Merge branch 'master' into multiple_rsa_keys

Author: auvipy

AUTHORS

@@ -12,6 +12,7 @@ Alan Crosswell
 Aleksander Vaskevich
 Alessandro De Angelis
 Allisson Azevedo
+Andrew Chen Wang
 Anvesh Agarwal
 Aristóbulo Meneses
 Aryan Iyappan
@@ -30,14 +31,17 @@ Emanuele Palazzetti
 Federico Dolce
 Frederico Vieira
 Hasan Ramezani
+Hossein Shakiba
 Hiroki Kiyohara
 Jens Timmerman
 Jerome Leclanche
 Jim Graham
 Jonas Nygaard Pedersen
 Jonathan Steffan
+Jozef Knaperek
 Jun Zhou
 Kristian Rune Larsen
+Michael Howitz
 Paul Dekkers
 Paul Oswald
 Pavel Tvrdík

CHANGELOG.md

@@ -17,6 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [unreleased]
 * Remove support for Django 3.0
 * Add support for Django 3.2
+* #989 Change any HttpResponse to JsonResponse if possible
 
 ### Added
 * #712, #636, #808. Calls to `django.contrib.auth.authenticate()` now pass a `request`

docs/getting_started.rst

@@ -358,7 +358,7 @@ Export the credential as an environment variable
 
     export CREDENTIAL=YXhYU1NCVnV2T3lHVnpoNFB1cnZLYXE1TUhYTW03RnRySGdETWk0dToxZnV2NVdWZlI3QTVCbEYwbzE1NUg3czViTGdYbHdXTGhpM1k3cGRKOWFKdUNkbDBYVjVDeGdkMHRyaTduU3pDODBxeXJvdmg4cUZYRkhnRkFBYzBsZFBObjVaWUxhbnhTbTFTSTFyeGxScldVUDU5MXdwSERHYTNwU3BCNmRDWg==
 
-To start the Client Credential flow you call ``/token/`` endpoint direct::
+To start the Client Credential flow you call ``/token/`` endpoint directly::
 
     curl -X POST -H "Authorization: Basic ${CREDENTIAL}" -H "Cache-Control: no-cache" -H "Content-Type: application/x-www-form-urlencoded" "http://127.0.0.1:8000/o/token/" -d "grant_type=client_credentials"
 

docs/settings.rst

@@ -147,6 +147,8 @@ REFRESH_TOKEN_EXPIRE_SECONDS
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 The number of seconds before a refresh token gets removed from the database by
 the ``cleartokens`` management command. Check :ref:`cleartokens` management command for further info.
+Can be an ``Int`` or ``datetime.timedelta``.
+
 NOTE: This value is completely ignored when validating refresh tokens.
 If you don't change the validator code and don't run cleartokens all refresh
 tokens will last until revoked or the end of time. You should change this.

docs/tutorial/tutorial_01.rst

@@ -9,14 +9,14 @@ Start Your App
 --------------
 During this tutorial you will make an XHR POST from a Heroku deployed app to your localhost instance.
 Since the domain that will originate the request (the app on Heroku) is different from the destination domain (your local instance),
-you will need to install the `django-cors-middleware <https://github.com/zestedesavoir/django-cors-middleware>`_ app.
+you will need to install the `django-cors-headers <https://github.com/adamchainz/django-cors-headers>`_ app.
 These "cross-domain" requests are by default forbidden by web browsers unless you use `CORS <http://en.wikipedia.org/wiki/Cross-origin_resource_sharing>`_.
 
-Create a virtualenv and install `django-oauth-toolkit` and `django-cors-middleware`:
+Create a virtualenv and install `django-oauth-toolkit` and `django-cors-headers`:
 
 ::
 
-    pip install django-oauth-toolkit django-cors-middleware
+    pip install django-oauth-toolkit django-cors-headers
 
 Start a Django project, add `oauth2_provider` and `corsheaders` to the installed apps, and enable admin:
 
@@ -33,6 +33,8 @@ Include the Django OAuth Toolkit urls in your `urls.py`, choosing the urlspace y
 
 .. code-block:: python
 
+    from django.urls import path, include
+
     urlpatterns = [
         path("admin", admin.site.urls),
         path("o/", include('oauth2_provider.urls', namespace='oauth2_provider')),

oauth2_provider/admin.py

@@ -26,6 +26,7 @@ class ApplicationAdmin(admin.ModelAdmin):
 
 class AccessTokenAdmin(admin.ModelAdmin):
     list_display = ("token", "user", "application", "expires")
+    list_select_related = ("application", "user")
     raw_id_fields = ("user", "source_refresh_token")
 
