|
1
|
# mandayejs - saml reverse proxy
|
|
2
|
# Copyright (C) 2015 Entr'ouvert
|
|
3
|
#
|
|
4
|
# This program is free software: you can redistribute it and/or modify it
|
|
5
|
# under the terms of the GNU Affero General Public License as published
|
|
6
|
# by the Free Software Foundation, either version 3 of the License, or
|
|
7
|
# (at your option) any later version.
|
|
8
|
#
|
|
9
|
# This program is distributed in the hope that it will be useful,
|
|
10
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
11
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
12
|
# GNU Affero General Public License for more details.
|
|
13
|
#
|
|
14
|
# You should have received a copy of the GNU Affero General Public License
|
|
15
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
16
|
|
|
17
|
from __future__ import absolute_import
|
|
18
|
|
|
19
|
import logging
|
|
20
|
import requests
|
|
21
|
|
|
22
|
from django.contrib.auth.models import User
|
|
23
|
from rest_framework import status
|
|
24
|
from rest_framework.views import APIView
|
|
25
|
from rest_framework.response import Response
|
|
26
|
|
|
27
|
from mandayejs.mandaye.models import UserCredentials
|
|
28
|
from mandayejs.applications import get_app_settings
|
|
29
|
|
|
30
|
|
|
31
|
class ArchimedAccountDetails(APIView):
|
|
32
|
"""Archimed user's account details
|
|
33
|
"""
|
|
34
|
|
|
35
|
def dispatch(self, request, *args, **kwargs):
|
|
36
|
response = super(ArchimedAccountDetails, self).dispatch(request, *args, **kwargs)
|
|
37
|
if response.status_code == 200:
|
|
38
|
response.data = {'data': response.data, 'err': 0}
|
|
39
|
else:
|
|
40
|
response.data = {'data': None, 'err': 1, 'err_desc': response.data}
|
|
41
|
return response
|
|
42
|
|
|
43
|
def get(self, request, *args, **kwargs):
|
|
44
|
logger = logging.getLogger(__name__)
|
|
45
|
app_settings = get_app_settings()
|
|
46
|
ws_uri = request.build_absolute_uri(
|
|
47
|
app_settings.SITE_WS_ENDPOINT['account_details'])
|
|
48
|
|
|
49
|
# mellon truncates username to 30 characters
|
|
50
|
# thus the passed username must be truncated to 30 characters
|
|
51
|
# for searching purpose.
|
|
52
|
username = kwargs['username'][:30]
|
|
53
|
|
|
54
|
try:
|
|
55
|
user = User.objects.get(username=username)
|
|
56
|
except (User.DoesNotExist,):
|
|
57
|
return Response('User %s does not exist' % username, status=status.HTTP_404_NOT_FOUND)
|
|
58
|
|
|
59
|
try:
|
|
60
|
credentials = UserCredentials.objects.get(user=user)
|
|
61
|
except (UserCredentials.DoesNotExist,):
|
|
62
|
return Response('User %s is not associated' % username, status=status.HTTP_404_NOT_FOUND)
|
|
63
|
|
|
64
|
login_url = request.build_absolute_uri(
|
|
65
|
'/DEFAULT/Ermes/Recherche/logon.svc/logon')
|
|
66
|
|
|
67
|
with requests.Session() as session:
|
|
68
|
login_info = credentials.to_login_info(decrypt=True)
|
|
69
|
login_info = {'username': login_info['#carte'], 'password': login_info['#code']}
|
|
70
|
response = session.post(login_url, data=login_info)
|
|
71
|
logger.debug("Archimed login response {}".format(response.json()))
|
|
72
|
if not response.json()['success']:
|
|
73
|
return Response('Authentication failed', status=status.HTTP_401_UNAUTHORIZED)
|
|
74
|
|
|
75
|
content = {
|
|
76
|
'codeConfig': '',
|
|
77
|
'xslPath': 'Services/LectorShortAccount.xslt'
|
|
78
|
}
|
|
79
|
response = session.post(ws_uri, json=content)
|
|
80
|
logger.debug("Archimed ws response {}".format(response.json()))
|
|
81
|
return Response(response.json())
|
|
82
|
|
|
83
|
|
|
84
|
archimed_account_details = ArchimedAccountDetails.as_view()
|