Upgraded oauth login from 1 to 2

Author: kshitijrajsharma

core/settings/base.py

@@ -123,7 +123,8 @@
 )
 
 AUTHENTICATION_BACKENDS = (
-    "social_core.backends.openstreetmap.OpenStreetMapOAuth",
+    # "social_core.backends.openstreetmap.OpenStreetMapOAuth",
+    "social_core.backends.openstreetmap_oauth2.OpenStreetMapOAuth2",
     "oauth2_provider.backends.OAuth2Backend",
     "social_core.backends.email.EmailAuth",
     "social_core.backends.username.UsernameAuth",

core/settings/contrib.py

@@ -8,58 +8,63 @@
 # Extra installed apps
 INSTALLED_APPS += (
     # any 3rd party apps
-    'rest_framework',
-    'rest_framework_gis',
-    'rest_framework.authtoken',
-    'social_django',
+    "rest_framework",
+    "rest_framework_gis",
+    "rest_framework.authtoken",
+    "social_django",
 )
 
 # 3rd party specific app settings
 OAUTH2_PROVIDER = {
-    'ACCESS_TOKEN_EXPIRE_SECONDS': 10 * 365 * 24 * 60 * 60,
+    "ACCESS_TOKEN_EXPIRE_SECONDS": 10 * 365 * 24 * 60 * 60,
 }
 
 REST_FRAMEWORK = {
-    'DEFAULT_FILTER_BACKENDS': ('rest_framework.filters.SearchFilter',
-                                'rest_framework.filters.OrderingFilter'),
-    'DEFAULT_AUTHENTICATION_CLASSES': ('rest_framework.authentication.TokenAuthentication',
-                                       'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
-                                       'rest_framework.authentication.SessionAuthentication',),
-    'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAuthenticated',),
-    'DEFAULT_RENDERER_CLASSES': (
-        'rest_framework.renderers.JSONRenderer',
-        'api.renderers.HOTExportApiRenderer',
+    "DEFAULT_FILTER_BACKENDS": (
+        "rest_framework.filters.SearchFilter",
+        "rest_framework.filters.OrderingFilter",
     ),
-    'DEFAULT_VERSIONING_CLASS': 'rest_framework.versioning.AcceptHeaderVersioning',
-    'DEFAULT_VERSION': '1.0',
-    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',
-    'PAGE_SIZE': 20
+    "DEFAULT_AUTHENTICATION_CLASSES": (
+        "rest_framework.authentication.TokenAuthentication",
+        "oauth2_provider.contrib.rest_framework.OAuth2Authentication",
+        "rest_framework.authentication.SessionAuthentication",
+    ),
+    "DEFAULT_PERMISSION_CLASSES": ("rest_framework.permissions.IsAuthenticated",),
+    "DEFAULT_RENDERER_CLASSES": (
+        "rest_framework.renderers.JSONRenderer",
+        "api.renderers.HOTExportApiRenderer",
+    ),
+    "DEFAULT_VERSIONING_CLASS": "rest_framework.versioning.AcceptHeaderVersioning",
+    "DEFAULT_VERSION": "1.0",
+    "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.LimitOffsetPagination",
+    "PAGE_SIZE": 20,
 }
 
+
 # OAuth login settings
-SOCIAL_AUTH_OPENSTREETMAP_LOGIN_URL = '/osm/login/'
-SOCIAL_AUTH_OPENSTREETMAP_KEY = os.getenv('OSM_API_KEY')
-SOCIAL_AUTH_OPENSTREETMAP_SECRET = os.getenv('OSM_API_SECRET')
-SOCIAL_AUTH_LOGIN_REDIRECT_URL = '/'
-SOCIAL_AUTH_LOGIN_ERROR_URL = '/osm/error'
-SOCIAL_AUTH_URL_NAMESPACE = 'osm'
-SOCIAL_AUTH_ADMIN_USER_SEARCH_FIELDS = ['username', 'first_name', 'email']
+SOCIAL_AUTH_OPENSTREETMAP_LOGIN_URL = "/osm/login/"
+SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_KEY = os.getenv("OSM_API_KEY")
+SOCIAL_AUTH_OPENSTREETMAP_OAUTH2_SECRET = os.getenv("OSM_API_SECRET")
+SOCIAL_AUTH_LOGIN_REDIRECT_URL = "/"
+SOCIAL_AUTH_LOGIN_ERROR_URL = "/osm/error"
+SOCIAL_AUTH_URL_NAMESPACE = "osm"
+SOCIAL_AUTH_ADMIN_USER_SEARCH_FIELDS = ["username", "first_name", "email"]
 SOCIAL_AUTH_FORCE_EMAIL_VALIDATION = True
-SOCIAL_AUTH_EMAIL_VALIDATION_FUNCTION = 'ui.pipeline.email_validation'
-SOCIAL_AUTH_EMAIL_VALIDATION_URL = '/osm/email_verify_sent/'
+SOCIAL_AUTH_EMAIL_VALIDATION_FUNCTION = "ui.pipeline.email_validation"
+SOCIAL_AUTH_EMAIL_VALIDATION_URL = "/osm/email_verify_sent/"
 
