Produits Entr'ouvert » Hobo

# hobo - portal to configure and deploy applications

# Copyright (C) 2015-2019  Entr'ouvert

#

# This program is free software: you can redistribute it and/or modify it

# under the terms of the GNU Affero General Public License as published

# by the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU Affero General Public License for more details.

#

# You should have received a copy of the GNU Affero General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

from django import forms

from django.utils.translation import ugettext_lazy as _

class SettingsForm(forms.Form):

    platform = forms.ChoiceField(

        label=_('Platform'),

        choices=[

            ('prod', _('Production')),

            ('test', _('Integration')),

        ],

    )

    client_id = forms.CharField(

        label=_('Client ID'),

        help_text=_(

            'See <a href="https://partenaires.franceconnect.gouv.fr/fcp/fournisseur-service">'

            'FranceConnect partners site</a> for getting client ID and secret.'

        ),

        widget=forms.TextInput(attrs={'size': 64}),

    )

    client_secret = forms.CharField(label=_('Client Secret'), widget=forms.TextInput(attrs={'size': 64}))

    scopes = forms.MultipleChoiceField(

        label=_('Scopes'),

        choices=[

            ('given_name', _('given name (given_name)')),

            ('gender', _('gender (gender)')),

            ('birthdate', _('birthdate (birthdate)')),

            ('birthcountry', _('birthcountry (birthcountry)')),

            ('birthplace', _('birthplace (birthplace)')),

            ('family_name', _('family name (family_name)')),

            ('email', _('email (email)')),

            ('preferred_username', _('usual family name (preferred_username)')),

            ('address', _('address (address)')),

            ('phone', _('phone (phone)')),

            ('identite_pivot', _('identite_pivot (identite_pivot)')),

            ('profile', _('profile (profile)')),

            ('birth', _('birth profile (birth)')),

        ],

        widget=forms.CheckboxSelectMultiple,

        help_text=_('These scopes will be requested in addition to openid'),

    )

class EnableForm(forms.Form):

    pass

{% extends "hobo/franceconnect_home.html" %}

{% load i18n %}

{% block appbar %}

  <h2>FranceConnect</h2>

{% endblock %}

{% block content %}

<form method="post">

{% csrf_token %}

<p>

{% trans "Are you sure you want to disable FranceConnect support?" %}

{{ form.as_p }}

<div class="buttons">

<button class="submit-button">{% trans "Disable" %}</button>

<a class="cancel" href="{% url 'franceconnect-home' %}">{% trans "Cancel" %}</a>

</div>

</form>

{% endblock %}

{% extends "hobo/franceconnect_home.html" %}

{% load i18n %}

{% block appbar %}

  <h2>FranceConnect</h2>

{% endblock %}

{% block content %}

<form method="post">

{% csrf_token %}

<p>

{% trans "Are you sure you want to enable FranceConnect support?" %}

{{ form.as_p }}

<div class="buttons">

<button class="submit-button">{% trans "Enable" %}</button>

<a class="cancel" href="{% url 'franceconnect-home' %}">{% trans "Cancel" %}</a>

</div>

</form>

{% endblock %}

  {% if enabled %}

  <span class="actions">

  <a rel="popup" href="{% url 'franceconnect-disable' %}">{% trans 'Disable' %}</a>

  </span>

  {% endif %}

<div class="infonotice">

  {% blocktrans %}

  FranceConnect is the solution proposed by the French state to streamline

  logging in online services.

 {% endblocktrans %}

{% if not enabled %}

<p>

 {% trans "Support is currently disabled." %}

</p>

<p>

 <a class="button" rel="popup" href="{% url 'franceconnect-enable' %}">{% trans 'Enable' %}</a>

</p>

{% else %}

<form method="post">

{% csrf_token %}

{{ form.as_p }}

<div class="buttons">

<button class="submit-button">{% trans "Save" %}</button>

</div>

</form>

{% endif %}

    url(r'^enable$', views.enable, name='franceconnect-enable'),

    url(r'^disable$', views.disable, name='franceconnect-disable'),

import json

from django.urls import reverse_lazy

from django.views.generic import FormView

from hobo.environment.models import Authentic

from hobo.environment.utils import get_setting_variable

from .forms import EnableForm, SettingsForm

def get_variable(setting_name):

    return get_setting_variable(setting_name, service=Authentic.objects.get(secondary=False))

PLATFORMS = {

    'test': {

        'A2_FC_AUTHORIZE_URL': 'https://fcp.integ01.dev-franceconnect.fr/api/v1/authorize',

        'A2_FC_TOKEN_URL': 'https://fcp.integ01.dev-franceconnect.fr/api/v1/token',

        'A2_FC_USERINFO_URL': 'https://fcp.integ01.dev-franceconnect.fr/api/v1/userinfo',