 

oauth2_provider/locale/fa/LC_MESSAGES/django.po

@@ -0,0 +1,202 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <[email protected]>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2021-05-01 15:33+0430\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: HOSSEIN SHAKIBA <[email protected]>\n"
+"Language-Team: LANGUAGE <[email protected]>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: models.py:49
+msgid "Confidential"
+msgstr "محرمانه"
+
+#: models.py:50
+msgid "Public"
+msgstr "عمومی"
+
+#: models.py:59
+msgid "Authorization code"
+msgstr "کد مجوز"
+
+#: models.py:60
+msgid "Implicit"
+msgstr "ضمنی"
+
+#: models.py:61
+msgid "Resource owner password-based"
+msgstr "صاحب منبع مبتنی بر رمز عبور"
+
+#: models.py:62
+msgid "Client credentials"
+msgstr "اعتبار مخاطب"
+
+#: models.py:63
+msgid "OpenID connect hybrid"
+msgstr "اتصال ترکیبی OpenID"
+
+#: models.py:70
+msgid "No OIDC support"
+msgstr "OIDC پشتیبانی وجود ندارد از"
+
+#: models.py:71
+msgid "RSA with SHA-2 256"
+msgstr "SHA-2 256 با RSA"
+
+#: models.py:72
+msgid "HMAC with SHA-2 256"
+msgstr "SHA-2 256 با HMAC"
+
+#: models.py:87
+msgid "Allowed URIs list, space separated"
+msgstr "مجاز، با فاصله از هم جدا شده‌اند URIs فهرست"
+
+#: models.py:152
+#, python-brace-format
+msgid "Unauthorized redirect scheme: {scheme}"
+msgstr "{scheme} :طرح تغییر مسیر غیرمجاز"
+
+#: models.py:156
+#, python-brace-format
+msgid "redirect_uris cannot be empty with grant_type {grant_type}"
+msgstr "{grant_type} خالی باشد grant_type نمی تواند با redirect_uris "
+
+#: models.py:162
+msgid "You must set OIDC_RSA_PRIVATE_KEY to use RSA algorithm"
+msgstr "را تنظیم کنید OIDC_RSA_PRIVATE_KEY باید RSA برای استفاده از الگوریتم"
+
+#: models.py:171
+msgid "You cannot use HS256 with public grants or clients"
+msgstr ""
+
+#: oauth2_validators.py:181
+msgid "The access token is invalid."
+msgstr "توکن دسترسی نامعتبر است"
+
+#: oauth2_validators.py:188
+msgid "The access token has expired."
+msgstr "توکن دسترسی منقضی شده است"
+
+#: oauth2_validators.py:195
+msgid "The access token is valid but does not have enough scope."
+msgstr "توکن دسترسی معتبر است اما دامنه کافی ندارد"
+
+#: templates/oauth2_provider/application_confirm_delete.html:6
+msgid "Are you sure to delete the application"
+msgstr "آیا مطمئن هستید که برنامه را حذف می کنید"
+
+#: templates/oauth2_provider/application_confirm_delete.html:12
+#: templates/oauth2_provider/authorize.html:29
+msgid "Cancel"
+msgstr "لغو"
+
+#: templates/oauth2_provider/application_confirm_delete.html:13
+#: templates/oauth2_provider/application_detail.html:38
+#: templates/oauth2_provider/authorized-token-delete.html:7
+msgid "Delete"
+msgstr "حذف"
+
+#: templates/oauth2_provider/application_detail.html:10
+msgid "Client id"
+msgstr "شناسه(آیدی) کاربر"
+
+#: templates/oauth2_provider/application_detail.html:15
+msgid "Client secret"
+msgstr "راز کاربر"
+
+#: templates/oauth2_provider/application_detail.html:20
+msgid "Client type"
+msgstr "نوع کاربر"
+
+#: templates/oauth2_provider/application_detail.html:25
+msgid "Authorization Grant Type"
+msgstr "نوع اعطای مجوز"
+
+#: templates/oauth2_provider/application_detail.html:30
+msgid "Redirect Uris"
+msgstr "تغییر مسیر URIs"
+
+#: templates/oauth2_provider/application_detail.html:36
+#: templates/oauth2_provider/application_form.html:35
+msgid "Go Back"
+msgstr "بازگشت"
+
+#: templates/oauth2_provider/application_detail.html:37
+msgid "Edit"
+msgstr "ویرایش"
+
+#: templates/oauth2_provider/application_form.html:9
+msgid "Edit application"
+msgstr "ویرایش برنامه"
+
+#: templates/oauth2_provider/application_form.html:37
+msgid "Save"
+msgstr "ذخیره"
+
+#: templates/oauth2_provider/application_list.html:6
+msgid "Your applications"
+msgstr "برنامه شما"
+
+#: templates/oauth2_provider/application_list.html:14
+msgid "New Application"
+msgstr "برنامه جدید"
+
+#: templates/oauth2_provider/application_list.html:17
+msgid "No applications defined"
+msgstr "هیچ برنامه ای تعریف نشده است"
+
+#: templates/oauth2_provider/application_list.html:17
+msgid "Click here"
+msgstr "اینجا کلیک کنید"
+
+#: templates/oauth2_provider/application_list.html:17
+msgid "if you want to register a new one"
+msgstr "اگر می خواهید مورد جدیدی ثبت کنید"
+
+#: templates/oauth2_provider/application_registration_form.html:5
+msgid "Register a new application"
+msgstr "ثبت یک برنامه جدید"
+
+#: templates/oauth2_provider/authorize.html:8
+#: templates/oauth2_provider/authorize.html:30
+msgid "Authorize"
+msgstr "اجازه دادن"
+
+#: templates/oauth2_provider/authorize.html:17
+msgid "Application requires the following permissions"
+msgstr "برنامه به مجوزهای زیر نیاز دارد"
+
+#: templates/oauth2_provider/authorized-oob.html:12
+msgid "Success"
+msgstr "موفقیت"
+
+#: templates/oauth2_provider/authorized-oob.html:14
+msgid "Please return to your application and enter this code:"
+msgstr "لطفاً به برنامه خود برگردید و این کد را وارد کنید:"
+
+#: templates/oauth2_provider/authorized-token-delete.html:6
+msgid "Are you sure you want to delete this token?"
+msgstr "آیا مطمئن هستید که می خواهید این توکن را حذف کنید؟"
+
+#: templates/oauth2_provider/authorized-tokens.html:6
+msgid "Tokens"
+msgstr "توکن‌ها"
+
+#: templates/oauth2_provider/authorized-tokens.html:11
+msgid "revoke"
+msgstr "باطل کردن"
+
+#: templates/oauth2_provider/authorized-tokens.html:19
+msgid "There are no authorized tokens yet."
+msgstr "هنوز هیچ توکن مجازی وجود ندارد."

