Add OIDC_CLIENT_MODEL setting to enable client model swapping

Co-authored-by: Eirik Martiniussen Sylliaas <eirik@sylliaas.no>
Co-authored-by: Stefan Foulis <stefan@foulis.ch>

Author: eirsyl

docs/sections/settings.rst

@@ -21,6 +21,15 @@ If not specified, it will be automatically generated using ``request.scheme`` an
 
 For example ``http://localhost:8000``.
 
+OIDC_CLIENT_MODEL
+=================
+
+OPTIONAL. ``str``. The client model.
+
+If not specified, the default oidc_provider.Client model is used. This is typically used when
+you need to override the Client model to add custom properties on the class. The custom class
+should override the oidc_provider.AbstractClient model.
+
 OIDC_AFTER_USERLOGIN_HOOK
 =========================
 

oidc_provider/lib/endpoints/authorize.py

@@ -26,13 +26,14 @@
     encode_id_token,
 )
 from oidc_provider.models import (
-    Client,
     UserConsent,
+    get_client_model
 )
 from oidc_provider import settings
 from oidc_provider.lib.utils.common import get_browser_state_or_default
 
 logger = logging.getLogger(__name__)
+Client = get_client_model()
 
 
 class AuthorizeEndpoint(object):

oidc_provider/lib/endpoints/token.py

@@ -17,13 +17,14 @@
     encode_id_token,
 )
 from oidc_provider.models import (
-    Client,
     Code,
     Token,
+    get_client_model
 )
 from oidc_provider import settings
 
 logger = logging.getLogger(__name__)
+Client = get_client_model()
 
 
 class TokenEndpoint(object):

oidc_provider/migrations/0001_initial.py

@@ -3,13 +3,15 @@
 
 from django.db import models, migrations
 from django.conf import settings
+from oidc_provider import settings as oidc_settings
 
 
 class Migration(migrations.Migration):
 
     dependencies = [
         ('auth', '0001_initial'),
         migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        migrations.swappable_dependency(oidc_settings.get('OIDC_CLIENT_MODEL')),
     ]
 
     operations = [
@@ -26,6 +28,8 @@ class Migration(migrations.Migration):
                 ('_redirect_uris', models.TextField(default=b'')),
             ],
             options={
+                'abstract': False,
+                'swappable': 'OIDC_CLIENT_MODEL'
             },
             bases=(models.Model,),
         ),
@@ -36,7 +40,7 @@ class Migration(migrations.Migration):
                 ('expires_at', models.DateTimeField()),
                 ('_scope', models.TextField(default=b'')),
                 ('code', models.CharField(unique=True, max_length=255)),
-                ('client', models.ForeignKey(to='oidc_provider.Client', on_delete=models.CASCADE)),
+                ('client', models.ForeignKey(oidc_settings.get('OIDC_CLIENT_MODEL'), on_delete=models.CASCADE)),
             ],
             options={
                 'abstract': False,
@@ -51,7 +55,7 @@ class Migration(migrations.Migration):
                 ('_scope', models.TextField(default=b'')),
                 ('access_token', models.CharField(unique=True, max_length=255)),
                 ('_id_token', models.TextField()),
-                ('client', models.ForeignKey(to='oidc_provider.Client', on_delete=models.CASCADE)),
+                ('client', models.ForeignKey(oidc_settings.get('OIDC_CLIENT_MODEL'), on_delete=models.CASCADE)),
             ],
             options={
                 'abstract': False,

oidc_provider/migrations/0002_userconsent.py

@@ -4,6 +4,8 @@
 from django.db import models, migrations
 from django.conf import settings
 
+from oidc_provider import settings as oidc_settings
+
 
 class Migration(migrations.Migration):
 
@@ -19,7 +21,7 @@ class Migration(migrations.Migration):
                 ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
                 ('expires_at', models.DateTimeField()),
                 ('_scope', models.TextField(default=b'')),
-                ('client', models.ForeignKey(to='oidc_provider.Client', on_delete=models.CASCADE)),
+                ('client', models.ForeignKey(to=oidc_settings.get('OIDC_CLIENT_MODEL'), on_delete=models.CASCADE)),
                 ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL, on_delete=models.CASCADE)),
             ],
             options={

oidc_provider/migrations/0016_userconsent_and_verbosenames.py

@@ -8,6 +8,8 @@
 import django.db.models.deletion
 from django.utils.timezone import utc
 
+from oidc_provider import settings as oidc_settings
+
 
 class Migration(migrations.Migration):
 
