From 15909279c5027ef2255fbf73f6e941e86b66b040 Mon Sep 17 00:00:00 2001 From: Josue Kouka Date: Wed, 20 Jan 2016 16:24:08 +0100 Subject: [PATCH] archimed user account webservice (#9517) --- mandayejs/settings.py | 1 + mandayejs/sites/archimed/urls.py | 23 +++++++++++ mandayejs/sites/archimed/views.py | 81 +++++++++++++++++++++++++++++++++++++++ mandayejs/urls.py | 6 +++ 4 files changed, 111 insertions(+) create mode 100644 mandayejs/sites/archimed/urls.py create mode 100644 mandayejs/sites/archimed/views.py diff --git a/mandayejs/settings.py b/mandayejs/settings.py index 0d7a935..1791268 100644 --- a/mandayejs/settings.py +++ b/mandayejs/settings.py @@ -54,6 +54,7 @@ INSTALLED_APPS = ( 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', + 'rest_framework', 'mandayejs.mandaye', 'mandayejs.sites.duonet', 'mandayejs.sites.archimed', diff --git a/mandayejs/sites/archimed/urls.py b/mandayejs/sites/archimed/urls.py new file mode 100644 index 0000000..8bf8fe9 --- /dev/null +++ b/mandayejs/sites/archimed/urls.py @@ -0,0 +1,23 @@ +# mandayejs - saml reverse proxy +# Copyright (C) 2015 Entr'ouvert +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU Affero General Public License as published +# by the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +from django.conf.urls import patterns, include, url + +from mandayejs.sites.archimed.views import account + +urlpatterns = patterns('', + url(r'account/(?P[\w+]*)/$', account, name='archimed-account-detail'), +) diff --git a/mandayejs/sites/archimed/views.py b/mandayejs/sites/archimed/views.py new file mode 100644 index 0000000..003c94e --- /dev/null +++ b/mandayejs/sites/archimed/views.py @@ -0,0 +1,81 @@ +# mandayejs - saml reverse proxy +# Copyright (C) 2015 Entr'ouvert +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU Affero General Public License as published +# by the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +from __future__ import absolute_import + +import logging +import requests +from requests.cookies import RequestsCookieJar + +from django.contrib.auth.models import User +from django.shortcuts import get_object_or_404 + +from rest_framework import status +from rest_framework.views import APIView +from rest_framework.response import Response + +from mandayejs.mandaye.models import UserCredentials +from mandayejs.mandaye.utils import exec_phantom, cookie_builder +from mandayejs.applications import get_app_settings + + +class AccountDetails(APIView): + """Archimed user's account details + """ + + def get(self, request, *args, **kwargs): + app_settings = get_app_settings() + + username = kwargs['username'] + user = get_object_or_404(User, username=username) + credentials = get_object_or_404(UserCredentials, user=user) + + result = exec_phantom({ + 'address': request.build_absolute_uri(app_settings.SITE_LOGIN_PATH), + 'cookies': [], + 'locators': [ credentials.to_login_info(decrypt=True) ], + 'auth_checker': app_settings.SITE_AUTH_CHECKER, + 'form_submit_element': app_settings.SITE_FORM_SUBMIT_ELEMENT + }) + + if result.get('result') != 'ok': + return Response(status=status.HTTP_401_UNAUTHORIZED) + + session = requests.session() + r_cookies = RequestsCookieJar() + + for cookie in result.get('cookies'): + r_cookies.set( + cookie['name'], + cookie['value'], + domain=cookie['domain'], + path=cookie['path'], + secure=cookie['secure'] + ) + session.cookies = r_cookies + + headers = { + 'Content-Type': 'application/json', + } + content = '{"codeConfig":"", "xslPath":"Services/LectorShortAccount.xslt"}' + url = request.build_absolute_uri('/DEFAULT/Ermes/Services/ILSClient.svc/RetrieveAccount') + + request_response = session.post(url, headers=headers, data=content, verify=False) + + return Response(request_response) + + +account = AccountDetails.as_view() diff --git a/mandayejs/urls.py b/mandayejs/urls.py index 8a3c303..764421a 100644 --- a/mandayejs/urls.py +++ b/mandayejs/urls.py @@ -13,11 +13,13 @@ # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . +from __future__ import absolute_import from django.conf.urls import patterns, include, url from django.contrib import admin from django.conf import settings + urlpatterns = patterns('', url(r'^_mandaye/panel$', 'mandayejs.mandaye.views.panel', name='panel'), url(r'^_mandaye/associate/$', 'mandayejs.mandaye.views.associate', name='associate'), @@ -30,3 +32,7 @@ urlpatterns = patterns('', if 'mellon' in settings.INSTALLED_APPS: urlpatterns += patterns('', url(r'^_mandaye/accounts/mellon/', include('mellon.urls'))) +if 'mandayejs.sites.archimed' in settings.INSTALLED_APPS: + urlpatterns += patterns('', + url(r'^_mandaye/archimed/', include('mandayejs.sites.archimed.urls')), + ) -- 2.7.0.rc3