add openid authentication

common/djangoapps/student/views.py

@@ -61,6 +61,15 @@ def index(request):
     if settings.COURSEWARE_ENABLED and request.user.is_authenticated():
         return redirect(reverse('dashboard'))
 
+    return main_index()
+
+def main_index(extra_context = {}):
+    '''
+    Render the edX main page.
+
+    extra_context is used to allow immediate display of certain modal windows, eg signup,
+    as used by external_auth.
+    '''
     feed_data = cache.get("students_index_rss_feed_data")
     if feed_data == None:
         if hasattr(settings, 'RSS_URL'):
@@ -81,8 +90,9 @@ def index(request):
     for course in courses:
         universities[course.org].append(course)
 
-    return render_to_response('index.html', {'universities': universities, 'entries': entries})
-
+    context = {'universities': universities, 'entries': entries}
+    context.update(extra_context)
+    return render_to_response('index.html', context)
 
 def course_from_id(id):
     course_loc = CourseDescriptor.id_to_location(id)
@@ -257,11 +267,26 @@ def change_setting(request):
 
 @ensure_csrf_cookie
 def create_account(request, post_override=None):
-    ''' JSON call to enroll in the course. '''
+    '''
+    JSON call to create new edX account.
+    Used by form in signup_modal.html, which is included into navigation.html
+    '''
     js = {'success': False}
 
     post_vars = post_override if post_override else request.POST
 
+    # if doing signup for an external authorization, then get email, password, name from the eamap
+    # don't use the ones from the form, since the user could have hacked those
+    doExternalAuth = 'ExternalAuthMap' in request.session
+    if doExternalAuth:
+        eamap = request.session['ExternalAuthMap']
+        email = eamap.external_email
+        name = eamap.external_name
+        password = eamap.internal_password
+        post_vars = dict(post_vars.items())
+        post_vars.update(dict(email=email, name=name, password=password, username=post_vars['username']))
+        log.debug('extauth test: post_vars = %s' % post_vars)
+
     # Confirm we have a properly formed request
     for a in ['username', 'email', 'password', 'name']:
         if a not in post_vars:
@@ -356,8 +381,9 @@ def create_account(request, post_override=None):
          'key': r.activation_key,
          }
 
+    # composes activation email
     subject = render_to_string('emails/activation_email_subject.txt', d)
-        # Email subject *must not* contain newlines
+    # Email subject *must not* contain newlines
     subject = ''.join(subject.splitlines())
     message = render_to_string('emails/activation_email.txt', d)
 
@@ -382,6 +408,17 @@ def create_account(request, post_override=None):
 
     try_change_enrollment(request)
 
+    if doExternalAuth:
+        eamap.user = login_user
+        eamap.dtsignup = datetime.datetime.now()
+        eamap.save()
+        log.debug('Updated ExternalAuthMap for %s to be %s' % (post_vars['username'],eamap))
+
+        if settings.MITX_FEATURES.get('BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'):
+            log.debug('bypassing activation email')
+            login_user.is_active = True
+            login_user.save()
+
     js = {'success': True}
     return HttpResponse(json.dumps(js), mimetype="application/json")
 

lms/envs/dev.py

@@ -55,6 +55,18 @@ CACHES = {
 # Dummy secret key for dev
 SECRET_KEY = '85920908f28904ed733fe576320db18cabd7b6cd'
 
+################################ OpenID Auth #################################
+MITX_FEATURES['AUTH_USE_OPENID'] = True
+MITX_FEATURES['BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'] = True
+
+INSTALLED_APPS += ('external_auth',) 
+INSTALLED_APPS += ('django_openid_auth',)
+
+OPENID_CREATE_USERS = False
+OPENID_UPDATE_DETAILS_FROM_SREG = True
+OPENID_SSO_SERVER_URL = 'https://www.google.com/accounts/o8/id'	# TODO: accept more endpoints
+OPENID_USE_AS_ADMIN_LOGIN = False
+
 ################################ DEBUG TOOLBAR #################################
 INSTALLED_APPS += ('debug_toolbar',) 
 MIDDLEWARE_CLASSES += ('debug_toolbar.middleware.DebugToolbarMiddleware',)

