1
|
import json
|
2
|
import requests
|
3
|
from xml.etree import ElementTree
|
4
|
|
5
|
from django.views.generic.base import TemplateView
|
6
|
from django.views.generic import FormView
|
7
|
from django.views.decorators.csrf import csrf_exempt
|
8
|
from django.shortcuts import render_to_response
|
9
|
from django.core import signing
|
10
|
from django.http.request import QueryDict
|
11
|
from django.contrib.auth import authenticate
|
12
|
from django.utils.translation import ugettext_lazy as _
|
13
|
|
14
|
from mellon.views import LoginView as MellonLoginView
|
15
|
|
16
|
from .organization.models import Organization, LocalAccount
|
17
|
from .forms import GuestLoginForm, VoucherLoginForm
|
18
|
from .utils import create_radius_user, is_organization_idp, \
|
19
|
get_idp_list
|
20
|
|
21
|
|
22
|
class HomeView(TemplateView):
|
23
|
template_name = 'uauth/home.html'
|
24
|
|
25
|
homepage = HomeView.as_view()
|
26
|
|
27
|
class LoginMixin(object):
|
28
|
def login(self, organization):
|
29
|
context = {'organization': organization}
|
30
|
result = create_radius_user()
|
31
|
if result:
|
32
|
username, password = result
|
33
|
params = QueryDict(self.request.session[organization.slug], mutable=True)
|
34
|
hotspot_url = organization.hotspot_url
|
35
|
|
36
|
if 'login_url' in params:
|
37
|
hotspot_url = params.pop('login_url')[0]
|
38
|
|
39
|
context.update({'params': params.urlencode(),
|
40
|
'hotspot_url': hotspot_url,
|
41
|
'data': {'username': username,
|
42
|
'password': password}
|
43
|
})
|
44
|
return render_to_response('uauth/%s_login_successful.html' % organization.hotspot_type,
|
45
|
context)
|
46
|
return render_to_response('uauth/login_failed.html', context)
|
47
|
|
48
|
|
49
|
class LoginView(LoginMixin, MellonLoginView):
|
50
|
|
51
|
def authenticate(self, request, login, attributes):
|
52
|
relayState = signing.loads(login.msgRelayState)
|
53
|
organization = Organization.objects.get(slug=relayState['organization'])
|
54
|
attr = attributes
|
55
|
try:
|
56
|
if 'eduPersonTargetedID' in attributes:
|
57
|
attrkey = 'eduPersonTargetedID'
|
58
|
else:
|
59
|
attrkey = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10'
|
60
|
eduPersonTargetedID_xml = ElementTree.fromstring(attributes[attrkey][0])
|
61
|
eduPersonTargetedID = '%s' % eduPersonTargetedID_xml.text
|
62
|
eduPersonTargetedID_NameQualifier = eduPersonTargetedID_xml.attrib['NameQualifier']
|
63
|
except:
|
64
|
eduPersonTargetedID_NameQualifier = attributes['issuer']
|
65
|
|
66
|
if is_organization_idp(eduPersonTargetedID_NameQualifier, organization):
|
67
|
return self.login(organization)
|
68
|
|
69
|
login = csrf_exempt(LoginView.as_view())
|
70
|
|
71
|
|
72
|
class OrganizationPageView(LoginMixin, FormView):
|
73
|
form_class = GuestLoginForm
|
74
|
template_name = 'uauth/organization.html'
|
75
|
|
76
|
def get_context_data(self, **kwargs):
|
77
|
context = super(OrganizationPageView, self).get_context_data(**kwargs)
|
78
|
idps = get_idp_list()
|
79
|
organization = Organization.objects.get(slug=self.kwargs['organization_slug'])
|
80
|
self.request.session['organization'] = organization.slug
|
81
|
self.request.session[organization.slug] = self.request.GET.urlencode()
|
82
|
relay = signing.dumps({'organization': organization.slug})
|
83
|
context.update({'idps': idps,
|
84
|
'guest_login_form': kwargs['form'],
|
85
|
'relay': relay,
|
86
|
'organization': organization,
|
87
|
'voucher_login_form': VoucherLoginForm()
|
88
|
})
|
89
|
return context
|
90
|
|
91
|
def form_valid(self, form):
|
92
|
data = form.cleaned_data
|
93
|
organization = Organization.objects.get(slug=self.kwargs['organization_slug'])
|
94
|
data.update({'organization': organization})
|
95
|
user = authenticate(**data)
|
96
|
if user:
|
97
|
return self.login(organization)
|
98
|
else:
|
99
|
form.add_error(None, _('Unknown or inactive user'))
|
100
|
return self.form_invalid(form)
|
101
|
|
102
|
organization = OrganizationPageView.as_view()
|