Skip to content
Snippets Groups Projects
Commit d479a9fd authored by Ernesto Rico Schmidt's avatar Ernesto Rico Schmidt
Browse files

Add --client_id and --client_secret as optional arguments

parent 3f0698fc
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
program/management/commands/create_oidc_client.py
+ 36
29
View file @ d479a9fd
...@@ -12,6 +12,10 @@ class Command(BaseCommand): ...@@ -12,6 +12,10 @@ class Command(BaseCommand):
help='A label that you associate with this client') help='A label that you associate with this client')
parser.add_argument('client_type', type=str, choices=['public', 'confidential'], parser.add_argument('client_type', type=str, choices=['public', 'confidential'],
help='The type of client can be either public or confidential') help='The type of client can be either public or confidential')
parser.add_argument('--client-id', type=int, dest='client_id', action='store', help='The client ID ')
parser.set_defaults(client_id=None)
parser.add_argument('--client-secret', type=str, dest='client_secret', action='store', help='The client secret')
parser.set_defaults(client_secret=None)
parser.add_argument('--no-require-consent', dest='require_consent', action='store_false', parser.add_argument('--no-require-consent', dest='require_consent', action='store_false',
help='By default user consent is required. Use this to skip user consent.') help='By default user consent is required. Use this to skip user consent.')
parser.add_argument('--no-reuse-consent', dest='reuse_consent', action='store_false', parser.add_argument('--no-reuse-consent', dest='reuse_consent', action='store_false',
...@@ -31,29 +35,32 @@ class Command(BaseCommand): ...@@ -31,29 +35,32 @@ class Command(BaseCommand):
'(and the client secret in case of confidential clients).') '(and the client secret in case of confidential clients).')
parser.set_defaults(id_only=False) parser.set_defaults(id_only=False)
def handle(self, *args, **options): def handle(self, *args, **options):
# generate a new client ID and secret if options['client_id'] and options['client_secret']:
client_id = False client_id = options['client_id']
counter = 0 client_secret = options['client_secret']
while not client_id: else:
client_id = random.randint(100000, 999999) # generate a new client ID and secret
counter += 1 client_id = False
if counter > 10000: counter = 0
raise CommandError('Could not find a free client_id. Already'+\ while not client_id:
' tried 10000 times. There seems to be something seriously'+\ client_id = random.randint(100000, 999999)
' wrong with your setup. Please inspect manually.') counter += 1
try: if counter > 10000:
Client.objects.get(client_id=client_id) raise CommandError('Could not find a free client_id. Already'+ \
except Client.DoesNotExist: ' tried 10000 times. There seems to be something seriously'+ \
pass ' wrong with your setup. Please inspect manually.')
else: try:
client_id = False Client.objects.get(client_id=client_id)
except Client.DoesNotExist:
pass
else:
client_id = False
client_secret = ''
if options['client_type'] == 'confidential':
client_secret = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(32)) client_secret = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(32))
show_results = options['client_id'] is None and options['client_secret'] is None
# initialize lists if no option was provided # initialize lists if no option was provided
if options['redirect_uri'] is None: if options['redirect_uri'] is None:
options['redirect_uri'] = [] options['redirect_uri'] = []
...@@ -62,7 +69,7 @@ class Command(BaseCommand): ...@@ -62,7 +69,7 @@ class Command(BaseCommand):
if options['scope'] is None: if options['scope'] is None:
options['scope'] = [] options['scope'] = []
if not options["id_only"]: if not options["id_only"] and show_results:
self.stdout.write(f'Creating client with name {options["name"]}') self.stdout.write(f'Creating client with name {options["name"]}')
try: try:
c = Client( c = Client(
...@@ -80,7 +87,6 @@ class Command(BaseCommand): ...@@ -80,7 +87,6 @@ class Command(BaseCommand):
raise CommandError('Could not create an OpenID connect client' +\ raise CommandError('Could not create an OpenID connect client' +\
f' due to the following error: {sys.exc_info()}') f' due to the following error: {sys.exc_info()}')
if options['response_types']: if options['response_types']:
try: try:
for r_value in options['response_types']: for r_value in options['response_types']:
...@@ -90,12 +96,13 @@ class Command(BaseCommand): ...@@ -90,12 +96,13 @@ class Command(BaseCommand):
raise CommandError('Client was stored, but could not set response_types'+\ raise CommandError('Client was stored, but could not set response_types'+\
f' due to the following error: {sys.exc_info()}') f' due to the following error: {sys.exc_info()}')
if options["id_only"]: if show_results:
if options['client_type'] == 'confidential': if options["id_only"]:
self.stdout.write(f'{c.client_id} {c.client_secret}') if options['client_type'] == 'confidential':
self.stdout.write(f'{c.client_id} {c.client_secret}')
else:
self.stdout.write(f'{c.client_id}')
else: else:
self.stdout.write(f'{c.client_id}') self.stdout.write(f'Successfully created new OIDC client, with ID: {c.client_id}')
else: if options['client_type'] == 'confidential':
self.stdout.write(f'Successfully created new OIDC client, with ID: {c.client_id}') self.stdout.write(f'The secret for this confidential client is: {c.client_secret}')
if options['client_type'] == 'confidential':
self.stdout.write(f'The secret for this confidential client is: {c.client_secret}')
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment