Projet

Général

Profil

Télécharger (1,95 ko) Statistiques
| Branche: | Tag: | Révision:

oidc / ckanext / ozwillo_pyoidc / plugin.py @ c8204b73

1 
import logging
2 

    		
  

  

    
      3
    
    
      
import ckan.plugins as plugins


    		
  

  

    
      4
    
    
      
import ckan.plugins.toolkit as toolkit


    		
  

  

    
      5
    
    
      
from ckan.common import session


    		
  

  

    
      6
    
    
      
import ckan.lib.base as base


    		
  

  

    
      7
    
    
      

    		
  

  

    
      8
    
    
      
from pylons import config, request


    		
  

  

    
      9
    
    
      

    		
  

  

    
      10
    
    
      
from oidc import OIDCClients


    		
  

  

    
      11
    
    
      

    		
  

  

    
      12
    
    
      
import conf


    		
  

  

    
      13
    
    
      

    		
  

  

    
      14
    
    
      
from oic.oic import Client, AuthorizationRequest


    		
  

  

    
      15
    
    
      
from oic.utils.authn.client import CLIENT_AUTHN_METHOD


    		
  

  

    
      16
    
    
      

    		
  

  

    
      17
    
    
      
plugin_config_prefix = 'ckanext.ozwillo_pyoidc.'


    		
  

  

    
      18
    
    
      

    		
  

  

    
      19
    
    
      
log = logging.getLogger(__name__)


    		
  

  

    
      20
    
    
      

    		
  

  

    
      21
    
    
      
Client = OIDCClients(conf)['ozwillo']


    		
  

  

    
      22
    
    
      

    		
  

  

    
      23
    
    
      
def openid_callback(context, data):


    		
  

  

    
      24
    
    
      
    print context


    		
  

  

    
      25
    
    
      
    print data


    		
  

  

    
      26
    
    
      

    		
  

  

    
      27
    
    
      
class OzwilloPyoidcPlugin(plugins.SingletonPlugin):


    		
  

  

    
      28
    
    
      
    plugins.implements(plugins.IConfigurer)


    		
  

  

    
      29
    
    
      
    plugins.implements(plugins.IRoutes)


    		
  

  

    
      30
    
    
      
    plugins.implements(plugins.IAuthenticator, inherit=True)


    		
  

  

    
      31
    
    
      

    		
  

  

    
      32
    
    
      
    def __init__(self, name=None):


    		
  

  

    
      33
    
    
      
        self.client = Client


    		
  

  

    
      34
    
    
      

    		
  

  

    
      35
    
    
      
    def before_map(self, map):


    		
  

  

    
      36
    
    
      
        map.redirect('/organization/{id:.*}/sso', '/user/login')


    		
  

  

    
      37
    
    
      
        map.connect('/openid/callback',


    		
  

  

    
      38
    
    
      
                    controller='ckanext.ozwillo_pyoidc.plugin:OpenidController',


    		
  

  

    
      39
    
    
      
                    action='openid_callback')


    		
  

  

    
      40
    
    
      
        return map


    		
  

  

    
      41
    
    
      

    		
  

  

    
      42
    
    
      
    def after_map(self, map):


    		
  

  

    
      43
    
    
      
        return map


    		
  

  

    
      44
    
    
      

    		
  

  

    
      45
    
    
      
    def identify(self):


    		
  

  

    
      46
    
    
      
        # must set toolkit.c.user


    		
  

  

    
      47
    
    
      
        pass


    		
  

  

    
      48
    
    
      

    		
  

  

    
      49
    
    
      
    def login(self):


    		
  

  

    
      50
    
    
      
        url, ht_args = self.client.create_authn_request(session, conf.ACR_VALUES)


    		
  

  

    
      51
    
    
      
        if ht_args:


    		
  

  

    
      52
    
    
      
            toolkit.request.headers.update(ht_args)


    		
  

  

    
      53
    
    
      
        toolkit.redirect_to(url)


    		
  

  

    
      54
    
    
      

    		
  

  

    
      55
    
    
      
    def logout(self):


    		
  

  

    
      56
    
    
      
        # revoke all auth tokens


    		
  

  

    
      57
    
    
      
        # redirect to logout in ozwillo


    		
  

  

    
      58
    
    
      
        revoke_endpoint = 'https://portal.ozwillo-preprod.eu/a/revoke'


    		
  

  

    
      59
    
    
      
        toolkit.redirect('/user/_logout')


    		
  

  

    
      60
    
    
      

    		
  

  

    
      61
    
    
      
    def update_config(self, config_):


    		
  

  

    
      62
    
    
      
        toolkit.add_template_directory(config_, 'templates')


    		
  

  

    
      63
    
    
      
        toolkit.add_public_directory(config_, 'public')


    		
  

  

    
      64
    
    
      
        toolkit.add_resource('fanstatic', 'ozwillo_pyoidc')


    		
  

  

    
      65
    
    
      

    		
  

  

    
      66
    
    
      
class OpenidController(base.BaseController):


    		
  

  

    
      67
    
    
      

    		
  

  

    
      68
    
    
      
    def openid_callback(self):


    		
  

  

    
      69
    
    
      
        userinfo = Client.callback(request.GET)


    		
  

  

    
      70
    
    
      
        return "userinfo: %s" % userinfo


    		
  









  (4-4/4)