Home Explore Help
Sign In
mirrors
/
Radicale
mirror of https://github.com/Kozea/Radicale
1
0
Fork 0
Files Issues 0 Wiki
Tree: 063883797c
Branches Tags
Radicale
/
radicale
/
auth
/
oauth2.py

oauth2.py 2.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. # This file is part of Radicale Server - Calendar Server
    2. 

  2. #
    3. 

  3. # Original from https://gitlab.mim-libre.fr/alphabet/radicale_oauth/
    4. 

  4. # Copyright © 2021-2022 Bruno Boiget
    5. 

  5. # Copyright © 2022-2022 Daniel Dehennin
    6. 

  6. #
    7. 

  7. # Since migration into upstream
    8. 

  8. # Copyright © 2025-2025 Peter Bieringer <pb@bieringer.de>
    9. 

  9. #
    10. 

  10. # This library is free software: you can redistribute it and/or modify
    11. 

  11. # it under the terms of the GNU General Public License as published by
    12. 

  12. # the Free Software Foundation, either version 3 of the License, or
    13. 

  13. # (at your option) any later version.
    14. 

  14. #
    15. 

  15. # This library is distributed in the hope that it will be useful,
    16. 

  16. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    17. 

  17. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    18. 

  18. # GNU General Public License for more details.
    19. 

  19. #
    20. 

  20. # You should have received a copy of the GNU General Public License
    21. 

  21. # along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
    22. 

  22. 

  23. """
    24. 

  24. Authentication backend that checks credentials against an oauth2 server auth endpoint
    25. 

  25. """
    26. 

  26. 

  27. from radicale import auth
    28. 

  28. from radicale.log import logger
    29. 

  29. import requests
    30. 

  30. from requests.utils import quote
    31. 

  31. 

  32. 

  33. class Auth(auth.BaseAuth):
    34. 

  34.     def __init__(self, configuration):
    35. 

  35.         super().__init__(configuration)
    36. 

  36.         self._endpoint = configuration.get("auth", "oauth2_token_endpoint")
    37. 

  37.         logger.warning("Using oauth2 token endpoint: %s" % (self._endpoint))
    38. 

  38. 

  39.     def login(self, login, password):
    40. 

  40.         """Validate credentials.
    41. 

  41.         Sends login credentials to oauth auth endpoint and checks that a token is returned
    42. 

  42.         """
    43. 

  43.         try:
    44. 

  44.             # authenticate to authentication endpoint and return login if ok, else ""
    45. 

  45.             req_params = {
    46. 

  46.                 "username": login,
    47. 

  47.                 "password": password,
    48. 

  48.                 "grant_type": "password",
    49. 

  49.                 "client_id": "radicale",
    50. 

  50.             }
    51. 

  51.             req_headers = {"Content-Type": "application/x-www-form-urlencoded"}
    52. 

  52.             response = requests.post(
    53. 

  53.                 self._endpoint, data=req_params, headers=req_headers
    54. 

  54.             )
    55. 

  55.             if (
    56. 

  56.                 response.status_code == requests.codes.ok
    57. 

  57.                 and "access_token" in response.json()
    58. 

  58.             ):
    59. 

  59.                 return login
    60. 

  60.         except OSError as e:
    61. 

  61.             raise RuntimeError(
    62. 

  62.                 "Failed to authenticate against oauth server %r: %s"
    63. 

  63.                 % (self._endpoint, e)
    64. 

  64.             ) from e
    65. 

  65.         logger.warning("User %s failed to authenticate" % (str(login)))
    66. 

  66.         return ""
    67.