Revision c8204b73
Added by Serghei Mihai over 9 years ago
ckanext/ozwillo_pyoidc/plugin.py | ||
---|---|---|
1 |
import logging |
|
2 |
|
|
1 | 3 |
import ckan.plugins as plugins |
2 | 4 |
import ckan.plugins.toolkit as toolkit |
5 |
from ckan.common import session |
|
6 |
import ckan.lib.base as base |
|
7 |
|
|
8 |
from pylons import config, request |
|
9 |
|
|
10 |
from oidc import OIDCClients |
|
11 |
|
|
12 |
import conf |
|
13 |
|
|
14 |
from oic.oic import Client, AuthorizationRequest |
|
15 |
from oic.utils.authn.client import CLIENT_AUTHN_METHOD |
|
16 |
|
|
17 |
plugin_config_prefix = 'ckanext.ozwillo_pyoidc.' |
|
18 |
|
|
19 |
log = logging.getLogger(__name__) |
|
20 |
|
|
21 |
Client = OIDCClients(conf)['ozwillo'] |
|
3 | 22 |
|
23 |
def openid_callback(context, data): |
|
24 |
print context |
|
25 |
print data |
|
4 | 26 |
|
5 | 27 |
class OzwilloPyoidcPlugin(plugins.SingletonPlugin): |
6 | 28 |
plugins.implements(plugins.IConfigurer) |
29 |
plugins.implements(plugins.IRoutes) |
|
30 |
plugins.implements(plugins.IAuthenticator, inherit=True) |
|
7 | 31 |
|
8 |
# IConfigurer |
|
32 |
def __init__(self, name=None): |
|
33 |
self.client = Client |
|
34 |
|
|
35 |
def before_map(self, map): |
|
36 |
map.redirect('/organization/{id:.*}/sso', '/user/login') |
|
37 |
map.connect('/openid/callback', |
|
38 |
controller='ckanext.ozwillo_pyoidc.plugin:OpenidController', |
|
39 |
action='openid_callback') |
|
40 |
return map |
|
41 |
|
|
42 |
def after_map(self, map): |
|
43 |
return map |
|
44 |
|
|
45 |
def identify(self): |
|
46 |
# must set toolkit.c.user |
|
47 |
pass |
|
48 |
|
|
49 |
def login(self): |
|
50 |
url, ht_args = self.client.create_authn_request(session, conf.ACR_VALUES) |
|
51 |
if ht_args: |
|
52 |
toolkit.request.headers.update(ht_args) |
|
53 |
toolkit.redirect_to(url) |
|
54 |
|
|
55 |
def logout(self): |
|
56 |
# revoke all auth tokens |
|
57 |
# redirect to logout in ozwillo |
|
58 |
revoke_endpoint = 'https://portal.ozwillo-preprod.eu/a/revoke' |
|
59 |
toolkit.redirect('/user/_logout') |
|
9 | 60 |
|
10 | 61 |
def update_config(self, config_): |
11 | 62 |
toolkit.add_template_directory(config_, 'templates') |
12 | 63 |
toolkit.add_public_directory(config_, 'public') |
13 | 64 |
toolkit.add_resource('fanstatic', 'ozwillo_pyoidc') |
65 |
|
|
66 |
class OpenidController(base.BaseController): |
|
67 |
|
|
68 |
def openid_callback(self): |
|
69 |
userinfo = Client.callback(request.GET) |
|
70 |
return "userinfo: %s" % userinfo |
Also available in: Unified diff
login function redirecting to idp and callback view added