0001-Fix-all-log-to-log-unicode-strings.patch
| src/authentic2/attribute_aggregator/attributes.py | ||
|---|---|---|
| 184 | 184 |
In parameter, the service provider id and the user authenticated.''' |
| 185 | 185 |
if not user or not audience: |
| 186 | 186 |
return None |
| 187 |
logger.debug('provide_attributes_at_sso: search attribute for %s' \
|
|
| 188 |
% user) |
|
| 189 |
logger.debug('provide_attributes_at_sso: attributes for %s' \
|
|
| 190 |
% audience) |
|
| 191 | 187 |
provider = None |
| 192 | 188 |
try: |
| 193 | 189 |
provider = LibertyProvider.objects.get(entity_id=audience) |
| 194 | 190 |
except LibertyProvider.DoesNotExist: |
| 195 |
logger.debug('provide_attributes_at_sso: Provider with name %s not '
|
|
| 196 |
'found' % audience) |
|
| 191 |
logger.debug('provide_attributes_at_sso: provider not found')
|
|
| 197 | 192 |
attribute_policy = get_attribute_policy(provider) |
| 198 | 193 |
if not attribute_policy: |
| 199 |
logger.debug('provide_attributes_at_sso: no attribute policy found '
|
|
| 200 |
'for %s' % audience) |
|
| 194 |
logger.debug('provide_attributes_at_sso: no attribute policy found')
|
|
| 201 | 195 |
return None |
| 202 | 196 | |
| 203 | 197 |
p = load_or_create_user_profile(user=user) |
| 204 | 198 |
if not p: |
| 205 |
logger.error('provide_attributes_at_sso: unable to load or create a '
|
|
| 206 |
'profile for %s' % user) |
|
| 199 |
logger.error('provide_attributes_at_sso: unable to load or create a profile')
|
|
| 207 | 200 |
return None |
| 208 | 201 |
# XXX: hack so that UserAttributeProfile.user is the same as request.user |
| 209 | 202 |
# which can contain monkey patched fields |
| 210 | 203 |
p.user = user |
| 211 |
logger.debug('provide_attributes_at_sso: profile loaded %s' % p)
|
|
| 204 |
logger.debug('provide_attributes_at_sso: profile loaded %r', p)
|
|
| 212 | 205 | |
| 213 | 206 |
'''Returned dictionnary''' |
| 214 | 207 |
dic = dict() |
| src/authentic2/attribute_aggregator/core.py | ||
|---|---|---|
| 282 | 282 | |
| 283 | 283 |
def set_user_alias_in_source(user, source, name, force_change=False): |
| 284 | 284 |
from authentic2.attribute_aggregator.models import UserAliasInSource |
| 285 |
logger.debug('set_user_alias_in_source: set alias %s for user %s in \
|
|
| 286 |
source %s' % (name, user, source)) |
|
| 287 | 285 |
alias = None |
| 288 | 286 |
try: |
| 289 | 287 |
''' |
| ... | ... | |
| 306 | 304 |
pass |
| 307 | 305 |
else: |
| 308 | 306 |
if not force_change: |
| 309 |
logger.warn('set_user_alias_in_source: \
|
|
| 310 |
a user has already this alias, we do nothing.') |
|
| 307 |
logger.warn('set_user_alias_in_source: a user has already this alias, we do nothing.')
|
|
| 311 | 308 |
return None |
| 312 |
logger.warn('set_user_alias_in_source: \
|
|
| 313 |
a user has already this alias, we give it to %s.' % user) |
|
| 309 |
logger.warn('set_user_alias_in_source: a user has already this alias, we take it.')
