Projet

Général

Profil

« Précédent | Suivant » 

Révision ebf37dd5

Ajouté par dlaniel il y a plus de 17 ans

  • ID ebf37dd5e5f9c523b1a6fc865e5276a627700b5c

slo + defederate from idp

git-svn-id: svn+ssh://labs.libre-entreprise.org/svnroot/larpe@16 3ed937ae-f919-0410-9a43-8e6f19e4ba6e

Voir les différences:

larpe/trunk/larpe/liberty.ptl
24 24 
            "singleLogout", "singleLogoutReturn",
25 25 
            "federationTermination", "federationTerminationReturn",
26 26 
            ('metadata.xml', 'metadata'), 'public_key',
27 
            'local_auth', 'local_auth_check']
27 
            'local_auth', 'local_auth_check', 'local_logout']
28 28 

  		




  29
  29
  
    
    def perform_login(self, idp = None):


  		




  30
  30
  
    
        server = misc.get_lasso_server()


  		




  ......




  190
  190
  
    
    def local_logout(self):


  		




  191
  191
  
    
        get_response().expire_cookie('dc_admin', path='/')


  		




  192
  192
  
    
        get_response().expire_cookie('dc_xd', path='/')


  		




  
  193
  
    
        #misc.get_html_page('http://localhost/~heretik/dotclear/ecrire/index.php?logout=1')


  		




  
  194
  
    
#        host = 'localhost'


  		




  
  195
  
    
#        query = '/~heretik/dotclear/ecrire/index.php?logout=1'


  		




  
  196
  
    
#        conn = httplib.HTTPConnection(host)


  		




  
  197
  
    
#        conn.request('GET', query, headers = { 'Cookie': 'dc_xd=cbec5e7951856e94d3878c68df6e575a; dc_admin=a%3A3%3A%7Bs%3A7%3A%22user_id%22%3Bs%3A7%3A%22heretik%22%3Bs%3A8%3A%22user_pwd%22%3Bs%3A32%3A%#22cc414bfc9c00475b59c87595299ff31d%22%3Bs%3A8%3A%22remember%22%3Bb%3A0%3B%7D', 'Referer': 'http://localhost/~heretik/dotclear/ecrire/',  })


  		




  
  198
  
    
#        response = conn.getresponse()


  		




  
  199
  
    
#        conn.close()


  		




  
  200
  
    

  		




  193
  201
  
    

  		




  194
  202
  
    
    def singleLogoutReturn(self):


  		




  195
  203
  
    
        returnUrl = '/' + misc.get_proxied_site_name() + '/'


  		




  ......




  214
  222
  
    
        # Single Logout initiated by IdP


  		




  215
  223
  
    
        if session.lasso_session_dump:


  		




  216
  224
  
    
            logout.setSessionFromDump(session.lasso_session_dump)


  		




  217
  
  
    
        user = get_request().user


  		




  
  225
  
    
        #user = get_request().user


  		




  
  226
  
    
        user = get_session().get_user()


  		




  218
  227
  
    
        if user and user.lasso_dump:


  		




  219
  228
  
    
            logout.setIdentityFromDump(user.lasso_dump)


  		




  220
  229
  
    
        if logout.nameIdentifier.content != session.name_identifier:


  		




  ......




  305
  314
  
    
            return self.fedterm(defederation, session)


  		




  306
  315
  
    

  		




  307
  316
  
    
    def defederate(self, idp = None):


  		




  308
  
  
    
        self.local_logout()


  		




  309
  
  
    

  		




  310
  317
  
    
        session = get_session()


  		




  311
  318
  
    
        user = session.get_user()


  		




  312
  319
  
    

  		




  313
  
  
    
        user_dir = misc.get_abs_path(os.path.join(misc.get_proxied_site_path(), 'users'))


  		




  314
  
  
    
        federation_file_name = os.path.join(user_dir, user.name_identifiers[0])


  		




  315
  
  
    
        if os.path.isfile(federation_file_name):


  		




  316
  
  
    
            os.remove(federation_file_name)


  		




  
  320
  
    
        self.local_defederate(session)


  		




  317
  321
  
    
        


  		




  318
  322
  
    
        defederation = lasso.Defederation(misc.get_lasso_server())


  		




  319
  323
  
    
        defederation.setSessionFromDump(session.lasso_session_dump)


  		




  ......




