oauth2: log more (#22717)
This commit is contained in:
parent
60d6259023
commit
1803cb9ddf
|
@ -14,6 +14,8 @@
|
|||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import logging
|
||||
|
||||
from urllib import quote
|
||||
|
||||
from django.utils.translation import ugettext as _
|
||||
|
@ -39,6 +41,9 @@ from fargo.fargo.models import UserDocument, Document
|
|||
from fargo.utils import make_url
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class OAuth2Exception(Exception):
|
||||
pass
|
||||
|
||||
|
@ -73,8 +78,8 @@ class OAuth2AuthorizeView(FormView):
|
|||
if response_type != 'code':
|
||||
return self.redirect(error='unsupported_response_type')
|
||||
try:
|
||||
client = OAuth2Client.objects.get(client_id=client_id)
|
||||
if not client.check_redirect_uri(self.redirect_uri):
|
||||
self.client = OAuth2Client.objects.get(client_id=client_id)
|
||||
if not self.client.check_redirect_uri(self.redirect_uri):
|
||||
return self.redirect(error='invalid_redirect_uri')
|
||||
except OAuth2Client.DoesNotExist:
|
||||
return self.redirect(error='unauthorized_client')
|
||||
|
@ -94,6 +99,12 @@ class OAuth2AuthorizeView(FormView):
|
|||
def form_valid(self, form):
|
||||
document = form.cleaned_data['document']
|
||||
authorization = OAuth2Authorize.objects.create(user_document=document)
|
||||
logger.info(u'user %s authorized %s to get document "%s" (%s) with code %s',
|
||||
self.request.user,
|
||||
self.client,
|
||||
document,
|
||||
document.pk,
|
||||
authorization.code)
|
||||
return self.redirect(code=authorization.code, state=self.state)
|
||||
|
||||
|
||||
|
@ -120,7 +131,10 @@ class GetDocumentTokenView(OAUTH2APIViewMixin):
|
|||
|
||||
if (now() - authorize.creation_date).total_seconds() > settings.FARGO_CODE_LIFETIME:
|
||||
return self.error('invalid_grant', 'code is expired')
|
||||
|
||||
logger.info(u'client %s resolved code %s to access token %s',
|
||||
request.user.oauth2_client,
|
||||
authorize.code,
|
||||
authorize.access_token)
|
||||
return Response({
|
||||
'access_token': authorize.access_token,
|
||||
'expires': settings.FARGO_ACCESS_TOKEN_LIFETIME
|
||||
|
@ -143,6 +157,10 @@ def get_document(request):
|
|||
percent_encoded_filename = quote(doc.filename.encode('utf8'), safe='')
|
||||
response['Content-Disposition'] = 'attachment; filename="%s"; filename*=UTF-8\'\'%s' % (ascii_filename,
|
||||
percent_encoded_filename)
|
||||
logger.info(u'document "%s" (%s) retrieved with access token %s',
|
||||
doc,
|
||||
doc.pk,
|
||||
oauth_authorize.access_token)
|
||||
return response
|
||||
|
||||
|
||||
|
@ -161,6 +179,10 @@ class PutDocumentAPIView(OAUTH2APIViewMixin):
|
|||
|
||||
response = Response()
|
||||
response['Location'] = uri
|
||||
logger.info(u'client %s uploaded document "%s" (%s)',
|
||||
request.user.oauth2_client,
|
||||
filename,
|
||||
oauth2_document.pk)
|
||||
return response
|
||||
|
||||
|
||||
|
@ -210,6 +232,10 @@ class OAuth2AuthorizePutView(TemplateView):
|
|||
user=request.user,
|
||||
document=self.oauth2_document.document,
|
||||
filename=self.oauth2_document.filename)
|
||||
logger.info(u'user %s accepted document "%s" (%s)',
|
||||
request.user,
|
||||
self.oauth2_document.filename,
|
||||
self.oauth2_document.pk)
|
||||
return self.redirect()
|
||||
finally:
|
||||
self.oauth2_document.delete()
|
||||
|
|
Loading…
Reference in New Issue