Bump django-oauth-toolkit to 2.2.* (#2985)

2026-05-05 15:14:04 +00:00 · 2022-12-19 12:26:45 +01:00
parent 60554dad9a
commit 15272cc3e6
6 changed files with 145 additions and 29 deletions
--- a/src/pretix/api/migrations/0009_auto_20221217_1847.py
+++ b/src/pretix/api/migrations/0009_auto_20221217_1847.py
@@ -0,0 +1,77 @@
+# Generated by Django 3.2.16 on 2022-12-17 18:47
+
+import uuid
+
+import django.db.models.deletion
+import oauth2_provider.generators
+import oauth2_provider.models
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('pretixbase', '0226_itemvariationmetavalue'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('pretixapi', '0008_webhookcallretry'),
+    ]
+    run_before = [
+        ('oauth2_provider', '0002_auto_20190406_1805'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='oauthapplication',
+            name='algorithm',
+            field=models.CharField(default='', max_length=5),
+        ),
+        migrations.AddField(
+            model_name='oauthgrant',
+            name='claims',
+            field=models.TextField(default=''),
+            preserve_default=False,
+        ),
+        migrations.AddField(
+            model_name='oauthgrant',
+            name='code_challenge',
+            field=models.CharField(default='', max_length=128),
+        ),
+        migrations.AddField(
+            model_name='oauthgrant',
+            name='code_challenge_method',
+            field=models.CharField(default='', max_length=10),
+        ),
+        migrations.AddField(
+            model_name='oauthgrant',
+            name='nonce',
+            field=models.CharField(default='', max_length=255),
+        ),
+        migrations.AlterField(
+            model_name='oauthapplication',
+            name='client_secret',
+            field=oauth2_provider.models.ClientSecretField(db_index=True, default=oauth2_provider.generators.generate_client_secret, max_length=255),
+        ),
+        migrations.CreateModel(
+            name='OAuthIDToken',
+            fields=[
+                ('id', models.BigAutoField(primary_key=True, serialize=False)),
+                ('jti', models.UUIDField(default=uuid.uuid4, unique=True)),
+                ('expires', models.DateTimeField()),
+                ('scope', models.TextField()),
+                ('created', models.DateTimeField(auto_now_add=True)),
+                ('updated', models.DateTimeField(auto_now=True)),
+                ('application', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.OAUTH2_PROVIDER_APPLICATION_MODEL)),
+                ('organizers', models.ManyToManyField(to='pretixbase.Organizer')),
+                ('user', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='pretixapi_oauthidtoken', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'abstract': False,
+            },
+        ),
+        migrations.AddField(
+            model_name='oauthaccesstoken',
+            name='id_token',
+            field=models.OneToOneField(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='access_token', to='pretixapi.oauthidtoken'),
+        ),
+    ]
--- a/src/pretix/api/models.py
+++ b/src/pretix/api/models.py
@@ -29,8 +29,8 @@ from oauth2_provider.generators import (
    generate_client_id, generate_client_secret,
 )
 from oauth2_provider.models import (
-    AbstractAccessToken, AbstractApplication, AbstractGrant,
-    AbstractRefreshToken,
+    AbstractAccessToken, AbstractApplication, AbstractGrant, AbstractIDToken,
+    AbstractRefreshToken, ClientSecretField,
 )
 from oauth2_provider.validators import URIValidator

@@ -46,7 +46,7 @@ class OAuthApplication(AbstractApplication):
        verbose_name=_("Client ID"),
        max_length=100, unique=True, default=generate_client_id, db_index=True
    )
-    client_secret = models.CharField(
+    client_secret = ClientSecretField(
        verbose_name=_("Client secret"),
        max_length=255, blank=False, default=generate_client_secret, db_index=True
    )
@@ -67,12 +67,26 @@ class OAuthGrant(AbstractGrant):
    redirect_uri = models.CharField(max_length=2500)  # Only 255 in AbstractGrant, which caused problems


+class OAuthIDToken(AbstractIDToken):
+    application = models.ForeignKey(
+        OAuthApplication, on_delete=models.CASCADE,
+    )
+    organizers = models.ManyToManyField('pretixbase.Organizer')
+
+
 class OAuthAccessToken(AbstractAccessToken):
    source_refresh_token = models.OneToOneField(
        # unique=True implied by the OneToOneField
        'OAuthRefreshToken', on_delete=models.SET_NULL, blank=True, null=True,
        related_name="refreshed_access_token"
    )
+    id_token = models.OneToOneField(
+        OAuthIDToken,
+        on_delete=models.CASCADE,
+        blank=True,
+        null=True,
+        related_name="access_token",
+    )
    application = models.ForeignKey(
        OAuthApplication, on_delete=models.CASCADE, blank=True, null=True,
    )