43 |
43 |
SERVERS = {}
|
44 |
44 |
|
45 |
45 |
def create_server(request):
|
|
46 |
logger = logging.getLogger(__name__)
|
46 |
47 |
root = request.build_absolute_uri('/')
|
47 |
48 |
if root not in SERVERS:
|
48 |
49 |
idps = get_idps()
|
... | ... | |
69 |
70 |
password = key[1]
|
70 |
71 |
key = key[0]
|
71 |
72 |
server.setEncryptionPrivateKeyWithPassword(key, password)
|
72 |
|
for idp in idps:
|
|
73 |
for i, idp in enumerate(idps):
|
73 |
74 |
if 'METADATA_URL' in idp and 'METADATA' not in idp:
|
74 |
75 |
verify_ssl_certificate = get_setting(
|
75 |
76 |
idp, 'VERIFY_SSL_CERTIFICATE')
|
76 |
|
idp['METADATA'] = requests.get(idp['METADATA_URL'],
|
77 |
|
verify=verify_ssl_certificate).content
|
78 |
|
metadata = idp['METADATA']
|
79 |
|
if metadata.startswith('/'):
|
80 |
|
metadata = file(metadata).read()
|
|
77 |
response = requests.get(idp['METADATA_URL'],
|
|
78 |
verify=verify_ssl_certificate)
|
|
79 |
if not response.ok:
|
|
80 |
logger.error('retrieval of metadata URL %r failed with status %r for %d-th idp',
|
|
81 |
idp['METADATA_URL'], response.status_code, i)
|
|
82 |
continue
|
|
83 |
metadata = response.content
|
|
84 |
elif 'METADATA' in idp:
|
|
85 |
if idp['METADATA'].startswith('/'):
|
|
86 |
metadata = file(idp['METADATA']).read()
|
|
87 |
else:
|
|
88 |
logger.error(u'missing METADATA or METADATA_URL in %d-th idp', i)
|
|
89 |
continue
|
|
90 |
try:
|
|
91 |
server.addProviderFromBuffer(lasso.PROVIDER_ROLE_IDP, metadata)
|
|
92 |
except lasso.Error, e:
|
|
93 |
logger.error(u'bad metadata in %d-th idp: %s', i, e)
|
|
94 |
continue
|
81 |
95 |
idp['ENTITY_ID'] = ET.fromstring(metadata).attrib['entityID']
|
82 |
|
server.addProviderFromBuffer(lasso.PROVIDER_ROLE_IDP, metadata)
|
|
96 |
idp['METADATA'] = metadata
|
83 |
97 |
SERVERS[root] = server
|
84 |
98 |
return SERVERS[root]
|
85 |
99 |
|
86 |
|
-
|