@@ -79,7 +81,7 @@ class Migration(migrations.Migration):
             model_name='code',
             name='client',
             field=models.ForeignKey(
-                on_delete=django.db.models.deletion.CASCADE, to='oidc_provider.Client', verbose_name='Client'),
+                on_delete=django.db.models.deletion.CASCADE, to=oidc_settings.get('OIDC_CLIENT_MODEL'), verbose_name='Client'),
         ),
         migrations.AlterField(
             model_name='code',
@@ -141,7 +143,7 @@ class Migration(migrations.Migration):
             model_name='token',
             name='client',
             field=models.ForeignKey(
-                on_delete=django.db.models.deletion.CASCADE, to='oidc_provider.Client', verbose_name='Client'),
+                on_delete=django.db.models.deletion.CASCADE, to=oidc_settings.get('OIDC_CLIENT_MODEL'), verbose_name='Client'),
         ),
         migrations.AlterField(
             model_name='token',
@@ -168,7 +170,7 @@ class Migration(migrations.Migration):
             model_name='userconsent',
             name='client',
             field=models.ForeignKey(
-                on_delete=django.db.models.deletion.CASCADE, to='oidc_provider.Client', verbose_name='Client'),
+                on_delete=django.db.models.deletion.CASCADE, to=oidc_settings.get('OIDC_CLIENT_MODEL'), verbose_name='Client'),
         ),
         migrations.AlterField(
             model_name='userconsent',

oidc_provider/migrations/0027_auto_20181207_1311.py

@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.4 on 2018-12-07 13:11
+from __future__ import unicode_literals
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('oidc_provider', '0026_client_multiple_response_types'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='client',
+            name='owner',
+            field=models.ForeignKey(blank=True, default=None, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='oidc_provider_client_set', to=settings.AUTH_USER_MODEL, verbose_name='Owner'),
+        ),
+    ]

oidc_provider/models.py

@@ -4,11 +4,14 @@
 from hashlib import md5, sha256
 import json
 
+from django.apps import apps
 from django.db import models
 from django.utils import timezone
 from django.utils.translation import ugettext_lazy as _
 from django.conf import settings
 
+from oidc_provider import settings as oidc_settings
+
 
 CLIENT_TYPE_CHOICES = [
     ('confidential', 'Confidential'),
@@ -54,12 +57,13 @@ def __str__(self):
         return u'{0}'.format(self.description)
 
 
-class Client(models.Model):
+class AbstractClient(models.Model):
 
     name = models.CharField(max_length=100, default='', verbose_name=_(u'Name'))
     owner = models.ForeignKey(
         settings.AUTH_USER_MODEL, verbose_name=_(u'Owner'), blank=True,
-        null=True, default=None, on_delete=models.SET_NULL, related_name='oidc_clients_set')
+        null=True, default=None, on_delete=models.SET_NULL,
+        related_name='%(app_label)s_%(class)s_set')
     client_type = models.CharField(
         max_length=30,
         choices=CLIENT_TYPE_CHOICES,
@@ -115,6 +119,7 @@ class Client(models.Model):
     class Meta:
         verbose_name = _(u'Client')
         verbose_name_plural = _(u'Clients')
+        abstract = True
 
     def __str__(self):
         return u'{0}'.format(self.name)
@@ -158,9 +163,21 @@ def default_redirect_uri(self):
         return self.redirect_uris[0] if self.redirect_uris else ''
 
 
+class Client(AbstractClient):
+    class Meta(AbstractClient.Meta):
+        swappable = 'OIDC_CLIENT_MODEL'
+
+
+def get_client_model():
+    """ Return the Application model that is active in this project. """
+    return apps.get_model(oidc_settings.get('OIDC_CLIENT_MODEL'))
+
+
 class BaseCodeTokenModel(models.Model):
 
-    client = models.ForeignKey(Client, verbose_name=_(u'Client'), on_delete=models.CASCADE)
+    client = models.ForeignKey(
+        oidc_settings.get('OIDC_CLIENT_MODEL'), verbose_name=_(u'Client'),
+        on_delete=models.CASCADE)
     expires_at = models.DateTimeField(verbose_name=_(u'Expiration Date'))
     _scope = models.TextField(default='', verbose_name=_(u'Scopes'))
 

oidc_provider/settings.py

@@ -25,6 +25,14 @@ def SITE_URL(self):
         """
         return None
 
+    @property
+    def OIDC_CLIENT_MODEL(self):
+        """
+        OPTIONAL.  Use a custom client model, typically used to extend the client model
+        with custom fields. The custom model should override oidc_provider.AbstractClient.
+        """
+        return 'oidc_provider.Client'
+
     @property
     def OIDC_AFTER_USERLOGIN_HOOK(self):
         """

oidc_provider/tests/models.py

@@ -0,0 +1,7 @@
+from django.db import models
+
+from oidc_provider.models import AbstractClient
+
+
+class CustomClient(AbstractClient):
+    custom_field = models.CharField(max_length=255)