-
-
Notifications
You must be signed in to change notification settings - Fork 425
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by pedrobaeza
- Loading branch information
Showing
20 changed files
with
954 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
================= | ||
OAuth Multi Token | ||
================= | ||
|
||
.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
!! This file is generated by oca-gen-addon-readme !! | ||
!! changes will be overwritten. !! | ||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png | ||
:target: https://odoo-community.org/page/development-status | ||
:alt: Beta | ||
.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png | ||
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html | ||
:alt: License: AGPL-3 | ||
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github | ||
:target: https://github.com/OCA/server-auth/tree/14.0/auth_oauth_multi_token | ||
:alt: OCA/server-auth | ||
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png | ||
:target: https://translation.odoo-community.org/projects/server-auth-14-0/server-auth-14-0-auth_oauth_multi_token | ||
:alt: Translate me on Weblate | ||
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png | ||
:target: https://runboat.odoo-community.org/webui/builds.html?repo=OCA/server-auth&target_branch=14.0 | ||
:alt: Try me on Runboat | ||
|
||
|badge1| |badge2| |badge3| |badge4| |badge5| | ||
|
||
This module adds the possibility to connect with the same account | ||
on more than one device at the same time. | ||
|
||
All providers are supported (Google, Facebook, Odoo, etc). | ||
|
||
**Table of contents** | ||
|
||
.. contents:: | ||
:local: | ||
|
||
Usage | ||
===== | ||
|
||
Nothing changes on login action: just select your provider and try to log in. | ||
|
||
Bug Tracker | ||
=========== | ||
|
||
Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_. | ||
In case of trouble, please check there if your issue has already been reported. | ||
If you spotted it first, help us smashing it by providing a detailed and welcomed | ||
`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_oauth_multi_token%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_. | ||
|
||
Do not contact contributors directly about support or help with technical issues. | ||
|
||
Credits | ||
======= | ||
|
||
Authors | ||
~~~~~~~ | ||
|
||
* Florent de Labarre | ||
* Camptocamp | ||
|
||
Contributors | ||
~~~~~~~~~~~~ | ||
|
||
* Florent de Labarre <florent.mirieu@gmail.com> | ||
* Simone Orsi <simone.orsi@camptocamp.com> | ||
* `Tecnativa <https://www.tecnativa.com/>`__: | ||
|
||
* Jairo Llopis | ||
* Sergio Teruel | ||
|
||
* Stéphane Bidoul <stephane.bidoul@acsone.eu> | ||
* Dan Tillinghast | ||
|
||
Maintainers | ||
~~~~~~~~~~~ | ||
|
||
This module is maintained by the OCA. | ||
|
||
.. image:: https://odoo-community.org/logo.png | ||
:alt: Odoo Community Association | ||
:target: https://odoo-community.org | ||
|
||
OCA, or the Odoo Community Association, is a nonprofit organization whose | ||
mission is to support the collaborative development of Odoo features and | ||
promote its widespread use. | ||
|
||
This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/14.0/auth_oauth_multi_token>`_ project on GitHub. | ||
|
||
You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
from . import models |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# Copyright 2016 Florent de Labarre | ||
# Copyright 2017 Camptocamp | ||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl) | ||
|
||
{ | ||
"name": "OAuth Multi Token", | ||
"version": "14.0.1.0.0", | ||
"license": "AGPL-3", | ||
"author": "Florent de Labarre, Camptocamp, Odoo Community Association (OCA)", | ||
"summary": """Allow multiple connection with the same OAuth account""", | ||
"category": "Tool", | ||
"website": "https://github.com/OCA/server-auth", | ||
"depends": ["auth_oauth"], | ||
"data": [ | ||
"security/ir.model.access.csv", | ||
"views/auth_oauth_multi_token.xml", | ||
