Révision ebf37dd5
Ajouté par dlaniel il y a plus de 17 ans
- ID ebf37dd5e5f9c523b1a6fc865e5276a627700b5c
larpe/trunk/larpe/liberty.ptl | ||
---|---|---|
24 | 24 |
"singleLogout", "singleLogoutReturn", |
25 | 25 |
"federationTermination", "federationTerminationReturn", |
26 | 26 |
('metadata.xml', 'metadata'), 'public_key', |
27 |
'local_auth', 'local_auth_check'] |
|
27 |
'local_auth', 'local_auth_check', 'local_logout']
|
|
28 | 28 |
|
29 | 29 |
def perform_login(self, idp = None): |
30 | 30 |
server = misc.get_lasso_server() |
... | ... | |
190 | 190 |
def local_logout(self): |
191 | 191 |
get_response().expire_cookie('dc_admin', path='/') |
192 | 192 |
get_response().expire_cookie('dc_xd', path='/') |
193 |
#misc.get_html_page('http://localhost/~heretik/dotclear/ecrire/index.php?logout=1') |
|
194 |
# host = 'localhost' |
|
195 |
# query = '/~heretik/dotclear/ecrire/index.php?logout=1' |
|
196 |
# conn = httplib.HTTPConnection(host) |
|
197 |
# conn.request('GET', query, headers = { 'Cookie': 'dc_xd=cbec5e7951856e94d3878c68df6e575a; dc_admin=a%3A3%3A%7Bs%3A7%3A%22user_id%22%3Bs%3A7%3A%22heretik%22%3Bs%3A8%3A%22user_pwd%22%3Bs%3A32%3A%#22cc414bfc9c00475b59c87595299ff31d%22%3Bs%3A8%3A%22remember%22%3Bb%3A0%3B%7D', 'Referer': 'http://localhost/~heretik/dotclear/ecrire/', }) |
|
198 |
# response = conn.getresponse() |
|
199 |
# conn.close() |
|
200 |
|
|
193 | 201 |
|
194 | 202 |
def singleLogoutReturn(self): |
195 | 203 |
returnUrl = '/' + misc.get_proxied_site_name() + '/' |
... | ... | |
214 | 222 |
# Single Logout initiated by IdP |
215 | 223 |
if session.lasso_session_dump: |
216 | 224 |
logout.setSessionFromDump(session.lasso_session_dump) |
217 |
user = get_request().user |
|
225 |
#user = get_request().user |
|
226 |
user = get_session().get_user() |
|
218 | 227 |
if user and user.lasso_dump: |
219 | 228 |
logout.setIdentityFromDump(user.lasso_dump) |
220 | 229 |
if logout.nameIdentifier.content != session.name_identifier: |
... | ... | |
305 | 314 |
return self.fedterm(defederation, session) |
306 | 315 |
|
307 | 316 |
def defederate(self, idp = None): |
308 |
self.local_logout() |
|
309 |
|
|
310 | 317 |
session = get_session() |
311 | 318 |
user = session.get_user() |
312 | 319 |
|
313 |
user_dir = misc.get_abs_path(os.path.join(misc.get_proxied_site_path(), 'users')) |
|
314 |
federation_file_name = os.path.join(user_dir, user.name_identifiers[0]) |
|
315 |
if os.path.isfile(federation_file_name): |
|
316 |
os.remove(federation_file_name) |
|
320 |
self.local_defederate(session) |
|
317 | 321 |
|
318 | 322 |
defederation = lasso.Defederation(misc.get_lasso_server()) |
319 | 323 |
defederation.setSessionFromDump(session.lasso_session_dump) |
... | ... | |
331 | 335 |
rootUrl = '/' + misc.get_proxied_site_name() + '/' |
332 | 336 |
return redirect(rootUrl) |
333 | 337 |
|
338 |
def local_defederate(self, session): |
|
339 |
user = session.get_user() |
|
340 |
self.local_logout() |
|
341 |
if user is not None: |
|
342 |
user_dir = misc.get_abs_path(os.path.join(misc.get_proxied_site_path(), 'users')) |
|
343 |
federation_file_name = os.path.join(user_dir, user.name_identifiers[0]) |
