First Integration
Create your first OAuth-protected view with SVA OAuth.
Step 1: Create a Simple View
Create a view that requires authentication:
# views.py
from django.shortcuts import render
from sva_oauth_client.decorators import sva_oauth_required
from sva_oauth_client.utils import get_sva_claims
@sva_oauth_required
def dashboard(request):
"""Protected dashboard view"""
# Get user claims from the signed data_token
claims = get_sva_claims(request)
context = {
'email': claims.get('email'),
'name': claims.get('name'),
'username': claims.get('username'),
'all_claims': claims,
}
return render(request, 'dashboard.html', context)
Step 2: Create URL Pattern
Add the view to your URLs:
# urls.py
from django.urls import path
from . import views
urlpatterns = [
path('dashboard/', views.dashboard, name='dashboard'),
]
Step 3: Create Template
Create a simple template to display user data:
<!-- templates/dashboard.html -->
<!DOCTYPE html>
<html>
<head>
<title>Dashboard</title>
</head>
<body>
<h1>Welcome to Your Dashboard</h1>
{% if email %}
<p><strong>Email:</strong> {{ email }}</p>
{% endif %}
{% if name %}
<p><strong>Name:</strong> {{ name }}</p>
{% endif %}
{% if username %}
<p><strong>Username:</strong> {{ username }}</p>
{% endif %}
<h2>All Claims</h2>
<pre>{{ all_claims|pprint }}</pre>
<a href="{% url 'sva_oauth_client:logout' %}">Logout</a>
</body>
</html>
Step 4: Add Login Link
Add a login link to your home page or base template:
<!-- templates/base.html -->
<!DOCTYPE html>
<html>
<head>
<title>My App</title>
</head>
<body>
<nav>
{% if request.session.sva_oauth_access_token %}
<a href="{% url 'dashboard' %}">Dashboard</a>
<a href="{% url 'sva_oauth_client:logout' %}">Logout</a>
{% else %}
<a href="{% url 'sva_oauth_client:login' %}">Sign In with SVA</a>
{% endif %}
</nav>
<main>
{% block content %}{% endblock %}
</main>
</body>
</html>
Step 5: Test the Integration
-
Start your development server:
python manage.py runserver -
Visit your dashboard URL:
http://localhost:8000/dashboard/ -
You should be redirected to login:
http://localhost:8000/oauth/login/ -
Complete the OAuth flow:
- Click "Sign In with SVA"
- Approve the consent screen
- Get redirected back to your dashboard
-
View user data:
- Your dashboard should display the user's email, name, and other approved claims
Understanding the Flow
Here's what happens when a user accesses your protected view:
- User visits
/dashboard/ - Decorator checks authentication:
- If not authenticated → redirects to
/oauth/login/ - If authenticated → continues to view
- If not authenticated → redirects to
- Login view initiates OAuth:
- Generates PKCE parameters
- Redirects to SVA authorization endpoint
- User approves consent:
- User reviews requested scopes
- User approves/denies
- Callback receives authorization code:
- Exchanges code for tokens
- Stores tokens in session
- Redirects to dashboard
- Dashboard view executes:
get_sva_claims()decodes data_token- Returns user data to template
Requiring Specific Identity Blocks
You can require specific identity blocks using the @sva_blocks_required decorator:
from sva_oauth_client.decorators import sva_blocks_required
@sva_blocks_required('email', 'name', 'phone')
def profile_view(request):
"""Requires email, name, and phone blocks"""
claims = get_sva_claims(request)
# These are guaranteed to exist
email = claims['email']
name = claims['name']
phone = claims['phone']
return render(request, 'profile.html', {
'email': email,
'name': name,
'phone': phone,
})
If the user hasn't approved these blocks, they'll be redirected to login with an error message.
Next Steps
- Learn about Identity Blocks to understand available user data
- Explore Token Management for advanced token handling
- Check out Examples for more use cases
- Read the API Reference for complete documentation