0001-misc-move-authenticator-code-to-models.py-66876.patch
src/authentic2_auth_fedict/authenticators.py | ||
---|---|---|
1 |
# authentic2_auth_fedict - Fedict authentication for Authentic |
|
2 |
# Copyright (C) 2016 Entr'ouvert |
|
3 |
# |
|
4 |
# This program is free software: you can redistribute it and/or modify it |
|
5 |
# under the terms of the GNU Affero General Public License as published |
|
6 |
# by the Free Software Foundation, either version 3 of the License, or |
|
7 |
# (at your option) any later version. |
|
8 |
# |
|
9 |
# This program is distributed in the hope that it will be useful, |
|
10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 |
# GNU Affero General Public License for more details. |
|
13 |
# |
|
14 |
# You should have received a copy of the GNU Affero General Public License |
|
15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | ||
17 |
from authentic2.authenticators import BaseAuthenticator |
|
18 |
from django.shortcuts import render |
|
19 |
from django.template.loader import render_to_string |
|
20 |
from django.utils.translation import ugettext_lazy as _ |
|
21 |
from mellon.utils import get_idp, get_idps |
|
22 | ||
23 |
try: |
|
24 |
from authentic2.utils import redirect_to_login |
|
25 |
except ImportError: |
|
26 |
from authentic2.utils.misc import redirect_to_login |
|
27 | ||
28 |
from . import app_settings |
|
29 | ||
30 | ||
31 |
class FedictAuthenticator(BaseAuthenticator): |
|
32 |
id = 'fedict' |
|
33 |
priority = -1 |
|
34 | ||
35 |
def enabled(self): |
|
36 |
return app_settings.enable and list(get_idps()) |
|
37 | ||
38 |
def name(self): |
|
39 |
return _('Belgian eID') |
|
40 | ||
41 |
def login(self, request, *args, **kwargs): |
|
42 |
context = kwargs.get('context', {}).copy() |
|
43 |
submit_name = 'login-%s' % self.id |
|
44 |
if request.method == 'POST' and submit_name in request.POST: |
|
45 |
return redirect_to_login(request, login_url='fedict-login') |
|
46 |
context['submit_name'] = submit_name |
|
47 |
context.update(self.get_supported_methods()) |
|
48 |
return render(request, 'authentic2_auth_fedict/login.html', context) |
|
49 | ||
50 |
def profile(self, request, *args, **kwargs): |
|
51 |
context = kwargs.get('context', {}).copy() |
|
52 |
user_saml_identifiers = request.user.saml_identifiers.all() |
|
53 |
for user_saml_identifier in user_saml_identifiers: |
|
54 |
user_saml_identifier.idp = get_idp(user_saml_identifier.issuer) |
|
55 |
context['user_saml_identifiers'] = user_saml_identifiers |
|
56 |
context.update(self.get_supported_methods()) |
|
57 |
return render_to_string('authentic2_auth_fedict/profile.html', context, request=request) |
|
58 | ||
59 |
def get_supported_methods(self): |
|
60 |
try: |
|
61 |
idp = [x for x in list(get_idps()) if 'belgium.be' in x.get('ENTITY_ID')][0] |
|
62 |
authn_classref = idp['AUTHN_CLASSREF'] |
|
63 |
except (IndexError, KeyError): |
|
64 |
authn_classref = '' |
|
65 |
return { |
|
66 |
'has_tokens': 'urn:be:fedict:iam:fas:citizen:token' in authn_classref |
|
67 |
or 'urn:be:fedict:iam:fas:citizen:Level300' in authn_classref, |
|
68 |
'has_itsme': 'urn:be:fedict:iam:fas:citizen:bmid' in authn_classref |
|
69 |
or 'urn:be:fedict:iam:fas:citizen:Level450' in authn_classref, |
|
70 |
} |
src/authentic2_auth_fedict/models.py | ||
---|---|---|
1 |
# authentic2_auth_fedict - Fedict authentication for Authentic |
|
2 |
# Copyright (C) 2016 Entr'ouvert |
|
3 |
# |
|
4 |
# This program is free software: you can redistribute it and/or modify it |
|
5 |
# under the terms of the GNU Affero General Public License as published |
|
6 |
# by the Free Software Foundation, either version 3 of the License, or |
|
7 |
# (at your option) any later version. |
|
8 |
# |
|
9 |
# This program is distributed in the hope that it will be useful, |
|
10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 |
# GNU Affero General Public License for more details. |
|
13 |
# |
|
14 |
# You should have received a copy of the GNU Affero General Public License |
|
15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | ||
17 |
from authentic2.authenticators import BaseAuthenticator |
|
18 |
from django.shortcuts import render |
|
19 |
from django.template.loader import render_to_string |
|
20 |
from django.utils.translation import ugettext_lazy as _ |
|
21 |
from mellon.utils import get_idp, get_idps |
|
22 | ||
23 |
try: |
|
24 |
from authentic2.utils import redirect_to_login |
|
25 |
except ImportError: |
|
26 |
from authentic2.utils.misc import redirect_to_login |
|
27 | ||
28 |
from . import app_settings |
|
29 | ||
30 | ||
31 |
class FedictAuthenticator(BaseAuthenticator): |
|
32 |
id = 'fedict' |
|
33 |
priority = -1 |
|
34 | ||
35 |
def enabled(self): |
|
36 |
return app_settings.enable and list(get_idps()) |
|
37 | ||
38 |
def name(self): |
|
39 |
return _('Belgian eID') |
|
40 | ||
41 |
def login(self, request, *args, **kwargs): |
|
42 |
context = kwargs.get('context', {}).copy() |
|
43 |
submit_name = 'login-%s' % self.id |
|
44 |
if request.method == 'POST' and submit_name in request.POST: |
|
45 |
return redirect_to_login(request, login_url='fedict-login') |
|
46 |
context['submit_name'] = submit_name |
|
47 |
context.update(self.get_supported_methods()) |
|
48 |
return render(request, 'authentic2_auth_fedict/login.html', context) |
|
49 | ||
50 |
def profile(self, request, *args, **kwargs): |
|
51 |
context = kwargs.get('context', {}).copy() |
|
52 |
user_saml_identifiers = request.user.saml_identifiers.all() |
|
53 |
for user_saml_identifier in user_saml_identifiers: |
|
54 |
user_saml_identifier.idp = get_idp(user_saml_identifier.issuer) |
|
55 |
context['user_saml_identifiers'] = user_saml_identifiers |
|
56 |
context.update(self.get_supported_methods()) |
|
57 |
return render_to_string('authentic2_auth_fedict/profile.html', context, request=request) |
|
58 | ||
59 |
def get_supported_methods(self): |
|
60 |
try: |
|
61 |
idp = [x for x in list(get_idps()) if 'belgium.be' in x.get('ENTITY_ID')][0] |
|
62 |
authn_classref = idp['AUTHN_CLASSREF'] |
|
63 |
except (IndexError, KeyError): |
|
64 |
authn_classref = '' |
|
65 |
return { |
|
66 |
'has_tokens': 'urn:be:fedict:iam:fas:citizen:token' in authn_classref |
|
67 |
or 'urn:be:fedict:iam:fas:citizen:Level300' in authn_classref, |
|
68 |
'has_itsme': 'urn:be:fedict:iam:fas:citizen:bmid' in authn_classref |
|
69 |
or 'urn:be:fedict:iam:fas:citizen:Level450' in authn_classref, |
|
70 |
} |
|
0 |
- |