  331
  335
  
    
        rootUrl = '/' + misc.get_proxied_site_name() + '/'


  		




  332
  336
  
    
        return redirect(rootUrl)


  		




  333
  337
  
    

  		




  
  338
  
    
    def local_defederate(self, session):


  		




  
  339
  
    
        user = session.get_user()


  		




  
  340
  
    
        self.local_logout()


  		




  
  341
  
    
        if user is not None:


  		




  
  342
  
    
            user_dir = misc.get_abs_path(os.path.join(misc.get_proxied_site_path(), 'users'))


  		




  
  343
  
    
            federation_file_name = os.path.join(user_dir, user.name_identifiers[0])


  		




  
  344
  
    
            if os.path.isfile(federation_file_name):


  		




  
  345
  
    
                os.remove(federation_file_name)


  		




  
  346
  
    

  		




  
  347
  
    
#        if hasattr(session, 'auth_cookie'):


  		




  
  348
  
    
#            cookies_file_name = misc.get_abs_path(os.path.join(misc.get_proxied_site_path(), 'cookies_to_delete'))


  		




  
  349
  
    
#            cookies_file = open(cookies_file_name, 'a')


  		




  
  350
  
    
#            cookies_file.write(session.auth_cookie + '\n')


  		




  
  351
  
    
#            cookies_file.close()


  		




  
  352
  
    
            


  		




  
  353
  
    

  		




  334
  354
  
    
    def federationTermination(self):


  		




  335
  355
  
    
        request = get_request()


  		




  336
  356
  
    
        if not lasso.isLibertyQuery(request.get_query()):


  		




  ......




  342
  362
  
    
        return self.fedterm(defederation, session)


  		




  343
  363
  
    

  		




  344
  364
  
    
    def fedterm(self, defederation, session):


  		




  
  365
  
    
        self.local_defederate(session)


  		




  345
  366
  
    
        defederation.setSessionFromDump(session.lasso_session_dump)


  		




  346
  367
  
    

  		




  347
  
  
    
        user = get_request().user


  		




  
  368
  
    
        #user = get_request().user


  		




  
  369
  
    
        user = get_session().get_user()


  		




  348
  370
  
    
        if user and user.lasso_dump:


  		




  349
  371
  
    
            defederation.setIdentityFromDump(user.lasso_dump)


  		




  350
  372
  
    

  		




  ......




  408
  430
  
    
            self.federate(user_id, user_password)


  		




  409
  431
  
    
            return redirect('/' + get_request().get_path().split('/')[2] + '/')


  		




  410
  432
  
    
        else:


  		




  411
  
  
    
            return local_auth()


  		




  
  433
  
    
            return self.local_auth()


  		




  412
  434
  
    

  		




  413
  435
  
    
    def local_auth_check_post (self, user_id, user_password):


  		




  414
  436
  
    
        url = misc.cfg['auth_url']


  		




  ......




  421
  443
  
    
        body = 'user_id=%s&user_pwd=%s' % (user_id, user_password)


  		




  422
  444
  
    
        conn.request("POST", query, body, {'Content-Type': 'application/x-www-form-urlencoded'})


  		




  423
  445
  
    
        response = conn.getresponse()


  		




  
  446
  
    
        conn.close()


  		




  424
  447
  
    
        cookies = response.getheader('Set-Cookie', None)


  		




  425
  
  
    
        cookie =  re.findall('dc_admin=([^;]+)', cookies)[0]


  		




  426
  
  
    
        if cookie is not None:


  		




  
  448
  
    
        cookies_match =  re.findall('dc_admin=([^;]+)', cookies)


  		




  
  449
  
    
        if len(cookies_match) > 0:


  		




  427
  450
  
    
            # Can't use get_response().set_cookie('dc_admin', cookie, path='/') from quixote because


  		




  428
  451
  
    
            # it adds double quotes


  		




  429
  
  
    
            get_response().set_header('Set-Cookie', 'dc_admin=%s; path=/' % cookie)


  		




  430
  
  
    
        conn.close()


  		




  
  452
  
    
            set_cookie = 'dc_admin=%s; path=/' % cookies_match[0]


  		




  
  453
  
    
            get_response().set_header('Set-Cookie', set_cookie)


  		




  
  454
  
    
#            get_session().auth_cookie = set_cookie


  		




  431
  455
  
    
        return response.status


  		




  432
  456
  
    

  		




  433
  457
  
    
    def local_auth_check_form [html] (self):


  		




  ......




  464
  488
  
    
                federation_file.close()


  		




  465
  489
  
    

  		




  466
  490
  
    
    def sso_local_login(self, name_id):


  		




  467
  
  
    
        proxied_site_dir = get_request().get_path().split('/')[2]


  		




  
  491
  
    
        #proxied_site_dir = get_request().get_path().split('/')[2]


  		




  468
  492
  
    
        user_dir = misc.get_abs_path(os.path.join(misc.get_proxied_site_path(), 'users'))


  		




  469
  493
  
    
        federation_file_name = os.path.join(user_dir, name_id)


  		




  470
  494
  
    
        federation_file = open(federation_file_name, 'r')


  		












Formats disponibles :  Unified diff