/mandaye/auth/authform.py - Diff - Mandaye - Redmine Entr’ouvert

« Précédent | Suivant »

Révision c62aae38

Ajouté par Jérôme Schneider il y a plus de 9 ans

ID c62aae38566f6b835fec87b69e874c4c119d14e8
Parent 93462e63
Enfant 9dbbb15b

backends: complete rewrite of the interface

The old interface was to specific for sqlalchemy this new one allow to
write new backends

WARNING: this commit could break compability for some filter which uses
the old interface

     from mandaye.response import template_response
     from mandaye.server import get_response
     from mandaye.backends.default import backend
     from mandaye.backends.default import Association
     try:
         from Crypto.Cipher import AES
-...
             if config.encrypt_sp_password:
                 password = self.encrypt_pwd(post_values[self.form_values['password_field']])
                 post_values[self.form_values['password_field']] = password
             service_provider = backend.ManagerServiceProvider.get_or_create(self.site_name)
             idp_user = backend.ManagerIDPUser.get_or_create(unique_id)
             sp_user = backend.ManagerSPUser.get(sp_login, idp_user, service_provider)
             if sp_user:
                 sp_user.post_values = post_values
                 backend.ManagerSPUser.save()
             else:
                 sp_user = backend.ManagerSPUser.create(sp_login, post_values,
                         idp_user, service_provider)
             asso_id = Association.update_or_create(self.site_name, sp_login,
                     post_values, unique_id)
             env['beaker.session']['unique_id'] = unique_id
             env['beaker.session'][self.site_name] = sp_user.id
             env['beaker.session'][self.site_name] = asso_id
             env['beaker.session'].save()
         def associate_submit(self, env, values, request, response):
-...
                 qs['type'] = 'badlogin'
                 return _302(self.urls.get('associate_url') + "?%s" % urllib.urlencode(qs))
         def _login_sp_user(self, sp_user, env, condition, values):
         def _login_sp_user(self, association, env, condition, values):
             """ Log in sp user
             """
             if not sp_user.login:
             if not association['sp_login']:
                 return _500(env['PATH_INFO'],
                         'Invalid values for AuthFormDispatcher.login')
             post_values = copy.copy(sp_user.post_values)
             post_values = copy.copy(association['sp_post_values'])
             if config.encrypt_sp_password:
                 password = self.decrypt_pwd(post_values[self.form_values['password_field']])
                 post_values[self.form_values['password_field']] = password
             response = self.replay(env, post_values)
             qs = parse_qs(env['QUERY_STRING'])
             if condition and eval(condition):
                 sp_user.last_connection = datetime.now()
                 backend.ManagerSPUser.save()
                 env['beaker.session'][self.site_name] = sp_user.id
                 Association.update_last_connection(association['id'])
                 env['beaker.session'][self.site_name] = association['id']
                 env['beaker.session'].save()
                 if qs.has_key('next_url'):
                     return _302(qs['next_url'][0], response.cookies)
-...
             logger.debug('User %s successfully login' % env['beaker.session']['unique_id'])
             idp_user = backend.ManagerIDPUser.get_or_create(unique_id)
             service_provider = backend.ManagerServiceProvider.get_or_create(self.site_name)
             sp_user = backend.ManagerSPUser.get_last_connected(idp_user, service_provider)
             if not sp_user:
             association = Association.get_last_connected(self.site_name, unique_id)
             if not association:
                 logger.debug('User %s is not associate' % env['beaker.session']['unique_id'])
                 return _302(self.urls.get('associate_url') + "?type=first")
             return self._login_sp_user(sp_user, env, values['condition'], values)
             return self._login_sp_user(association, env, values['condition'], values)
         def logout(self, env, values, request, response):
             """ Destroy the Beaker session
-...
             if not qs.has_key('id') and not unique_id:
                 return _401('Access denied: beaker session invalid or not qs id')
             if qs.has_key('id'):
                 id = qs['id'][0]
                 sp_user = backend.ManagerSPUser.get_by_id(id)
                 asso_id = qs['id'][0]
                 association = Association.get_by_id(asso_id)
             else:
                 service_provider = backend.ManagerServiceProvider.get(self.site_name)
                 idp_user = backend.ManagerIDPUser.get(unique_id)
                 sp_user = backend.ManagerSPUser.get_last_connected(idp_user, service_provider)
             if not sp_user:
                 association = Association.get_last_connected(self.site_name, unique_id)
             if not association:
                 return _302(self.urls.get('associate_url'))
             return self._login_sp_user(sp_user, env, 'response.code==302', values)
             return self._login_sp_user(association, env, 'response.code==302', values)
         def disassociate(self, env, values, request, response):
             """ Disassociate an account with the Mandaye account
-...
             if qs.has_key('next_url'):
                 next_url = qs['next_url'][0]
             if qs.has_key('id'):
                 sp_id = qs['id'][0]
                 sp_user = backend.ManagerSPUser.get_by_id(sp_id)
                 if sp_user:
                     backend.ManagerSPUser.delete(sp_user)
                     if backend.ManagerSPUser.get_sp_users(unique_id, self.site_name):
                 asso_id = qs['id'][0]
                 if Association.has_id(asso_id):
                     Association.delete(asso_id)
                     if Association.get(self.site_name, unique_id):
                         env['QUERY_STRING'] = ''
                         return self.change_user(env, values, request, response)
                 else:
                     return _401('Access denied: bad id')
             elif qs.has_key('sp_name'):
                 sp_name = qs['sp_name'][0]
                 for sp_user in \
                         backend.ManagerSPUser.get_sp_users(unique_id, sp_name):
                     backend.ManagerSPUser.delete(sp_user)
                 for asso in \
                         Association.get(sp_name, unique_id):
                     Association.delete(asso['id'])
             else:
                 return _401('Access denied: no id or sp name')
             values['next_url'] = next_url

Formats disponibles : Unified diff

Projet

Général

Profil

Produits Entr'ouvert » Mandaye

Révision c62aae38

Ajouté par Jérôme Schneider il y a plus de 9 ans