arcopole: begin replay support
This commit is contained in:
parent
c370e1bd17
commit
b3f62b5d43
|
@ -0,0 +1,11 @@
|
|||
{
|
||||
"site_name": "arcopole",
|
||||
"server_name": ["arco.local:8000"],
|
||||
"location": "/",
|
||||
"target": "http://arcopole.local",
|
||||
"mapper": "arcopole",
|
||||
"auth_type": "saml2_arcopole",
|
||||
"saml2_idp_metadata": "http://authentic.local/idp/saml2/metadata",
|
||||
"saml2_signature_public_key": "certs/saml.crt",
|
||||
"saml2_signature_private_key": "certs/saml.key"
|
||||
}
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
"site_name": "linuxfr",
|
||||
"server_name": ["linuxfrsaml.local:8000"],
|
||||
"location": "/",
|
||||
"target": "https://linuxfr.org",
|
||||
"mapper": "linuxfr",
|
||||
"auth_type": "saml2",
|
||||
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
|
||||
"saml2_signature_public_key": "certs/saml.crt",
|
||||
"saml2_signature_private_key": "certs/saml.key"
|
||||
}
|
|
@ -1,20 +0,0 @@
|
|||
## Virtual hosts configuration
|
||||
hosts = {
|
||||
'linuxfrsaml.local:8000': [
|
||||
{
|
||||
'path': r'/',
|
||||
'target': 'http://linuxfr.org',
|
||||
'mapping': 'mandaye_cud.configs.linuxfr_saml_example.linuxfr_mapping'
|
||||
},
|
||||
],
|
||||
|
||||
}
|
||||
|
||||
## SQL Backend config
|
||||
# http://docs.sqlalchemy.org/en/rel_0_7/core/engines.html
|
||||
# rfc 1738 https://tools.ietf.org/html/rfc1738
|
||||
# dialect+driver://username:password@host:port/database
|
||||
db_url = 'sqlite:///test.db'
|
||||
|
||||
## Logging configuration
|
||||
debug = False
|
|
@ -0,0 +1,14 @@
|
|||
import base64
|
||||
|
||||
from mandaye.auth.saml2 import SAML2Auth
|
||||
|
||||
class SamlArcopoleAuth(SAML2Auth):
|
||||
""" Overload replay for arcopole
|
||||
"""
|
||||
|
||||
def replay(self, env, post_values):
|
||||
""" we need to b64encode the password for arcopole """
|
||||
pwd = self.form_values['password_field']
|
||||
post_values[pwd] = base64.b64encode(post_values[pwd])
|
||||
return super(SamlArcopoleAuth, self).replay(env, post_values)
|
||||
|
|
@ -1,18 +0,0 @@
|
|||
"""
|
||||
Here you can overload Mandaye default authentification
|
||||
method like SAML2Auth or AuthForm
|
||||
"""
|
||||
|
||||
from mandaye.auth.authform import AuthForm
|
||||
from mandaye.auth.saml2 import SAML2Auth
|
||||
|
||||
class MyAuthSAML(SAML2Auth):
|
||||
""" Overload Mandaye SAML2Auth authentification
|
||||
"""
|
||||
pass
|
||||
|
||||
class MyAuth(AuthForm):
|
||||
""" Overload Mandaye AuthForm authentification
|
||||
"""
|
||||
pass
|
||||
|
|
@ -10,6 +10,7 @@ from mandaye.exceptions import ImproperlyConfigured
|
|||
# else /etc/mandaye-cam/config.ini
|
||||
# and then /etc/mandaye-cam/local-config.ini
|
||||
BASE_DIR = os.path.dirname(os.path.abspath(__file__))
|
||||
print os.path.join(BASE_DIR, 'local-config.ini')
|
||||
SETTINGS_INI = (os.path.join(BASE_DIR, 'default-config.ini'),)
|
||||
if os.environ.get('SETTINGS_INI'):
|
||||
SETTINGS_INI += (os.environ.get('SETTINGS_INI'),)
|
||||
|
@ -17,7 +18,7 @@ else:
|
|||
ETC_DIR = os.path.join('/', 'etc', 'mandaye-cam')