|
344 |
if os.path.isfile(federation_file_name): |
|
345 |
os.remove(federation_file_name) |
|
346 |
|
|
347 |
# if hasattr(session, 'auth_cookie'): |
|
348 |
# cookies_file_name = misc.get_abs_path(os.path.join(misc.get_proxied_site_path(), 'cookies_to_delete')) |
|
349 |
# cookies_file = open(cookies_file_name, 'a') |
|
350 |
# cookies_file.write(session.auth_cookie + '\n') |
|
351 |
# cookies_file.close() |
|
352 |
|
|
353 |
|
|
334 | 354 |
def federationTermination(self): |
335 | 355 |
request = get_request() |
336 | 356 |
if not lasso.isLibertyQuery(request.get_query()): |
... | ... | |
342 | 362 |
return self.fedterm(defederation, session) |
343 | 363 |
|
344 | 364 |
def fedterm(self, defederation, session): |
365 |
self.local_defederate(session) |
|
345 | 366 |
defederation.setSessionFromDump(session.lasso_session_dump) |
346 | 367 |
|
347 |
user = get_request().user |
|
368 |
#user = get_request().user |
|
369 |
user = get_session().get_user() |
|
348 | 370 |
if user and user.lasso_dump: |
349 | 371 |
defederation.setIdentityFromDump(user.lasso_dump) |
350 | 372 |
|
... | ... | |
408 | 430 |
self.federate(user_id, user_password) |
409 | 431 |
return redirect('/' + get_request().get_path().split('/')[2] + '/') |
410 | 432 |
else: |
411 |
return local_auth() |
|
433 |
return self.local_auth()
|
|
412 | 434 |
|
413 | 435 |
def local_auth_check_post (self, user_id, user_password): |
414 | 436 |
url = misc.cfg['auth_url'] |
... | ... | |
421 | 443 |
body = 'user_id=%s&user_pwd=%s' % (user_id, user_password) |
422 | 444 |
conn.request("POST", query, body, {'Content-Type': 'application/x-www-form-urlencoded'}) |
423 | 445 |
response = conn.getresponse() |
446 |
conn.close() |
|
424 | 447 |
cookies = response.getheader('Set-Cookie', None) |
425 |
cookie = re.findall('dc_admin=([^;]+)', cookies)[0]
|
|
426 |
if cookie is not None:
|
|
448 |
cookies_match = re.findall('dc_admin=([^;]+)', cookies)
|
|
449 |
if len(cookies_match) > 0:
|
|
427 | 450 |
# Can't use get_response().set_cookie('dc_admin', cookie, path='/') from quixote because |
428 | 451 |
# it adds double quotes |
429 |
get_response().set_header('Set-Cookie', 'dc_admin=%s; path=/' % cookie) |
|
430 |
conn.close() |
|
452 |
set_cookie = 'dc_admin=%s; path=/' % cookies_match[0] |
|
453 |
get_response().set_header('Set-Cookie', set_cookie) |
|
454 |
# get_session().auth_cookie = set_cookie |
|
431 | 455 |
return response.status |
432 | 456 |
|
433 | 457 |
def local_auth_check_form [html] (self): |
... | ... | |
464 | 488 |
federation_file.close() |
465 | 489 |
|
466 | 490 |
def sso_local_login(self, name_id): |
467 |
proxied_site_dir = get_request().get_path().split('/')[2] |
|
491 |
#proxied_site_dir = get_request().get_path().split('/')[2]
|
|
468 | 492 |
user_dir = misc.get_abs_path(os.path.join(misc.get_proxied_site_path(), 'users')) |
469 | 493 |
federation_file_name = os.path.join(user_dir, name_id) |
470 | 494 |
federation_file = open(federation_file_name, 'r') |
Formats disponibles : Unified diff
slo + defederate from idp
git-svn-id: svn+ssh://labs.libre-entreprise.org/svnroot/larpe@16 3ed937ae-f919-0410-9a43-8e6f19e4ba6e