OpenID Connect OP support for customer accounts

2022-08-10 14:22:30 +02:00
parent 7f5518dbf6
commit a4171ef819
20 changed files with 1735 additions and 23 deletions
--- a/src/pretix/base/migrations/0220_auto_20220811_1002.py
+++ b/src/pretix/base/migrations/0220_auto_20220811_1002.py
@@ -0,0 +1,68 @@
+# Generated by Django 3.2.12 on 2022-08-11 10:02
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+import pretix.base.models.base
+import pretix.base.models.customers
+import pretix.base.models.fields
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('pretixbase', '0219_auto_20220706_0913'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='CustomerSSOClient',
+            fields=[
+                ('id', models.BigAutoField(primary_key=True, serialize=False)),
+                ('name', models.CharField(max_length=255)),
+                ('is_active', models.BooleanField(default=True)),
+                ('client_id', models.CharField(db_index=True, default=pretix.base.models.customers.generate_client_id, max_length=100, unique=True)),
+                ('client_secret', models.CharField(max_length=255)),
+                ('client_type', models.CharField(default='confidential', max_length=32)),
+                ('authorization_grant_type', models.CharField(default='authorization-code', max_length=32)),
+                ('redirect_uris', models.TextField()),
+                ('allowed_scopes', pretix.base.models.fields.MultiStringField(default=['openid', 'profile', 'email', 'phone'])),
+                ('organizer', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='sso_clients', to='pretixbase.organizer')),
+            ],
+            options={
+                'abstract': False,
+            },
+            bases=(models.Model, pretix.base.models.base.LoggingMixin),
+        ),
+        migrations.AlterField(
+            model_name='customer',
+            name='provider',
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, related_name='customers', to='pretixbase.customerssoprovider'),
+        ),
+        migrations.CreateModel(
+            name='CustomerSSOGrant',
+            fields=[
+                ('id', models.BigAutoField(primary_key=True, serialize=False)),
+                ('code', models.CharField(max_length=255, unique=True)),
+                ('nonce', models.CharField(max_length=255, null=True)),
+                ('auth_time', models.IntegerField()),
+                ('expires', models.DateTimeField()),
+                ('redirect_uri', models.TextField()),
+                ('scope', models.TextField()),
+                ('client', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='grants', to='pretixbase.customerssoclient')),
+                ('customer', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='sso_grants', to='pretixbase.customer')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='CustomerSSOAccessToken',
+            fields=[
+                ('id', models.BigAutoField(primary_key=True, serialize=False)),
+                ('from_code', models.CharField(max_length=255, null=True)),
+                ('token', models.CharField(max_length=255, unique=True)),
+                ('expires', models.DateTimeField()),
+                ('scope', models.TextField()),
+                ('client', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='access_tokens', to='pretixbase.customerssoclient')),
+                ('customer', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='sso_access_tokens', to='pretixbase.customer')),
+            ],
+        ),
+    ]