1
|
import json
|
2
|
from uuid import uuid4
|
3
|
import requests
|
4
|
from xml.etree import ElementTree
|
5
|
|
6
|
from django.views.generic.base import TemplateView
|
7
|
from django.views.decorators.csrf import csrf_exempt
|
8
|
from django.shortcuts import render_to_response
|
9
|
from django.core import signing
|
10
|
from django.http.request import QueryDict
|
11
|
|
12
|
from mellon.views import LoginView as MellonLoginView
|
13
|
|
14
|
from .organization.models import Organization
|
15
|
from .forms import GuestLoginForm, VoucherLoginForm
|
16
|
from .utils import create_radius_user, is_organization_idp, \
|
17
|
get_idp_list
|
18
|
|
19
|
|
20
|
class HomeView(TemplateView):
|
21
|
template_name = 'uauth/home.html'
|
22
|
|
23
|
homepage = HomeView.as_view()
|
24
|
|
25
|
|
26
|
class LoginView(MellonLoginView):
|
27
|
|
28
|
def authenticate(self, request, login, attributes):
|
29
|
relayState = signing.loads(login.msgRelayState)
|
30
|
organization = Organization.objects.get(slug=relayState['organization'])
|
31
|
attr = attributes
|
32
|
try:
|
33
|
if 'eduPersonTargetedID' in attributes:
|
34
|
attrkey = 'eduPersonTargetedID'
|
35
|
else:
|
36
|
attrkey = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10'
|
37
|
eduPersonTargetedID_xml = ElementTree.fromstring(attributes[attrkey][0])
|
38
|
eduPersonTargetedID = '%s' % eduPersonTargetedID_xml.text
|
39
|
eduPersonTargetedID_NameQualifier = eduPersonTargetedID_xml.attrib['NameQualifier']
|
40
|
except:
|
41
|
eduPersonTargetedID_NameQualifier = attributes['issuer']
|
42
|
|
43
|
if is_organization_idp(eduPersonTargetedID_NameQualifier, organization):
|
44
|
username = uuid4().get_hex()
|
45
|
password = uuid4().get_hex()
|
46
|
context = {'organization': organization}
|
47
|
if create_radius_user(username, password):
|
48
|
params = QueryDict(self.request.session[organization.slug], mutable=True)
|
49
|
hotspot_url = organization.hotspot_url
|
50
|
|
51
|
if 'login_url' in params:
|
52
|
hotspot_url = params.pop('login_url')[0]
|
53
|
|
54
|
context.update({'params': params.urlencode(),
|
55
|
'hotspot_url': hotspot_url,
|
56
|
'data': {'username': username,
|
57
|
'password': password
|
58
|
}
|
59
|
})
|
60
|
return render_to_response('uauth/%s_login_successful.html' % organization.hotspot_type,
|
61
|
context)
|
62
|
return render_to_response('uauth/login_failed.html', context)
|
63
|
|
64
|
login = csrf_exempt(LoginView.as_view())
|
65
|
|
66
|
|
67
|
class OrganizationPageView(TemplateView):
|
68
|
template_name = 'uauth/organization.html'
|
69
|
|
70
|
def get_context_data(self, **kwargs):
|
71
|
context = super(OrganizationPageView, self).get_context_data(**kwargs)
|
72
|
idps = get_idp_list()
|
73
|
organization = Organization.objects.get(slug=kwargs['organization_slug'])
|
74
|
self.request.session[organization.slug] = self.request.GET.urlencode()
|
75
|
relay = signing.dumps({'organization': organization.slug})
|
76
|
context.update({'idps': idps,
|
77
|
'guest_login_form': GuestLoginForm(),
|
78
|
'voucher_login_form': VoucherLoginForm(),
|
79
|
'relay': relay,
|
80
|
'organization': organization
|
81
|
})
|
82
|
return context
|
83
|
|
84
|
organization = OrganizationPageView.as_view()
|