|
import json
|
|
from uuid import uuid4
|
|
import requests
|
|
from xml.etree import ElementTree
|
|
|
|
from django.views.generic.base import TemplateView
|
|
from django.views.decorators.csrf import csrf_exempt
|
|
from django.shortcuts import render_to_response
|
|
from django.core import signing
|
|
from django.http.request import QueryDict
|
|
|
|
from mellon.views import LoginView as MellonLoginView
|
|
|
|
from .organization.models import Organization
|
|
from .forms import GuestLoginForm, VoucherLoginForm
|
|
from .utils import create_radius_user, is_organization_idp, \
|
|
get_idp_list
|
|
|
|
|
|
class HomeView(TemplateView):
|
|
template_name = 'uauth/home.html'
|
|
|
|
homepage = HomeView.as_view()
|
|
|
|
|
|
class LoginView(MellonLoginView):
|
|
|
|
def authenticate(self, request, login, attributes):
|
|
relayState = signing.loads(login.msgRelayState)
|
|
organization = Organization.objects.get(slug=relayState['organization'])
|
|
attr = attributes
|
|
try:
|
|
if 'eduPersonTargetedID' in attributes:
|
|
attrkey = 'eduPersonTargetedID'
|
|
else:
|
|
attrkey = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10'
|
|
eduPersonTargetedID_xml = ElementTree.fromstring(attributes[attrkey][0])
|
|
eduPersonTargetedID = '%s' % eduPersonTargetedID_xml.text
|
|
eduPersonTargetedID_NameQualifier = eduPersonTargetedID_xml.attrib['NameQualifier']
|
|
except:
|
|
eduPersonTargetedID_NameQualifier = attributes['issuer']
|
|
|
|
if is_organization_idp(eduPersonTargetedID_NameQualifier, organization):
|
|
username = uuid4().get_hex()
|
|
password = uuid4().get_hex()
|
|
context = {'organization': organization}
|
|
if create_radius_user(username, password):
|
|
params = QueryDict(self.request.session[organization.slug], mutable=True)
|
|
hotspot_url = organization.hotspot_url
|
|
|
|
if 'login_url' in params:
|
|
hotspot_url = params.pop('login_url')[0]
|
|
|
|
context.update({'params': params.urlencode(),
|
|
'hotspot_url': hotspot_url,
|
|
'data': {'username': username,
|
|
'password': password
|
|
}
|
|
})
|
|
return render_to_response('uauth/%s_login_successful.html' % organization.hotspot_type,
|
|
context)
|
|
return render_to_response('uauth/login_failed.html', context)
|
|
|
|
login = csrf_exempt(LoginView.as_view())
|
|
|
|
|
|
class OrganizationPageView(TemplateView):
|
|
template_name = 'uauth/organization.html'
|
|
|
|
def get_context_data(self, **kwargs):
|
|
context = super(OrganizationPageView, self).get_context_data(**kwargs)
|
|
idps = get_idp_list()
|
|
organization = Organization.objects.get(slug=kwargs['organization_slug'])
|
|
self.request.session[organization.slug] = self.request.GET.urlencode()
|
|
relay = signing.dumps({'organization': organization.slug})
|
|
context.update({'idps': idps,
|
|
'guest_login_form': GuestLoginForm(),
|
|
'voucher_login_form': VoucherLoginForm(),
|
|
'relay': relay,
|
|
'organization': organization
|
|
})
|
|
return context
|
|
|
|
organization = OrganizationPageView.as_view()
|