opt app_saas

2025-02-23 04:11:36 +02:00 · 2025-01-06 18:39:35 +08:00
parent a7c092a7db
commit a8a1f1602c
8 changed files with 121 additions and 62 deletions
--- a/app_saas/models/res_users.py
+++ b/app_saas/models/res_users.py
@@ -9,26 +9,19 @@ try:
 except:
    from urllib import request as urllib2

-
-
 from odoo import api, fields, models, _
-from odoo.exceptions import AccessDenied, UserError
-from odoo.addons.auth_signup.models.res_users import SignupError
-from odoo.http import request, Response
-
-from ast import literal_eval
-import json
 import requests
-from datetime import timedelta
-import random

 import logging
+
 _logger = logging.getLogger(__name__)

+
 class OauthBindError(Exception):
    # 增加一种错误类型
    pass

+
 class ResUsers(models.Model):
    _inherit = 'res.users'
    
@@ -50,9 +43,13 @@ class ResUsers(models.Model):
        response = requests.get(oauth_provider.code_endpoint, params=params, timeout=30)
        if response.ok:
            ret = response.json()
-            # todo: 客户机首次连接时，取到的 server 端 key 写入 provider 的 client_secret
-            if ret.get('push_client_secret') and hasattr(oauth_provider, 'client_secret'):
-                oauth_provider.write({'client_secret': ret.get('push_client_secret')})
+            # 客户机首次连接时，取到的 server 端 key 写入 provider 的 client_secret
+            push_client_secret = ret.pop('push_client_secret', False)
+            if push_client_secret:
+                ICP = self.env['ir.config_parameter'].sudo()
+                ICP.set_param('app_saas_db_token', push_client_secret)
+                if hasattr(oauth_provider, 'client_secret') and not oauth_provider.client_secret:
+                    oauth_provider.write({'client_secret': push_client_secret})
                self._cr.commit()
            return ret
        return {}
@@ -68,18 +65,18 @@ class ResUsers(models.Model):
            ret = self.sudo().get_token_from_code(provider, params)
            kw.update(ret)
            kw.pop('code', False)
-            
+        
        self = self.with_context(auth_extra=kw)
        res = super(ResUsers, self).auth_oauth(provider, kw)
        return res
-
+    
    def _auth_oauth_signin(self, provider, validation, params):
        # 用户绑定的额外处理，如果有同 login 用户则直接绑定
        # todo: 当前不管多公司，在 social_login 里有更细节判断，后续优化
        # todo: 当前同名就写 oauth 信息，不安全，要优化
        oauth_provider = self.env['auth.oauth.provider'].sudo().browse(provider)
        if oauth_provider and oauth_provider.scope.find('odoo') >= 0:
-            oauth_uid =validation.get('user_id')
+            oauth_uid = validation.get('user_id')
            if oauth_uid:
                odoo_user = self.sudo().search([('login', '=', oauth_uid)], limit=1)
                if odoo_user and not (odoo_user.oauth_access_token and odoo_user.oauth_provider_id and odoo_user.oauth_uid):
@@ -125,7 +122,7 @@ class ResUsers(models.Model):
        #             raise SignupError(str(e))
        res = super(ResUsers, self)._create_user_from_template(values)
        return res
-
+    
    @api.model
    def _generate_signup_values(self, provider, validation, params):
        # 此处生成 创建 odoo user 的初始值，增加字段如头像
@@ -136,7 +133,7 @@ class ResUsers(models.Model):
        if validation.get('headimgurl'):
            res['image_1920'] = self.sudo()._get_image_from_url(validation.get('headimgurl'))
        return res
-
+    
    def _rpc_api_keys_only(self):
        # 可直接使用 oauth_access_token 作为 password 登录
        self.ensure_one()