oauth2_provider/models.py

@@ -114,7 +114,7 @@ def default_redirect_uri(self):
             return self.redirect_uris.split().pop(0)
 
         assert False, (
-            "If you are using implicit, authorization_code"
+            "If you are using implicit, authorization_code "
             "or all-in-one grant_type, you must define "
             "redirect_uris field in your Application model"
         )
@@ -563,56 +563,56 @@ class Meta(AbstractIDToken.Meta):
 
 
 def get_application_model():
-    """ Return the Application model that is active in this project. """
+    """Return the Application model that is active in this project."""
     return apps.get_model(oauth2_settings.APPLICATION_MODEL)
 
 
 def get_grant_model():
-    """ Return the Grant model that is active in this project. """
+    """Return the Grant model that is active in this project."""
     return apps.get_model(oauth2_settings.GRANT_MODEL)
 
 
 def get_access_token_model():
-    """ Return the AccessToken model that is active in this project. """
+    """Return the AccessToken model that is active in this project."""
     return apps.get_model(oauth2_settings.ACCESS_TOKEN_MODEL)
 
 
 def get_id_token_model():
-    """ Return the AccessToken model that is active in this project. """
+    """Return the AccessToken model that is active in this project."""
     return apps.get_model(oauth2_settings.ID_TOKEN_MODEL)
 
 
 def get_refresh_token_model():
-    """ Return the RefreshToken model that is active in this project. """
+    """Return the RefreshToken model that is active in this project."""
     return apps.get_model(oauth2_settings.REFRESH_TOKEN_MODEL)
 
 
 def get_application_admin_class():
-    """ Return the Application admin class that is active in this project. """
+    """Return the Application admin class that is active in this project."""
     application_admin_class = oauth2_settings.APPLICATION_ADMIN_CLASS
     return application_admin_class
 
 
 def get_access_token_admin_class():
-    """ Return the AccessToken admin class that is active in this project. """
+    """Return the AccessToken admin class that is active in this project."""
     access_token_admin_class = oauth2_settings.ACCESS_TOKEN_ADMIN_CLASS
     return access_token_admin_class
 
 
 def get_grant_admin_class():
-    """ Return the Grant admin class that is active in this project. """
+    """Return the Grant admin class that is active in this project."""
     grant_admin_class = oauth2_settings.GRANT_ADMIN_CLASS
     return grant_admin_class
 
 
 def get_id_token_admin_class():
-    """ Return the IDToken admin class that is active in this project. """
+    """Return the IDToken admin class that is active in this project."""
     id_token_admin_class = oauth2_settings.ID_TOKEN_ADMIN_CLASS
     return id_token_admin_class
 
 
 def get_refresh_token_admin_class():
-    """ Return the RefreshToken admin class that is active in this project. """
+    """Return the RefreshToken admin class that is active in this project."""
     refresh_token_admin_class = oauth2_settings.REFRESH_TOKEN_ADMIN_CLASS
     return refresh_token_admin_class