Project

General

Profile

Download (1.95 KB) Statistics
| Branch: | Tag: | Revision:

oidc / ckanext / ozwillo_pyoidc / plugin.py @ c8204b73

1
import logging
2

    
3
import ckan.plugins as plugins
4
import ckan.plugins.toolkit as toolkit
5
from ckan.common import session
6
import ckan.lib.base as base
7

    
8
from pylons import config, request
9

    
10
from oidc import OIDCClients
11

    
12
import conf
13

    
14
from oic.oic import Client, AuthorizationRequest
15
from oic.utils.authn.client import CLIENT_AUTHN_METHOD
16

    
17
plugin_config_prefix = 'ckanext.ozwillo_pyoidc.'
18

    
19
log = logging.getLogger(__name__)
20

    
21
Client = OIDCClients(conf)['ozwillo']
22

    
23
def openid_callback(context, data):
24
    print context
25
    print data
26

    
27
class OzwilloPyoidcPlugin(plugins.SingletonPlugin):
28
    plugins.implements(plugins.IConfigurer)
29
    plugins.implements(plugins.IRoutes)
30
    plugins.implements(plugins.IAuthenticator, inherit=True)
31

    
32
    def __init__(self, name=None):
33
        self.client = Client
34

    
35
    def before_map(self, map):
36
        map.redirect('/organization/{id:.*}/sso', '/user/login')
37
        map.connect('/openid/callback',
38
                    controller='ckanext.ozwillo_pyoidc.plugin:OpenidController',
39
                    action='openid_callback')
40
        return map
41

    
42
    def after_map(self, map):
43
        return map
44

    
45
    def identify(self):
46
        # must set toolkit.c.user
47
        pass
48

    
49
    def login(self):
50
        url, ht_args = self.client.create_authn_request(session, conf.ACR_VALUES)
51
        if ht_args:
52
            toolkit.request.headers.update(ht_args)
53
        toolkit.redirect_to(url)
54

    
55
    def logout(self):
56
        # revoke all auth tokens
57
        # redirect to logout in ozwillo
58
        revoke_endpoint = 'https://portal.ozwillo-preprod.eu/a/revoke'
59
        toolkit.redirect('/user/_logout')
60

    
61
    def update_config(self, config_):
62
        toolkit.add_template_directory(config_, 'templates')
63
        toolkit.add_public_directory(config_, 'public')
64
        toolkit.add_resource('fanstatic', 'ozwillo_pyoidc')
65

    
66
class OpenidController(base.BaseController):
67

    
68
    def openid_callback(self):
69
        userinfo = Client.callback(request.GET)
70
        return "userinfo: %s" % userinfo
(4-4/4)