|
|
| 314 | 310 |
alias.delete() |
| 315 | 311 |
try: |
| 316 | 312 |
alias = UserAliasInSource(user=user, name=name, source=source) |
| src/authentic2/attribute_aggregator/ldap_sources.py | ||
|---|---|---|
| 55 | 55 |
if not user: |
| 56 | 56 |
logger.error('get_attributes: No user provided')
|
| 57 | 57 |
return None |
| 58 |
logger.debug('get_attributes: Searching attributes for user %s' \
|
|
| 59 |
% user) |
|
| 58 |
logger.debug('get_attributes: Searching attributes')
|
|
| 60 | 59 | |
| 61 | 60 |
from authentic2.attribute_aggregator.models import LdapSource |
| 62 | 61 |
sources = None |
| src/authentic2/auth2_auth/auth2_ssl/views.py | ||
|---|---|---|
| 47 | 47 |
if 'do_creation' in request.session and not user \ |
| 48 | 48 |
and not request.user.is_authenticated(): |
| 49 | 49 |
from backends import SSLBackend |
| 50 |
logger.info('Account creation treatment')
|
|
| 51 | 50 |
if SSLBackend().create_user(ssl_info): |
| 52 | 51 |
user = authenticate(ssl_info=ssl_info) |
| 53 |
logger.info('account created for %s' % user.username)
|
|
| 52 |
logger.info(u'account created for %s', user)
|
|
| 54 | 53 |
else: |
| 55 | 54 |
logger.error('account creation failure')
|
| 56 | 55 |
messages.add_message(request, messages.ERROR, |
| ... | ... | |
| 85 | 84 |
# check that the SSL entry for the certificate is this user. |
| 86 | 85 |
# else, we make this certificate point on that user. |
| 87 | 86 |
if user.username != request.user.username: |
| 88 |
logger.warning('[auth2_ssl]: The certificate belongs to %s, '
|
|
| 89 |
'but %s is logged with, we change the association!' |
|
| 90 |
% (user.username, request.user.username))
|
|
| 87 |
logger.warning(u'The certificate belongs to %s, '
|
|
| 88 |
'but %s is logged with, we change the association!',
|
|
| 89 |
user, request.user)
|
|
| 91 | 90 |
from backends import SSLBackend |
| 92 | 91 |
cert = SSLBackend().get_certificate(ssl_info) |
| 93 | 92 |
cert.user = request.user |
| src/authentic2/idp/saml/common.py | ||
|---|---|---|
| 21 | 21 |
try: |
| 22 | 22 |
for key in session_key: |
| 23 | 23 |
store = engine.SessionStore(key) |
| 24 |
logging.debug('Killing session %s of user %s' %
|
|
| 25 |
(key, store[SESSION_KEY])) |
|
| 24 |
logging.debug('Killing session %s', key)
|
|
| 26 | 25 |
store.delete() |
| 27 | 26 |
except Exception, e: |
| 28 | 27 |
logging.error(e) |
| src/authentic2/idp/saml/saml2_endpoints.py | ||
|---|---|---|
| 400 | 400 |
kwargs = nameid2kwargs(login.assertion.subject.nameID) |
| 401 | 401 |
kwargs['entity_id'] = login.remoteProviderId |
| 402 | 402 |
kwargs['user'] = request.user |
| 403 |
logger.info("sending nameID %(name_id_format)s: "
|
|
| 404 |
"%(name_id_content)s to %(entity_id)s for user %(user)s" % kwargs)
|
|
| 403 |
logger.info(u'sending nameID %(name_id_format)s: '
|
|
| 404 |
'%(name_id_content)s to %(entity_id)s for user %(user)s' % kwargs)
|
|
| 405 | 405 |
if attributes: |
| 406 | 406 |
logger.debug("add attributes to the assertion")
|
| 407 | 407 |
saml2_add_attribute_values(login.assertion, attributes) |
| ... | ... | |
| 421 | 421 |
logger.debug('called by GET')
|
| 422 | 422 |
consent_answer = request.GET.get('consent_answer', '')
|
| 423 | 423 |
if consent_answer: |
| 424 |
logger.info('back from the consent page for federation with \
|
|
| 425 |
answer %s' % consent_answer)
|
|
| 424 |
logger.info(u'back from the consent page for federation with answer '
