Fix models to work correctly with client secrets

(cherry picked from commit 3a9e8fb9)

Fix models to work correctly with client secrets
6d28b4ff · Jonathan Weth · 9d78e1a1 · 6d28b4ff · 6d28b4ff
Verified Commit 6d28b4ff authored 1 year ago by Jonathan Weth
--- a/aleksis/apps/kort/migrations/0017_cardprinter_oauth2_client_secret.py
+++ b/aleksis/apps/kort/migrations/0017_cardprinter_oauth2_client_secret.py
-# Generated by Django 4.1.9 on 2023-06-17 18:42
+# Generated by Django 4.2.4 on 2023-08-30 14:25
 from django.db import migrations, models
 import django.db.models.deletion
@@ -8,7 +8,7 @@ class Migration(migrations.Migration):
    dependencies = [
        ("sites", "0002_alter_domain_unique"),
-        ("kort", "0016_card_last_read_counter"),
+        ("kort", "0015_migrate_scopes"),
    ]
    operations = [

--- a/aleksis/apps/kort/models.py
+++ b/aleksis/apps/kort/models.py
@@ -14,6 +14,7 @@ from django.utils.translation import gettext as _
 from celery.result import AsyncResult
 from model_utils.models import TimeStampedModel
+from oauth2_provider.generators import generate_client_secret
 from aleksis.core.mixins import ExtensibleModel
 from aleksis.core.models import OAuthApplication, Person
@@ -82,27 +83,41 @@ class CardPrinter(ExtensibleModel):
        null=True,
        related_name="card_printers",
    )
+    oauth2_client_secret = models.CharField(
+        max_length=255,
+        blank=True,
+        verbose_name=_("OAuth2 client secret"),
+    )
    # Settings
-    cups_printer = models.CharField(max_length=255, verbose_name=_("CUPS printer"), blank=True)
+    cups_printer = models.CharField(
+        max_length=255,
+        verbose_name=_("CUPS printer"),
+        blank=True,
+        help_text=_("Leave blank to deactivate CUPS printing"),
+    )
    generate_number_on_server = models.BooleanField(
        default=True, verbose_name=_("Generate card number on server")
    )
    card_detector = models.CharField(max_length=255, verbose_name=_("Card detector"), blank=True)
    def save(self, *args, **kwargs):
+        super().save(*args, **kwargs)
        if not self.oauth2_application:
+            client_secret = generate_client_secret()
            application = OAuthApplication(
                client_type=OAuthApplication.CLIENT_CONFIDENTIAL,
                authorization_grant_type=OAuthApplication.GRANT_CLIENT_CREDENTIALS,
                name=f"Card printer: {self.name}",
-                redirect_uris="urn:ietf:wg:oauth:2.0:oob",
                allowed_scopes=[self.scope],
+                client_secret=client_secret,
            )
            application.save()
            self.oauth2_application = application
+            self.oauth2_client_secret = client_secret
-        super().save(*args, **kwargs)
+            super().save(*args, **kwargs)
    def __str__(self):
        return self.name
@@ -127,7 +142,7 @@ class CardPrinter(ExtensibleModel):
        config = {
            "base_url": settings.BASE_URL,
            "client_id": self.oauth2_application.client_id,
-            "client_secret": self.oauth2_application.client_secret,
+            "client_secret": self.oauth2_client_secret,
        }
        return config