# OAuth migrations

* adds migrations for storing OAuthToken
* adds OAuthToken model
* adds OAuthToken admin
* adds user migration for Fkey relation to OAuthToken

user/admin.py

@@ -29,6 +29,7 @@ class UserAdmin(admin.ModelAdmin):
         "is_staff",
         "is_superuser",
         "api_token",
+        "oauth_token",
         "groups",
         "notifications",
         "date_joined",

user/migrations/0009_user_oauth_token.py

@@ -0,0 +1,20 @@
+# Generated by Django 5.0.4 on 2024-04-30 07:20
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0003_oauthtoken'),
+        ('user', '0008_alter_user_id'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='oauth_token',
+            field=models.ForeignKey(blank=True, db_comment='OAuth token for the user', null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='+', to='api.oauthtoken'),
+        ),
+    ]

user/models/user.py

@@ -5,16 +5,12 @@ Contact: michel.peltriaux@sgdnord.rlp.de
 Created on: 15.11.21
 
 """
-import json
-
-import requests
 from django.contrib.auth.models import AbstractUser
 
 from django.db import models
 
-from api.models import APIUserToken
+from api.models import APIUserToken, OAuthToken
 from konova.settings import ZB_GROUP, DEFAULT_GROUP, ETS_GROUP
-from konova.sub_settings.sso_settings import SSO_SERVER_BASE
 from konova.utils.mailer import Mailer
 from user.enums import UserNotificationEnum
 
@@ -28,6 +24,14 @@ class User(AbstractUser):
         help_text="The user's API token",
         on_delete=models.SET_NULL
     )
+    oauth_token = models.ForeignKey(
+        "api.OAuthToken",
+        blank=True,
+        null=True,
+        on_delete=models.SET_NULL,
+        db_comment="OAuth token for the user",
+        related_name="+"
+    )
 
     def is_notification_setting_set(self, notification_enum: UserNotificationEnum):
         return self.notifications.filter(
@@ -221,11 +225,22 @@ class User(AbstractUser):
         return shared_teams
 
     @staticmethod
-    def _oauth_update_user(user_data: dict):
+    def oauth_update_user(user_data: dict):
+        """
+        Get or create a user depending on given user_data.
+        If the user record already exists, it's data will be updated using user_data.
+
+        Args:
+            user_data (dict): User data from OAuth SSO component
+
+        Returns:
+            user (User): The resolved user
+        """
         username = user_data.get("username")
         user, is_created = User.objects.get_or_create(
             username=username
         )
+
         if is_created:
             user.set_unusable_password()
 
@@ -235,24 +250,18 @@ class User(AbstractUser):
 
         return user
 
-    @staticmethod
-    def oauth_get_user(oauth_access_token: str):
-        url = f"{SSO_SERVER_BASE}users/oauth/data"
+    def oauth_replace_token(self, token: OAuthToken):
+        """
+        Drops old token (if existing) and stores given token.
 
-        response = requests.get(
-            url,
-            headers={
-                "Authorization":f"Bearer {oauth_access_token}",
-            }
-        )
-
-        is_response_code_invalid = response.status_code != 200
-        if is_response_code_invalid:
-            raise RuntimeError(f"OAuth user data fetching unsuccessful: {response.status_code}")
-
-        response_content = response.content.decode("utf-8")
-        response_content = json.loads(response_content)
-        user = User._oauth_update_user(response_content)
-
-        return user
+        Args:
+            token (OAuthToken): New token
 
+        Returns:
+            user (User)
+        """
+        if self.oauth_token:
+            self.oauth_token.delete()
+        self.oauth_token = token
+        self.save()
+        return self