Added v3 auth endpoints (#1335)

loganbertram · web-flow · commit b261f84d8142 · 2025-05-22T14:27:03.000-04:00
diff --git a/apps/authorization/v3/urls.py b/apps/authorization/v3/urls.py
@@ -0,0 +1,16 @@
+from django.urls import include, path, re_path
+from rest_framework.routers import DefaultRouter
+from apps.authorization.views import ExpireDataAccessGrantView, AuthorizedGrants
+from waffle.decorators import waffle_switch
+
+router = DefaultRouter()
+router.register(r"tokens", AuthorizedGrants, basename="token")
+
+urlpatterns = [
+    path("", include((router.urls, "authorization"), namespace="token_management_v3")),
+    re_path(
+        r"^expire_authenticated_user/(?P<patient_id>[\-0-9]+)/$",
+        waffle_switch("expire_grant_endpoint", "v3_endpoints")(ExpireDataAccessGrantView.as_view()),
+        name="expire_access_grant",
+    ),
+]
diff --git a/apps/dot_ext/v3/urls.py b/apps/dot_ext/v3/urls.py
@@ -0,0 +1,62 @@
+from django.urls import path, re_path
+from oauth2_provider import views as oauth2_views
+from waffle.decorators import waffle_switch
+
+from apps.dot_ext import views
+
+
+app_name = "oauth2_provider_v3"
+
+
+base_urlpatterns = [
+    path("authorize/", waffle_switch("v3_endpoints")(views.AuthorizationView.as_view(version=3)), name="authorize-v3"),
+    re_path(
+        r"^authorize/(?P<uuid>[\w-]+)/$",
+        waffle_switch("v3_endpoints")(views.ApprovalView.as_view(version=3)),
+        name="authorize-instance-v3",
+    ),
+    path("token/", waffle_switch("v3_endpoints")(views.TokenView.as_view()), name="token-v3"),
+    path("revoke_token/", waffle_switch("v3_endpoints")(views.RevokeTokenView.as_view()), name="revoke-token-v3"),
+    path("revoke/", waffle_switch("v3_endpoints")(views.RevokeView.as_view()), name="revoke-v3"),
+    path("introspect/", waffle_switch("v3_endpoints")(views.IntrospectTokenView.as_view()), name="introspect-v3"),
+]
+
+
+management_urlpatterns = [
+    # Application management views
+    path("applications/", waffle_switch("v3_endpoints")(oauth2_views.ApplicationList.as_view()), name="list-v3"),
+    path(
+        "applications/register/",
+        waffle_switch("v3_endpoints")(views.ApplicationRegistration.as_view()),
+        name="register-v3",
+    ),
+    re_path(
+        r"^applications/(?P<pk>[\w-]+)/$",
+        waffle_switch("v3_endpoints")(oauth2_views.ApplicationDetail.as_view()),
+        name="detail-v3",
+    ),
+    re_path(
+        r"^applications/(?P<pk>[\w-]+)/delete/$",
+        waffle_switch("v3_endpoints")(views.ApplicationDelete.as_view()),
+        name="delete-v3",
+    ),
+    re_path(
+        r"^applications/(?P<pk>[\w-]+)/update/$",
+        waffle_switch("v3_endpoints")(views.ApplicationUpdate.as_view()),
+        name="update-v3",
+    ),
+    # Token management views
+    path(
+        "authorized_tokens/",
+        waffle_switch("v3_endpoints")(oauth2_views.AuthorizedTokensListView.as_view()),
+        name="authorized-token-list-v3",
+    ),
+    re_path(
+        r"^authorized_tokens/(?P<pk>[\w-]+)/delete/$",
+        waffle_switch("v3_endpoints")(oauth2_views.AuthorizedTokenDeleteView.as_view()),
+        name="authorized-token-delete-v3",
+    ),
+]
+
+
+urlpatterns = base_urlpatterns + management_urlpatterns
diff --git a/apps/fhir/server/authentication.py b/apps/fhir/server/authentication.py
@@ -78,8 +78,14 @@ def search_fhir_id_by_identifier(search_identifier, request=None):
 
     # Build URL with patient ID search by identifier.
     ver = "v{}".format(request.session.get('version', 1))
+    # Temp fixed to v2
+    if ver == "v3":
+        ver = "v2"
     url = f"{get_resourcerouter().fhir_url}/{ver}/fhir/Patient/_search"
 
+    # Temp reset to requested version
+    ver = "v{}".format(request.session.get('version', 1))
+
     max_retries = 3
     retries = 0
     env = os.environ.get('TARGET_ENV')
diff --git a/apps/mymedicare_cb/views.py b/apps/mymedicare_cb/views.py
@@ -133,7 +133,12 @@ def callback(request, version=2):
         user=request.user)
 
     # Only go back to app authorization
-    url_map_name = 'oauth2_provider_v2:authorize-instance-v2' if version == 2 else 'oauth2_provider:authorize-instance'
+    if version == 3:
+        url_map_name = 'oauth2_provider_v3:authorize-instance-v3'
+    elif version == 2:
+        url_map_name = 'oauth2_provider_v2:authorize-instance-v2'
+    else:
+        url_map_name = 'oauth2_provider:authorize-instance'
     auth_uri = reverse(url_map_name, args=[approval.uuid])
 
     _, _, auth_path, _, _ = urlsplit(auth_uri)
diff --git a/hhs_oauth_server/urls.py b/hhs_oauth_server/urls.py
@@ -41,6 +41,8 @@
     path("v3/fhir/", include("apps.fhir.bluebutton.v3.urls")),
     path("v2/o/", include("apps.dot_ext.v2.urls")),
     path("v2/o/", include("apps.authorization.v2.urls")),
+    path("v3/o/", include("apps.dot_ext.v3.urls")),
+    path("v3/o/", include("apps.authorization.v3.urls")),
     path("docs/", include("apps.docs.urls")),
     re_path(r"^" + ADMIN_REDIRECTOR + "admin/metrics/", include("apps.metrics.urls")),
     re_path(r"^" + ADMIN_REDIRECTOR + "admin/", admin.site.urls),