|
||||
SETTINGS_INI += (
|
||||
os.path.join(ETC_DIR, 'config.ini'),
|
||||
os.path.join(ETC_DIR, 'local-config.ini')
|
||||
os.path.join(BASE_DIR, 'local-config.ini')
|
||||
)
|
||||
|
||||
config = SafeConfigParser()
|
||||
|
@ -107,12 +108,13 @@ if config.has_section('template_vars'):
|
|||
|
||||
# Supported authentification
|
||||
authentifications = {
|
||||
'saml2': 'mandaye.auth.saml2.SAML2Auth'
|
||||
'saml2': 'mandaye.auth.saml2.SAML2Auth',
|
||||
'saml2_arcopole': 'mandaye_cud.auth.arcopole.SamlArcopoleAuth'
|
||||
}
|
||||
|
||||
# sp mappers
|
||||
mappers = {
|
||||
'linuxfr': 'mandaye_cud.mappers.linuxfr_example',
|
||||
'arcopole': 'mandaye_cud.mappers.arcopole',
|
||||
}
|
||||
|
||||
# Raven Sentry configuration
|
||||
|
|
|
@ -21,15 +21,14 @@ login_url, form_attrs, post_fields and username_field are obligatory
|
|||
* mapping
|
||||
"""
|
||||
|
||||
from mandaye.auth.saml2 import END_POINTS_PATH
|
||||
from mandaye_cud.filters.example import ReplayFilter
|
||||
|
||||
form_values = {
|
||||
'login_url': '/compte/connexion',
|
||||
'form_attrs': { 'id': 'new_account' },
|
||||
'post_fields': ['account[login]', 'account[password]'],
|
||||
'username_field': 'account[login]',
|
||||
'password_field': 'account[password]',
|
||||
'login_url': '/studio/accueil',
|
||||
'form_attrs': { 'id': 'login-form' },
|
||||
'post_fields': ['username', 'password'],
|
||||
'username_field': 'username',
|
||||
'password_field': 'password',
|
||||
}
|
||||
|
||||
urls = {
|
||||
|
@ -45,7 +44,7 @@ mapping = [
|
|||
'method': 'GET',
|
||||
'response': {
|
||||
'auth': 'login',
|
||||
'values': {'condition': 'response.code==302'},
|
||||
'values': {'condition': "'success' in response.msg"},
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -66,7 +65,7 @@ mapping = [
|
|||
'values': {
|
||||
'action': urls['associate_url'],
|
||||
'template': 'associate.html',
|
||||
'sp_name': 'Linux FR',
|
||||
'sp_name': 'Arcopole',
|
||||
'login_name': form_values['username_field'],
|
||||
'password_name': form_values['password_field'],
|
||||
},
|
||||
|
@ -77,23 +76,8 @@ mapping = [
|
|||
'method': 'POST',
|
||||
'response': {
|
||||
'auth': 'associate_submit',
|
||||
'values': {'condition': "response.code==302"}
|
||||
'values': {'condition': "'success' in response.msg"}
|
||||
},
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % END_POINTS_PATH['single_sign_on_post'],
|
||||
'method': 'POST',
|
||||
'response': {'auth': 'single_sign_on_post'}
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % END_POINTS_PATH['single_logout'],
|
||||
'method': 'GET',
|
||||
'response': {'auth': 'single_logout',}
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % END_POINTS_PATH['single_logout_return'],
|
||||
'method': 'GET',
|
||||
'response': {'auth': 'single_logout_return',}
|
||||
},
|
||||
]
|
||||
|
|
@ -27,7 +27,7 @@
|
|||
</form>
|
||||
</div>
|
||||
<div id="footer">
|
||||
Copyright © 2013 Entr'ouvert
|
||||
Copyright © 2014 Entr'ouvert
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
|
|
Reference in New Issue