Project

General

Profile

« Previous | Next » 

Revision c8204b73

Added by Serghei Mihai about 8 years ago

login function redirecting to idp and callback view added

View differences:

ckanext/ozwillo_pyoidc/plugin.py
1
import logging
2

  
1 3
import ckan.plugins as plugins
2 4
import ckan.plugins.toolkit as toolkit
5
from ckan.common import session
6
import ckan.lib.base as base
7

  
8
from pylons import config, request
9

  
10
from oidc import OIDCClients
11

  
12
import conf
13

  
14
from oic.oic import Client, AuthorizationRequest
15
from oic.utils.authn.client import CLIENT_AUTHN_METHOD
16

  
17
plugin_config_prefix = 'ckanext.ozwillo_pyoidc.'
18

  
19
log = logging.getLogger(__name__)
20

  
21
Client = OIDCClients(conf)['ozwillo']
3 22

  
23
def openid_callback(context, data):
24
    print context
25
    print data
4 26

  
5 27
class OzwilloPyoidcPlugin(plugins.SingletonPlugin):
6 28
    plugins.implements(plugins.IConfigurer)
29
    plugins.implements(plugins.IRoutes)
30
    plugins.implements(plugins.IAuthenticator, inherit=True)
7 31

  
8
    # IConfigurer
32
    def __init__(self, name=None):
33
        self.client = Client
34

  
35
    def before_map(self, map):
36
        map.redirect('/organization/{id:.*}/sso', '/user/login')
37
        map.connect('/openid/callback',
38
                    controller='ckanext.ozwillo_pyoidc.plugin:OpenidController',
39
                    action='openid_callback')
40
        return map
41

  
42
    def after_map(self, map):
43
        return map
44

  
45
    def identify(self):
46
        # must set toolkit.c.user
47
        pass
48

  
49
    def login(self):
50
        url, ht_args = self.client.create_authn_request(session, conf.ACR_VALUES)
51
        if ht_args:
52
            toolkit.request.headers.update(ht_args)
53
        toolkit.redirect_to(url)
54

  
55
    def logout(self):
56
        # revoke all auth tokens
57
        # redirect to logout in ozwillo
58
        revoke_endpoint = 'https://portal.ozwillo-preprod.eu/a/revoke'
59
        toolkit.redirect('/user/_logout')
9 60

  
10 61
    def update_config(self, config_):
11 62
        toolkit.add_template_directory(config_, 'templates')
12 63
        toolkit.add_public_directory(config_, 'public')
13 64
        toolkit.add_resource('fanstatic', 'ozwillo_pyoidc')
65

  
66
class OpenidController(base.BaseController):
67

  
68
    def openid_callback(self):
69
        userinfo = Client.callback(request.GET)
70
        return "userinfo: %s" % userinfo

Also available in: Unified diff