|
|
| 425 |
'%s', consent_answer)
|
|
| 426 | 426 |
message = get_saml2_request_message(request) |
| 427 | 427 |
server = create_server(request) |
| 428 | 428 |
login = lasso.Login(server) |
| ... | ... | |
| 431 | 431 |
logger.warn("missing query string")
|
| 432 | 432 |
return HttpResponseForbidden("A SAMLv2 Single Sign On request need a "
|
| 433 | 433 |
"query string") |
| 434 |
logger.debug('processing sso request %r' % message)
|
|
| 434 |
logger.debug('processing sso request %r', message)
|
|
| 435 | 435 |
policy = None |
| 436 | 436 |
signed = True |
| 437 | 437 |
while True: |
| ... | ... | |
| 1032 | 1032 |
if not provider_id: |
| 1033 | 1033 |
return error_redirect(request, |
| 1034 | 1034 |
N_('missing provider identifier'))
|
| 1035 |
logger.info('start of an idp initiated sso toward %r', provider_id)
|
|
| 1035 | 1036 |
server = create_server(request) |
| 1036 | 1037 |
login = lasso.Login(server) |
| 1037 | 1038 |
liberty_provider = load_provider(request, provider_id, |
| ... | ... | |
| 1051 | 1052 |
N_('you cannot login as %r as it does not exist'), username)
|
| 1052 | 1053 |
else: |
| 1053 | 1054 |
user = request.user |
| 1054 |
logger.info('sso by %r', user)
|
|
| 1055 | 1055 |
policy = get_sp_options_policy(liberty_provider) |
| 1056 | 1056 |
# Control assertion consumer binding |
| 1057 | 1057 |
if not policy: |
| src/authentic2/log_filters.py | ||
|---|---|---|
| 17 | 17 |
request_id = self.DEFAULT_REQUEST_ID |
| 18 | 18 |
if not request is None: |
| 19 | 19 |
if hasattr(request, 'user') and request.user.is_authenticated(): |
| 20 |
user = unicode(request.user).encode('utf-8')
|
|
| 20 |
user = unicode(request.user) |
|
| 21 | 21 |
ip = request.META['REMOTE_ADDR'] |
| 22 | 22 |
request_id = request.request_id |
| 23 | 23 |
record.user = user |
| src/authentic2/managers.py | ||
|---|---|---|
| 40 | 40 |
user = deleted_user.user |
| 41 | 41 |
deleted_user.delete() |
| 42 | 42 |
user.delete() |
| 43 |
logger.info(u'deleted account %s' % user)
|
|
| 43 |
logger.info(u'deleted account %s', user)
|
|
| 44 | 44 | |
| 45 | 45 |
class AuthenticationEventManager(models.Manager): |
| 46 | 46 |
def cleanup(self): |
| src/authentic2/registration_backend/views.py | ||
|---|---|---|
| 151 | 151 |
or request.GET.get('next_url'))
|
| 152 | 152 |
if 'submit' in request.POST: |
| 153 | 153 |
models.DeletedUser.objects.delete_user(request.user) |
| 154 |
logger.info(u'deletion of account %s requested' % request.user)
|
|
| 154 |
logger.info(u'deletion of account %s requested', request.user)
|
|
| 155 | 155 |
messages.info(request, _('Your account has been scheduled for deletion. You cannot use it anymore.'))
|
| 156 | 156 |
return redirect(request, 'auth_logout') |
| 157 | 157 |
else: |
| src/authentic2/user_login_failure.py | ||
|---|---|---|
| 17 | 17 |
count = cache.incr(key(identifier)) |
| 18 | 18 |
if app_settings.A2_LOGIN_FAILURE_COUNT_BEFORE_WARNING and count >= app_settings.A2_LOGIN_FAILURE_COUNT_BEFORE_WARNING: |
| 19 | 19 |
logger = logging.getLogger('authentic2.user_login_failure')
|
| 20 |
identifier = unicode(identifier) |
|
| 21 |
identifier = identifier.encode('utf-8')
|
|
| 22 |
logger.warning('user %s failed to login more than %d times in a row', identifier, count)
|
|
| 20 |
logger.warning(u'user %s failed to login more than %d times in a row', |
|
| 21 |
identifier, count) |
|
| 23 | 22 | |
| 24 |
- |
|