"views/res_users.xml", | ||
], | ||
"installable": True, | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,94 @@ | ||
# Translation of Odoo Server. | ||
# This file contains the translation of the following modules: | ||
# * auth_oauth_multi_token | ||
# | ||
msgid "" | ||
msgstr "" | ||
"Project-Id-Version: Odoo Server 13.0\n" | ||
"Report-Msgid-Bugs-To: \n" | ||
"Last-Translator: \n" | ||
"Language-Team: \n" | ||
"MIME-Version: 1.0\n" | ||
"Content-Type: text/plain; charset=UTF-8\n" | ||
"Content-Transfer-Encoding: \n" | ||
"Plural-Forms: \n" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model_terms:ir.ui.view,arch_db:auth_oauth_multi_token.view_users_form | ||
msgid "Clear Tokens" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token__create_uid | ||
msgid "Created by" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token__create_date | ||
msgid "Created on" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token__display_name | ||
msgid "Display Name" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token__id | ||
msgid "ID" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token____last_update | ||
msgid "Last Modified on" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token__write_uid | ||
msgid "Last Updated by" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token__write_date | ||
msgid "Last Updated on" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model_terms:ir.ui.view,arch_db:auth_oauth_multi_token.view_users_form | ||
msgid "Latest tokens" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_res_users__oauth_master_uuid | ||
msgid "Master UUID" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_res_users__oauth_access_max_token | ||
msgid "Max number of simultaneous connections" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token__oauth_access_token | ||
msgid "OAuth Access Token" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_res_users__oauth_access_token_ids | ||
msgid "OAuth tokens" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model,name:auth_oauth_multi_token.model_auth_oauth_multi_token | ||
msgid "OAuth2 token" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model.fields,field_description:auth_oauth_multi_token.field_auth_oauth_multi_token__user_id | ||
msgid "User" | ||
msgstr "" | ||
|
||
#. module: auth_oauth_multi_token | ||
#: model:ir.model,name:auth_oauth_multi_token.model_res_users | ||
msgid "Users" | ||
msgstr "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
from . import auth_oauth_multi_token | ||
from . import res_users |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
# Copyright 2016 Florent de Labarre | ||
# Copyright 2017 Camptocamp | ||
# Copyright 2021 ACSONE SA/NV | ||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl) | ||
|
||
from odoo import api, fields, models | ||
|
||
|
||
class AuthOauthMultiToken(models.Model): | ||
"""Define a set of tokens.""" | ||
|
||
_name = "auth.oauth.multi.token" | ||
_description = "OAuth2 token" | ||
_order = "id desc" | ||
|
||
oauth_access_token = fields.Char( | ||
string="OAuth Access Token", readonly=True, copy=False | ||
) | ||
user_id = fields.Many2one( | ||
comodel_name="res.users", | ||
string="User", | ||
required=True, | ||
readonly=True, | ||
index=True, | ||
ondelete="cascade", | ||
) | ||
|
||
@api.model | ||
def create(self, vals): | ||
"""Override to validate tokens.""" | ||
token = super().create(vals) | ||
token._oauth_validate_multi_token() | ||
return token | ||
|
||
@api.model | ||
def _oauth_user_tokens(self, user_id): | ||
"""Retrieve tokens for given user. | ||
:param user_id: Odoo ID of the user | ||
""" | ||
return self.search([("user_id", "=", user_id)]) | ||
|
||
def _oauth_validate_multi_token(self): | ||
"""Check current user's token and clear them if max number reached.""" | ||
user_tokens = self._oauth_user_tokens(self.user_id.id) | ||
max_token = self.user_id.oauth_access_max_token | ||
if user_tokens and len(user_tokens) > max_token: | ||