        'A2_FC_LOGOUT_URL': 'https://fcp.integ01.dev-franceconnect.fr/api/v1/logout',

    },

    'prod': {

        'A2_FC_AUTHORIZE_URL': 'https://app.franceconnect.gouv.fr/api/v1/authorize',

        'A2_FC_TOKEN_URL': 'https://app.franceconnect.gouv.fr/api/v1/token',

        'A2_FC_USERINFO_URL': 'https://app.franceconnect.gouv.fr/api/v1/userinfo',

        'A2_FC_LOGOUT_URL': 'https://app.franceconnect.gouv.fr/api/v1/logout',

    },

}

class HomeView(FormView):

    form_class = SettingsForm

    success_url = reverse_lazy('franceconnect-home')

    def get_initial(self):

        initial = super(HomeView, self).get_initial()

        authorize_url = get_variable('A2_FC_AUTHORIZE_URL').value

        if authorize_url == 'https://fcp.integ01.dev-franceconnect.fr/api/v1/authorize':

            initial['platform'] = 'test'

        elif authorize_url == 'https://app.franceconnect.gouv.fr/api/v1/authorize':

            initial['platform'] = 'prod'

        initial['client_id'] = get_variable('A2_FC_CLIENT_ID').value

        initial['client_secret'] = get_variable('A2_FC_CLIENT_SECRET').value

        initial['scopes'] = get_variable('A2_FC_SCOPES').json or ['profile', 'email']

        return initial

    def form_valid(self, form):

        for key, value in PLATFORMS[form.cleaned_data['platform']].items():

            variable = get_variable(key)

            variable.value = value

            variable.save()

        variable = get_variable('A2_FC_CLIENT_ID')

        variable.value = form.cleaned_data['client_id']

        variable.save()

        variable = get_variable('A2_FC_CLIENT_SECRET')

        variable.value = form.cleaned_data['client_secret']

        variable.save()

        variable = get_variable('A2_FC_VERIFY_CERTIFICATE')

        variable.value = 'true'

        variable.save()

        variable = get_variable('A2_FC_USER_INFO_MAPPINGS')

        variable.value = json.dumps(

            {

                'last_name': {

                    'ref': 'family_name',

                    'verified': True,

                },

                'first_name': {

                    'ref': 'given_name',

                    'verified': True,

                },

                'title': {

                    'ref': 'gender',

                    'translation': 'simple',

                    'translation_simple': {

                        'male': 'Monsieur',

                        'female': 'Madame',

                    },

                    'verified': True,

                },

                'email': 'email',

            }

        )

        variable.save()

        variable = get_variable('A2_FC_SCOPES')

        variable.json = form.cleaned_data['scopes']

        variable.save()

        return super(HomeView, self).form_valid(form)

    def get_context_data(self, **kwargs):

        context = super(HomeView, self).get_context_data(**kwargs)

        context['enabled'] = bool(get_variable('A2_FC_ENABLE').json)

        return context

class EnableView(FormView):

    form_class = EnableForm

    template_name = 'hobo/franceconnect_enable.html'

    success_url = reverse_lazy('franceconnect-home')

    def form_valid(self, form):

        variable = get_variable('A2_FC_ENABLE')

        variable.value = 'true'

        variable.save()

        return super(EnableView, self).form_valid(form)

enable = EnableView.as_view()

class DisableView(FormView):

    form_class = EnableForm

    template_name = 'hobo/franceconnect_disable.html'

    success_url = reverse_lazy('franceconnect-home')

    def form_valid(self, form):

        variable = get_variable('A2_FC_ENABLE')

        variable.value = 'false'

        variable.save()

        return super(DisableView, self).form_valid(form)

disable = DisableView.as_view()

# hobo - portal to configure and deploy applications

# Copyright (C) 2015-2019  Entr'ouvert

#

# This program is free software: you can redistribute it and/or modify it

# under the terms of the GNU Affero General Public License as published

# by the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU Affero General Public License for more details.

#

# You should have received a copy of the GNU Affero General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

from test_manager import login

from hobo.environment.models import Authentic, Variable

from hobo.franceconnect.views import PLATFORMS

def test_franceconnect(app, admin_user):

    Authentic.objects.create(title='bar', slug='bar', base_url='http://bar.example.net')

    login(app)

    assert Variable.objects.filter(name__startswith='SETTING_A2_FC').count() == 0

    response = app.get('/franceconnect/')

    assert Variable.objects.filter(name__startswith='SETTING_A2_FC').count() == 0

    assert Variable.objects.filter(name__startswith='SETTING_A2_FC_ENABLE', value='true').count() == 0

    response = response.click('Enable')

    assert Variable.objects.filter(name__startswith='SETTING_A2_FC').count() == 0

    assert Variable.objects.filter(name__startswith='SETTING_A2_FC_ENABLE', value='true').count() == 0

    response = response.form.submit().follow()

    assert Variable.objects.filter(name__startswith='SETTING_A2_FC').count() == 1

    assert Variable.objects.filter(name__startswith='SETTING_A2_FC_ENABLE', value='true').count() == 1

    response.form.set('platform', 'prod')

    response.form.set('client_id', 'xyz')

    response.form.set('client_secret', '1234')

    response = response.form.submit().follow()

    assert Variable.objects.filter(name__startswith='SETTING_A2_FC').count() == 10

    for key, value in PLATFORMS['prod'].items():

        assert Variable.objects.filter(name='SETTING_' + key, value=value).count() == 1

    assert Variable.objects.get(name='SETTING_A2_FC_USER_INFO_MAPPINGS').json == {

        "last_name": {"ref": "family_name", "verified": True},

        "first_name": {

            "ref": "given_name",

            "verified": True,

        },

        "title": {

            "ref": "gender",

            "translation": "simple",

            "translation_simple": {"male": "Monsieur", "female": "Madame"},

            "verified": True,

        },

        "email": "email",

    }

-