 SOCIAL_AUTH_PIPELINE = (
-    'social_core.pipeline.social_auth.social_details',
-    'social_core.pipeline.social_auth.social_uid',
-    'social_core.pipeline.social_auth.auth_allowed',
-    'social_core.pipeline.social_auth.social_user',
-    'social_core.pipeline.user.get_username',
-    'ui.pipeline.require_email',
-    'social_core.pipeline.mail.mail_validation',
-    'social_core.pipeline.social_auth.associate_by_email',
-    'social_core.pipeline.user.create_user',
-    'social_core.pipeline.social_auth.associate_user',
-    'social_core.pipeline.debug.debug',
-    'social_core.pipeline.social_auth.load_extra_data',
-    'social_core.pipeline.user.user_details'
+    "social_core.pipeline.social_auth.social_details",
+    "social_core.pipeline.social_auth.social_uid",
+    "social_core.pipeline.social_auth.auth_allowed",
+    "social_core.pipeline.social_auth.social_user",
+    "social_core.pipeline.user.get_username",
+    "ui.pipeline.require_email",
+    "social_core.pipeline.mail.mail_validation",
+    "social_core.pipeline.social_auth.associate_by_email",
+    "social_core.pipeline.user.create_user",
+    "social_core.pipeline.social_auth.associate_user",
+    "social_core.pipeline.debug.debug",
+    "social_core.pipeline.social_auth.load_extra_data",
+    "social_core.pipeline.user.user_details",
 )

requirements.txt

@@ -11,7 +11,7 @@ mercantile~=0.10.0
 psycopg2
 python3-openid==3.2.0
 social-auth-app-django==5.4.0
-social-auth-core==4.4.2
+social-auth-core==4.4.2 ### Upgrade this to include oauth2 
 pytz
 pyyaml>=5.3
 raven

ui/app/actions/meta.js

@@ -27,6 +27,7 @@ if (window.OAUTH_CLIENT_ID == null) {
 }
 
 const oauthConfig = {
+  // url: window.EXPORTS_API_URL + "/o/openstreetmap_oauth2",
   url: window.EXPORTS_API_URL + "/o/authorize?approval_prompt=auto",
   client: window.OAUTH_CLIENT_ID,
   redirect: `${window.location.protocol}//${hostname}/authorized`

ui/templates/osm/email.html

@@ -14,7 +14,7 @@
                     {% blocktrans %}Please provide a valid email address. This email address will be used to notifiy you when your exports are ready.
                     A verification link will be sent to the email address you provide.{% endblocktrans %}
                 <br/><br/>
-                <form method="post" action="{% url 'osm:complete' 'openstreetmap' %}" id="registerEmail">
+                <form method="post" action="{% url 'osm:complete' 'openstreetmap-oauth2' %}" id="registerEmail">
                     {% csrf_token %}
                     <div class="form-group row" id="form-group-email">
                         <div class="col-md-12">

ui/views.py

@@ -30,7 +30,9 @@ def login(request):
     if not request.user.is_authenticated:
         # preserve redirects ("next" in request.GET)
         return redirect(
-            reverse("osm:begin", args=["openstreetmap"]) + "?" + request.GET.urlencode()
+            reverse("osm:begin", args=["openstreetmap-oauth2"])
+            + "?"
+            + request.GET.urlencode()
         )
     else:
         return redirect("/v3/")
@@ -48,7 +50,7 @@ def v3(request, *args, **kwargs):
     except Application.DoesNotExist:
         ui_app = Application.objects.create(
             name="OSM Export Tool UI",
-            redirect_uris="http://localhost/authorized http://localhost:8080/authorized http://localhost:8000/authorized",
+            redirect_uris="http://localhost/authorized http://127.0.0.1:8000/authorized http://localhost:8080/authorized http://localhost:8000/authorized",
             client_type=Application.CLIENT_PUBLIC,
             authorization_grant_type=Application.GRANT_IMPLICIT,
             skip_authorization=True,
@@ -70,7 +72,6 @@ def redirect_to_v3(request):
 def worker_dashboard(request):
     if not request.user.is_superuser:
         return HttpResponseForbidden()
-    # return HttpResponse('test')
     return HttpResponseRedirect(f"/{settings.WORKER_SECRET_KEY}/")