CLE-1653 1.0.0

README.md

@@ -13,7 +13,8 @@ between the source/destiny of events, how these requests are authenticated and t
 - Python 3.7+
 - Django 2.2+
 - Django REST Framework 3.9.2+
-- Django OAuth Toolkit 1.3-1.4
+- Django OAuth Toolkit 2+
+- Pillow 7+
 
 ## Installation
 
@@ -143,4 +144,4 @@ See [Releases](https://github.com/yoyowallet/drf-integrations-framework/releases
 
 ## Authors
 DRF Integrations Framework is an original idea by [@jianyuan](https://github.com/jianyuan), developed and maintained by
-the platform team at [@yoyowallet](https://github.com/yoyowallet).
+the loyalty domain team at [@saltpay](https://github.com/saltpay).

drf_integrations/migrations/0006_auto_20230503_0716.py

@@ -0,0 +1,133 @@
+# Generated by Django 3.2.18 on 2023-05-03 07:16
+
+import django.db.models.deletion
+import oauth2_provider.generators
+import oauth2_provider.models
+import uuid
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.OAUTH2_PROVIDER_ID_TOKEN_MODEL),
+        ("drf_integrations", "0005_alter_applicationinstallation_id"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="IDToken",
+            fields=[
+                ("id", models.BigAutoField(primary_key=True, serialize=False)),
+                (
+                    "jti",
+                    models.UUIDField(
+                        default=uuid.uuid4,
+                        editable=False,
+                        unique=True,
+                        verbose_name="JWT Token ID",
+                    ),
+                ),
+                ("expires", models.DateTimeField()),
+                ("scope", models.TextField(blank=True)),
+                ("created", models.DateTimeField(auto_now_add=True)),
+                ("updated", models.DateTimeField(auto_now=True)),
+                (
+                    "application",
+                    models.ForeignKey(
+                        blank=True,
+                        null=True,
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to=settings.OAUTH2_PROVIDER_APPLICATION_MODEL,
+                    ),
+                ),
+                (
+                    "user",
+                    models.ForeignKey(
+                        blank=True,
+                        null=True,
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="drf_integrations_idtoken",
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
+            ],
+            options={
+                "abstract": False,
+                "swappable": "OAUTH2_PROVIDER_ID_TOKEN_MODEL",
+            },
+        ),
+        migrations.AddField(
+            model_name="accesstoken",
+            name="id_token",
+            field=models.OneToOneField(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                related_name="access_token",
+                to=settings.OAUTH2_PROVIDER_ID_TOKEN_MODEL,
+            ),
+        ),
+        migrations.AddField(
+            model_name="grant",
+            name="claims",
+            field=models.TextField(blank=True),
+        ),
+        migrations.AddField(
+            model_name="grant",
+            name="nonce",
+            field=models.CharField(blank=True, default="", max_length=255),
+        ),
+        migrations.AlterField(
+            model_name="grant",
+            name="redirect_uri",
+            field=models.TextField(),
+        ),
+        migrations.AlterField(
+            model_name="application",
+            name="authorization_grant_type",
+            field=models.CharField(
+                choices=[
+                    ("authorization-code", "Authorization code"),
+                    ("implicit", "Implicit"),
+                    ("password", "Resource owner password-based"),
+                    ("client-credentials", "Client credentials"),
+                    ("openid-hybrid", "OpenID connect hybrid"),
+                ],
+                max_length=32,
+            ),
+        ),
+        migrations.AlterField(
+            model_name="application",
+            name="client_secret",
+            field=oauth2_provider.models.ClientSecretField(
+                blank=True,
+                db_index=True,
+                default=oauth2_provider.generators.generate_client_secret,
+                help_text="Hashed on Save. Copy it now if this is a new secret.",
+                max_length=255,
+            ),
+        ),
+        migrations.AddField(
+            model_name="application",
+            name="post_logout_redirect_uris",
+            field=models.TextField(
+                blank=True, help_text="Allowed Post Logout URIs list, space separated"
+            ),
+        ),
+        migrations.AddField(
+            model_name="application",
+            name="algorithm",
+            field=models.CharField(
+                blank=True,
+                choices=[
+                    ("", "No OIDC support"),
+                    ("RS256", "RSA with SHA-2 256"),
+                    ("HS256", "HMAC with SHA-2 256"),
+                ],
+                default="",
+                max_length=5,
+            ),
+        ),
+    ]

drf_integrations/models.py

@@ -11,6 +11,7 @@
 from oauth2_provider.models import AbstractAccessToken as OAuthAbstractAccessToken
 from oauth2_provider.models import AbstractApplication as OAuthAbstractApplication
 from oauth2_provider.models import AbstractGrant as OAuthAbstractGrant
+from oauth2_provider.models import AbstractIDToken as OAuthAbstractIDToken
 from oauth2_provider.models import AbstractRefreshToken as OAuthAbstractRefreshToken
 from oauth2_provider.scopes import get_scopes_backend
 from oauth2_provider.settings import oauth2_settings
@@ -261,6 +262,16 @@ class Meta(AbstractGrant.Meta):
         swappable = "OAUTH2_PROVIDER_GRANT_MODEL"
 
 
+class AbstractIDToken(OAuthAbstractIDToken):
+    class Meta(OAuthAbstractIDToken.Meta):
+        abstract = True
+
+
+class IDToken(AbstractIDToken):
+    class Meta(AbstractGrant.Meta):
+        swappable = "OAUTH2_PROVIDER_ID_TOKEN_MODEL"
+
+
 def _get_application_installation_class():
     class _AbstractApplicationInstallation(models.Model):
         class Meta:

example/pyproject.toml

@@ -0,0 +1,16 @@
+[tool.poetry]
+name = "example"
+version = "0.1.0"
+description = ""
+authors = ["Your Name <[email protected]>"]
+readme = "README.md"
+
+[tool.poetry.dependencies]
+python = "^3.7"
+mixpanel = "4.5.0"
+psycopg2-binary = "2.9.6"
+
+
+[build-system]
+requires = ["poetry-core"]
+build-backend = "poetry.core.masonry.api"

example/settings.py

@@ -146,6 +146,7 @@
 OAUTH2_PROVIDER_ACCESS_TOKEN_MODEL = "drf_integrations.AccessToken"
 OAUTH2_PROVIDER_GRANT_MODEL = "drf_integrations.Grant"
 OAUTH2_PROVIDER_REFRESH_TOKEN_MODEL = "drf_integrations.RefreshToken"
+OAUTH2_PROVIDER_ID_TOKEN_MODEL = "drf_integrations.IDToken"
 
 INTEGRATIONS_APPLICATION_INSTALLATION_MODEL = "drf_integrations.ApplicationInstallation"
 INTEGRATIONS_APPLICATION_INSTALLATION_INSTALL_ATTRIBUTE = "target_id"