Produits Entr'ouvert » Authentic 2

class AttributePolicy(models.Model):

    name = models.CharField(max_length = 100, unique = True)

    ask_consent_attributes = models.BooleanField(\

            verbose_name = _("Ask the user consent before forwarding attributes"),

            default=True)

    logout_url = models.URLField(verbose_name=_('url'), help_text=_('you can use a {} '

        'to pass the URL of the success icon, ex.: '

        'http://example.com/logout?next={}'), max_length=255, blank=True, null=True)

            verbose_name=_('use an iframe instead of an img tag for logout'))

    logout_use_iframe_timeout = models.PositiveIntegerField(

            verbose_name=_('iframe logout timeout (ms)'),

            unique=True)

    required = models.BooleanField(

            verbose_name=_('required'),

            blank=True)

    asked_on_registration = models.BooleanField(

            verbose_name=_('asked on registration'),

            blank=True)

    user_editable = models.BooleanField(

            verbose_name=_('user editable'),

            blank=True)

    user_visible = models.BooleanField(

            verbose_name=_('user visible'),

            blank=True)

    multiple = models.BooleanField(

            verbose_name=_('multiple'),

            blank=True)

    kind = models.CharField(max_length=16,

            verbose_name=_('kind'),

        providers

    '''

    name = models.CharField(_('name'), max_length=200, unique=True)

            verbose_name = _("Do not send a nameId Policy"))

    requested_name_id_format = models.CharField(

            verbose_name = _("Requested NameID format"),

            max_length = 200,

            default = DEFAULT_NAME_ID_FORMAT,

            choices = NAME_ID_FORMATS_CHOICES)

            verbose_name = \

_("This IdP sends a transient NameID but you want a persistent behaviour for your SP"))

    persistent_identifier_attribute = models.CharField(_('Persistent '

            'identifier attribute'), max_length=200, null=True, blank=True)

            verbose_name = _("Allow IdP to create an identity"))

            verbose_name = _('Binding for Authnresponse \

            (taken from metadata by the IdP if not enabled)'))

    binding_for_sso_response = models.CharField(

            verbose_name = _("Binding for the SSO responses"),

            max_length = 200, choices = BINDING_SSO_IDP,

            default = lasso.SAML2_METADATA_BINDING_ARTIFACT)

            verbose_name = _('HTTP method for single logout request \

            (taken from metadata if not enabled)'))

    http_method_for_slo_request = models.IntegerField(

            verbose_name = _("HTTP binding for the SLO requests"),

            max_length = 200, choices = HTTP_METHOD,

            default = lasso.HTTP_METHOD_REDIRECT)

            verbose_name = \

            _('HTTP method for federation termination request \

            (taken from metadata if not enabled)'))

            verbose_name = _("HTTP method for the defederation requests"),

            max_length = 200, choices = HTTP_METHOD,

            default = lasso.HTTP_METHOD_SOAP)

            verbose_name = \

                _("Require the user consent be given at account linking"),

            default=False)

            verbose_name = _("Force authentication"))

            verbose_name = _("Passive authentication"))

            verbose_name = _("Want AuthnRequest signed"))

    handle_persistent = models.CharField(

            max_length=200,

        Used to define SAML2 parameters employed with service providers.

    '''

    name = models.CharField(_('name'), max_length=80, unique=True)

    prefered_assertion_consumer_binding = models.CharField(

            verbose_name = _("Prefered assertion consumer binding"),

            default = 'meta',

            max_length = 4, choices = ASSERTION_CONSUMER_PROFILES)

            verbose_name = _("Encrypt Assertion"))

            verbose_name = _("Authentication request signed"))

            verbose_name = _("Allow IdP initiated SSO"))

    # XXX: format in the metadata file, should be suffixed with a star to mark

    # them as special

class AuthorizationSPPolicy(models.Model):

    name = models.CharField(_('name'), max_length=80, unique=True)

    attribute_map = models.ForeignKey(AuthorizationAttributeMap,

            related_name = "authorization_attributes",

            blank = True, null = True)

class LibertyServiceProvider(models.Model):

    liberty_provider = models.OneToOneField(LibertyProvider,

            primary_key = True, related_name = 'service_provider')

        _('The following options policy will apply except if a policy for all service provider is defined.'))

    sp_options_policy = models.ForeignKey(SPOptionsIdPPolicy, related_name = "sp_options_policy", verbose_name = _('service provider options policy'), blank=True, null=True)

    policy = models.ForeignKey(LibertyProviderPolicy,

            verbose_name=_("Protocol policy"), null=True, default=1)

        _('The following attribute policy will apply except if a policy for all service provider is defined.'))

    attribute_policy = models.ForeignKey('idp.AttributePolicy',

             related_name = "attribute_policy",

class LibertyIdentityProvider(models.Model):

    liberty_provider = models.OneToOneField(LibertyProvider,

            primary_key = True, related_name = 'identity_provider')

        _('The following options policy will apply except if a policy for all '

          'identity provider is defined.'))

    idp_options_policy = models.ForeignKey(IdPOptionsSPPolicy,

            related_name="idp_options_policy",

            verbose_name=_('identity provider options policy'), blank=True,

            null=True)

        _('The following authorization policy will apply except if a policy for'

          ' all identity provider is defined.'))

    authorization_policy = models.ForeignKey(AuthorizationSPPolicy,