lms/templates/extauth_failure.html

+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
+  "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+    <title>OpenID failed</title>
+</head>
+<body>
+    <h1>OpenID failed</h1>
+    <p>${message}</p>
+</body>
+</html>

lms/templates/index.html

@@ -144,3 +144,12 @@
     <iframe width="640" height="360" src="http://www.youtube.com/embed/C2OQ51tu7W4?showinfo=0" frameborder="0" allowfullscreen></iframe>
   </div>
 </section>
+
+% if show_signup_immediately is not UNDEFINED:
+<script type="text/javascript">
+function dosignup(){
+    document.getElementById('signup').click();
+}
+$(window).load(dosignup);
+</script>
+% endif

lms/templates/login_modal.html

@@ -27,6 +27,9 @@
         <span>Not enrolled? <a href="#signup-modal" class="close-login" rel="leanModal">Sign up.</a></span>
         <a href="#forgot-password-modal" rel="leanModal" class="pwd-reset">Forgot password?</a>
       </p>
+      <p>
+      <a href="${MITX_ROOT_URL}/openid/login">login via openid</a>
+      </p>
     </section>
 
     <div class="close-modal">

lms/templates/signup_modal.html

@@ -19,6 +19,7 @@
         <div id="register_error" name="register_error"></div>
 
         <div class="input-group">
+	  % if has_extauth_info is UNDEFINED:
           <label data-field="email">E-mail*</label>
           <input name="email" type="email" placeholder="E-mail*">
           <label data-field="password">Password*</label>
@@ -27,6 +28,18 @@
           <input name="username" type="text" placeholder="Public Username*">
           <label data-field="name">Full Name</label>
           <input name="name" type="text" placeholder="Full Name*">
+	  % else:
+	  <p><i>Welcome</i> ${extauth_email}</p><br/>
+          <label data-field="email">E-mail*</label>
+          <input name="email" type="hidden" value="${extauth_email}" placeholder="E-mail*">
+	  <p><i>Enter a public username:</i></p>
+          <label data-field="username">Public Username*</label>
+          <input name="username" type="text" value="${extauth_username}" placeholder="Public Username*">
+          <label data-field="password">Password*</label>
+          <input name="password" type="hidden" value="DoExtAuth" placeholder="Password*">
+          <label data-field="name">Full Name</label>
+          <input name="name" type="hidden" value="${extauth_name}" placeholder="Full Name*">
+	  % endif
         </div>
 
         <div class="input-group">
@@ -93,11 +106,13 @@
         </div>
       </form>
 
+      % if has_extauth_info is UNDEFINED:
       <section class="login-extra">
         <p>
           <span>Already have an account? <a href="#login-modal" class="close-signup" rel="leanModal">Login.</a></span>
         </p>
       </section>
+      % endif
 
     </div>
 

lms/urls.py

@@ -160,12 +160,22 @@ if settings.DEBUG:
     ## Jasmine
     urlpatterns=urlpatterns + (url(r'^_jasmine/', include('django_jasmine.urls')),)
 
+if settings.MITX_FEATURES.get('AUTH_USE_OPENID'):
+    urlpatterns += (
+        url(r'^openid/login/$', 'django_openid_auth.views.login_begin', name='openid-login'),
+        url(r'^openid/complete/$', 'external_auth.views.edXauth_openid_login_complete', name='openid-complete'),
+        url(r'^openid/logo.gif$', 'django_openid_auth.views.logo', name='openid-logo'),
+        )
+    urlpatterns += (
+        url(r'^extauth/$', 'external_auth.views.edXauth_signup', name='extauth-signup'),
+        )
+    # urlpatterns += (url(r'^openid/', include('django_openid_auth.urls')),)
+
 urlpatterns = patterns(*urlpatterns)
 
 if settings.DEBUG:
     urlpatterns += static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
 
-
 #Custom error pages
 handler404 = 'static_template_view.views.render_404'
 handler500 = 'static_template_view.views.render_500'

requirements.txt

@@ -8,6 +8,7 @@ lxml
 boto
 mako
 python-memcached
+python-openid 
 path.py
 django_debug_toolbar
 -e git://github.com/MITx/django-pipeline.git#egg=django-pipeline
@@ -37,6 +38,7 @@ django-jasmine
 django-keyedcache
 django-mako
 django-masquerade
+django-openid-auth 
 django-robots
 django-ses
 django-storages