# clear last token | ||
user_tokens[max_token - 1]._oauth_clear_token() | ||
|
||
def _oauth_clear_token(self): | ||
"""Disable current token records.""" | ||
self.unlink() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
# Copyright 2016 Florent de Labarre | ||
# Copyright 2017 Camptocamp | ||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl) | ||
import uuid | ||
|
||
from odoo import api, exceptions, fields, models | ||
|
||
from odoo.addons import base | ||
|
||
base.models.res_users.USER_PRIVATE_FIELDS.append("oauth_master_uuid") | ||
|
||
|
||
class ResUsers(models.Model): | ||
_inherit = "res.users" | ||
|
||
def _generate_oauth_master_uuid(self): | ||
return uuid.uuid4().hex | ||
|
||
oauth_access_token_ids = fields.One2many( | ||
comodel_name="auth.oauth.multi.token", | ||
inverse_name="user_id", | ||
string="OAuth tokens", | ||
copy=False, | ||
readonly=True, | ||
groups="base.group_system", | ||
) | ||
oauth_access_max_token = fields.Integer( | ||
string="Max number of simultaneous connections", default=10, required=True | ||
) | ||
oauth_master_uuid = fields.Char( | ||
string="Master UUID", | ||
copy=False, | ||
readonly=True, | ||
required=True, | ||
default=lambda self: self._generate_oauth_master_uuid(), | ||
) | ||
|
||
@property | ||
def multi_token_model(self): | ||
return self.env["auth.oauth.multi.token"] | ||
|
||
@api.model | ||
def _auth_oauth_signin(self, provider, validation, params): | ||
"""Override to handle sign-in with multi token.""" | ||
res = super()._auth_oauth_signin(provider, validation, params) | ||
|
||
oauth_uid = validation["user_id"] | ||
# Lookup for user by oauth uid and provider | ||
user = self.search( | ||
[("oauth_uid", "=", oauth_uid), ("oauth_provider_id", "=", provider)] | ||
) | ||
if not user: | ||
raise exceptions.AccessDenied() | ||
user.ensure_one() | ||
# user found and unique: create a token | ||
self.multi_token_model.create( | ||
{"user_id": user.id, "oauth_access_token": params["access_token"]} | ||
) | ||
return res | ||
|
||
def action_oauth_clear_token(self): | ||
"""Inactivate current user tokens.""" | ||
self.mapped("oauth_access_token_ids")._oauth_clear_token() | ||
for res in self: | ||
res.oauth_access_token = False | ||
res.oauth_master_uuid = self._generate_oauth_master_uuid() | ||
|
||
@api.model | ||
def _check_credentials(self, password, env): | ||
"""Override to check credentials against multi tokens.""" | ||
try: | ||
return super()._check_credentials(password, env) | ||
except exceptions.AccessDenied: | ||
res = self.multi_token_model.sudo().search( | ||
[("user_id", "=", self.env.uid), ("oauth_access_token", "=", password)] | ||
) | ||
if not res: | ||
raise | ||
|
||
def _get_session_token_fields(self): | ||
res = super()._get_session_token_fields() | ||
res.remove("oauth_access_token") | ||
return res | {"oauth_master_uuid"} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
On users' form you can set the number of maximum simultaneous connections. | ||
|
||
By default 10 connections are allowed. | ||
|
||
From there you can also clear / inactivate existing tokens. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
* Florent de Labarre <florent.mirieu@gmail.com> | ||
* Simone Orsi <simone.orsi@camptocamp.com> | ||
* `Tecnativa <https://www.tecnativa.com/>`__: | ||
|
||
* Jairo Llopis | ||
* Sergio Teruel | ||
|
||
* Stéphane Bidoul <stephane.bidoul@acsone.eu> | ||
* Dan Tillinghast |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
This module adds the possibility to connect with the same account | ||
on more than one device at the same time. | ||
|
||
All providers are supported (Google, Facebook, Odoo, etc). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Nothing changes on login action: just select your provider and try to log in. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink | ||
access_auth_oauth_multi_token_admin,auth_oauth_multi_token admin,model_auth_oauth_multi_token,base.group_system,1,1,1,1 |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Oops, something went wrong.