUAGE_CODE = 'en-us' 119 | 120 | TIME_ZONE = 'UTC' 121 | 122 | USE_I18N = True 123 | 124 | USE_TZ = True 125 | 126 | 127 | # Static files (CSS, JavaScript, Images) 128 | # https://docs.djangoproject.com/en/4.1/howto/static-files/ 129 | 130 | STATIC_URL = 'static/' 131 | 132 | # Default primary key field type 133 | # https://docs.djangoproject.com/en/4.1/ref/settings/#default-auto-field 134 | 135 | DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' 136 | 137 | OAUTH2_PROVIDER = { 138 | "ACCESS_TOKEN_EXPIRE_SECONDS": 10800, 139 | "OAUTH2_VALIDATOR_CLASS": "OAuth20Server.oauth2_validators.CustomOAuth2Validator", 140 | "OIDC_ENABLED": True, 141 | "PKCE_REQUIRED": False, 142 | "OIDC_RSA_PRIVATE_KEY": """-----BEGIN RSA PRIVATE KEY----- 143 | MIICXQIBAAKBgQDQ9hvsUOjRzLiRydUut2LxMvHjaAx3wX0BrvtGpKX1rq3Quaa+ 144 | oLszkhzJCkZLx1iUAOpNH40tTxGZB0j7cEKS/QT3lhKeUOrNSkDpeUUljr+tlWTS 145 | kZVnWC/cLiEbkTkx09r8BqkUmfEQR2GtzO5gCyTz0++PSxUEtl+ovuOMHQIDAQAB 146 | AoGBAKagCUYYgn6BU5AVNGQrIb+Z0x514rM/29GS2ZXMRvYw0zNERv1tJ7mIwmFh 147 | Swq0LCLg0/SpuyatDShMkdrF+p7QK8ywyvdF6ssCGDS7icebAovAGbnqmc3170xL 148 | mLGvm5i/JBVcu5KYZmNyp66pxS+lt8lh2zhpiMHxL97hQHRVAkEA67895cqe99mI 149 | OSpJ7FtDE2BPteOM5j0KwoiW709wYusXDXuPryOU5qreMd8CysCuDHIB1aoB5mk1 150 | fogyrz6bywJBAOLpxd+ksd76Nkr62n4aNt9aknKJVJRMWiz7afimgUpyVV6ICmOJ 151 | yxnSvUyhNG3MXIX0SwxNrsxsnntA1hgcyrcCQQDakhL3bGb68IqmRZkINIz59/+v 152 | aewGw22ocy9NbV+Ltt9Gttq+zMSPILilkFhsVzyHeWRODzN3xu+8AtbLN8cFAkAK 153 | ZcHeZJKN8BMqzmHSo2reQy0wuGA6x2DebMrHTQHhommNAljPhNHcpg5sg3p+iX23 154 | 2aDSuICI93UvmqH0yuTzAkByfnW4xgjbbmhBwXvGRUT50/EFuAeD5FfdX6JbX6Zf 155 | 5oQrwnl3jv9eIW2hyNiJJq3UYd3iBUUoVof1dzeDW6As 156 | -----END RSA PRIVATE KEY----- 157 | """, 158 | # this is the list of available scopes 159 | 'SCOPES': { 160 | 'read': 'Read scope', 161 | 'write': 'Write scope', 162 | 'openid': "OpenID Connect scope", 163 | }, 164 | } 165 | pass 166 | -------------------------------------------------------------------------------- /OAuth20Server/urls.py: -------------------------------------------------------------------------------- 1 | """OAuth20Server URL Configuration 2 | 3 | The `urlpatterns` list routes URLs to views. For more information please see: 4 | https://docs.djangoproject.com/en/4.1/topics/http/urls/ 5 | Examples: 6 | Function views 7 | 1. Add an import: from my_app import views 8 | 2. Add a URL to urlpatterns: path('', views.home, name='home') 9 | Class-based views 10 | 1. Add an import: from other_app.views import Home 11 | 2. Add a URL to urlpatterns: path('', Home.as_view(), name='home') 12 | Including another URLconf 13 | 1. Import the include() function: from django.urls import include, path 14 | 2. Add a URL to urlpatterns: path('blog/', include('blog.urls')) 15 | """ 16 | from django.contrib import admin 17 | from django.urls import path, include 18 | 19 | urlpatterns = [ 20 | path('admin/', admin.site.urls), 21 | path("accounts/", include("django.contrib.auth.urls")), 22 | path('o/', include('oauth2_provider.urls', namespace='oauth2_provider')), 23 | ] 24 | -------------------------------------------------------------------------------- /OAuth20Server/wsgi.py: -------------------------------------------------------------------------------- 1 | """ 2 | WSGI config for OAuth20Server project. 3 | 4 | It exposes the WSGI callable as a module-level variable named ``application``. 5 | 6 | For more information on this file, see 7 | https://docs.djangoproject.com/en/4.1/howto/deployment/wsgi/ 8 | """ 9 | 10 | import os 11 | 12 | from django.core.wsgi import get_wsgi_application 13 | 14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'OAuth20Server.settings') 15 | 16 | application = get_wsgi_application() 17 | -------------------------------------------------------------------------------- /manage.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | """Django's command-line utility for administrative tasks.""" 3 | import os 4 | import sys 5 | 6 | 7 | def main(): 8 | """Run administrative tasks.""" 9 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'OAuth20Server.settings') 10 | try: 11 | from django.core.management import execute_from_command_line 12 | except ImportError as exc: 13 | raise ImportError( 14 | "Couldn't import Django. Are you sure it's installed and " 15 | "available on your PYTHONPATH environment variable? Did you " 16 | "forget to activate a virtual environment?" 17 | ) from exc 18 | execute_from_command_line(sys.argv) 19 | 20 | 21 | if __name__ == '__main__': 22 | main() 23 | -------------------------------------------------------------------------------- /templates/base.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | {% block title %}Django Auth Tutorial{% endblock %} 7 | 8 | 9 |
10 | {% block content %} 11 | {% endblock %} 12 |
13 | 14 | -------------------------------------------------------------------------------- /templates/registration/login.html: -------------------------------------------------------------------------------- 1 | {% extends "base.html" %} 2 | {% block content %} 3 | {% if form.errors %} 4 |

Your username and password didn't match. Please try again.

5 | {% endif %} 6 | {% if next %} 7 | {% if user.is_authenticated %} 8 |

Your account doesn't have access to this page. To proceed, 9 | please login with an account that has access.

10 | {% else %} 11 |

Please login to see this page.

12 | {% endif %} 13 | {% endif %} 14 |
15 | {% csrf_token %} 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 |
{{ form.username.label_tag }}{{ form.username }}
{{ form.password.label_tag }}{{ form.password }}
26 | 27 | 28 |
29 | {# Assumes you set up the password_reset view in your URLconf #} 30 |

Lost password?

31 | {% endblock %} --------------------------------------------------------------------------------