begin port to the last mandaye version
This commit is contained in:
parent
2d5451f982
commit
368f22e334
|
@ -0,0 +1,2 @@
|
|||
Folder where Mandaye files will be stored.
|
||||
It's only use to store metadata files.
|
|
@ -12,11 +12,13 @@ from urlparse import parse_qs
|
|||
|
||||
from mandaye.auth.authform import AuthForm
|
||||
from mandaye.log import logger
|
||||
from mandaye.models import Site, ExtUser, LocalUser
|
||||
from mandaye.models import ServiceProvider, SPUser, IDPUser
|
||||
from mandaye.db import sql_session
|
||||
from mandaye.response import _502, _302
|
||||
from mandaye.server import get_response
|
||||
|
||||
from mandaye_vincennes import config
|
||||
|
||||
class VincennesAuth(AuthForm):
|
||||
""" Specific authentification class for Vincennes
|
||||
"""
|
||||
|
@ -44,12 +46,11 @@ class VincennesAuth(AuthForm):
|
|||
def get_current_unique_id(self, env):
|
||||
""" Return the current Vincennes unique id
|
||||
"""
|
||||
from mandaye import config
|
||||
# TODO: test time validity
|
||||
if not env['QUERY_STRING']:
|
||||
return None
|
||||
query = self._parse_qs(env['QUERY_STRING'])
|
||||
if query.has_key('token'):
|
||||
if query.has_key('token') and query['token']:
|
||||
try:
|
||||
token = query['token']
|
||||
token = base64.b64decode(token)
|
||||
|
@ -91,23 +92,23 @@ class VincennesAuth(AuthForm):
|
|||
logger.debug('Trying to auto log user on %s' % self.site_name)
|
||||
env['beaker.session']['auto_login'] = True
|
||||
env['beaker.session'].save()
|
||||
login = self.get_current_login(env)
|
||||
unique_id = self.get_current_unique_id(env)
|
||||
if env['beaker.session'].has_key('next_url'):
|
||||
path = env['beaker.session']['next_url']
|
||||
else:
|
||||
logger.warning('Auto login without mandaye_next_url automatically redirect to /')
|
||||
path = '/'
|
||||
if not login:
|
||||
if not unique_id:
|
||||
logger.debug('Auto login failed because the user is not connected on vincennes.fr')
|
||||
return _302(path, request.cookies)
|
||||
env['beaker.session']['unique_id'] = unique_id
|
||||
env['beaker.session'].save()
|
||||
ext_user = sql_session().query(ExtUser).\
|
||||
join(LocalUser).\
|
||||
join(Site).\
|
||||
filter(LocalUser.login==login).\
|
||||
filter(Site.name==self.site_name).\
|
||||
order_by(ExtUser.last_connection.desc()).\
|
||||
ext_user = sql_session().query(SPUser).\
|
||||
join(IDPUser).\
|
||||
join(ServiceProvider).\
|
||||
filter(IDPUser.unique_id==unique_id).\
|
||||
filter(ServiceProvider.name==self.site_name).\
|
||||
order_by(SPUser.last_connection.desc()).\
|
||||
first()
|
||||
if not ext_user:
|
||||
logger.debug("No association found redirect to the association page %s" % values.get('associate_url'))
|
||||
|
@ -115,7 +116,7 @@ class VincennesAuth(AuthForm):
|
|||
return _302(values.get('associate_url') + "?type=first&next_url=%s" % path)
|
||||
else:
|
||||
response = self._login_ext_user(ext_user, env, condition, values)
|
||||
logger.info("User %s has been successfully auto login on %s" % (login, self.site_name))
|
||||
logger.info("User %s has been successfully auto login on %s" % (unique_id, self.site_name))
|
||||
return _302(path, response.cookies)
|
||||
|
||||
def auto_connection(self, env, values, request, response):
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
import logging
|
||||
import os
|
||||
|
||||
|
@ -46,11 +45,15 @@ data_dir = os.path.join(_PROJECT_PATH, 'data')
|
|||
|
||||
# Email notification configuration
|
||||
email_notification = False
|
||||
email_prefix = '[Mandaye CAM]'
|
||||
smtp_host = 'localhost'
|
||||
smtp_port = 25
|
||||
email_from = 'traceback@entrouvert.com'
|
||||
email_to = ['admin@localhost']
|
||||
|
||||
# platform : should be prod, recette or dev
|
||||
platform = "prod"
|
||||
|
||||
# Use long traceback with xtraceback
|
||||
use_long_trace = True
|
||||
|
||||
|
@ -81,6 +84,54 @@ ssl = False
|
|||
keyfile = ''
|
||||
certfile = ''
|
||||
|
||||
SAML_SIGNATURE_PUBLIC_KEY = '''-----BEGIN CERTIFICATE-----
|
||||
MIIDIzCCAgugAwIBAgIJANUBoick1pDpMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
|
||||
BAoTCkVudHJvdXZlcnQwHhcNMTAxMjE0MTUzMzAyWhcNMTEwMTEzMTUzMzAyWjAV
|
||||
MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
||||
CgKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZn9Kqm4Cp
|
||||
06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrUH8QT8NGh
|
||||
ABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59xihSqsoFr
|
||||
kmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9Hri8JRdXi
|
||||
VT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziazZfvvw/VG
|
||||
Tm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABo3YwdDAdBgNVHQ4EFgQUeF8ePnu0
|
||||
fcAK50iBQDgAhHkOu8kwRQYDVR0jBD4wPIAUeF8ePnu0fcAK50iBQDgAhHkOu8mh
|
||||
GaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQDVAaInJNaQ6TAMBgNVHRMEBTAD
|
||||
AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAy8l3GhUtpPHx0FxzbRHVaaUSgMwYKGPhE
|
||||
IdGhqekKUJIx8et4xpEMFBl5XQjBNq/mp5vO3SPb2h2PVSks7xWnG3cvEkqJSOeo
|
||||
fEEhkqnM45b2MH1S5uxp4i8UilPG6kmQiXU2rEUBdRk9xnRWos7epVivTSIv1Ncp
|
||||
lG6l41SXp6YgIb2ToT+rOKdIGIQuGDlzeR88fDxWEU0vEujZv/v1PE1YOV0xKjTT
|
||||
JumlBc6IViKhJeo1wiBBrVRIIkKKevHKQzteK8pWm9CYWculxT26TZ4VWzGbo06j
|
||||
o2zbumirrLLqnt1gmBDvDvlOwC/zAAyL4chbz66eQHTiIYZZvYgy
|
||||
-----END CERTIFICATE-----'''
|
||||
|
||||
SAML_SIGNATURE_PRIVATE_KEY = '''-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZ
|
||||
n9Kqm4Cp06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrU
|
||||
H8QT8NGhABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59x
|
||||
ihSqsoFrkmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9H
|
||||
ri8JRdXiVT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziaz
|
||||
Zfvvw/VGTm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABAoIBAQCj8t2iKXya10HG
|
||||
V6Saaeih8aftoLBV38VwFqqjPU0+iKqDpk2JSXBhjI6s7uFIsaTNJpR2Ga1qvns1
|
||||
hJQEDMQSLhJvXfBgSkHylRWCpJentr4E3D7mnw5pRsd61Ev9U+uHcdv/WHP4K5hM
|
||||
xsdiwXNXD/RYd1Q1+6bKrCuvnNJVmWe0/RV+r3T8Ni5xdMVFbRWt/VEoE620XX6c
|
||||
a9TQPiA5i/LRVyie+js7Yv+hVjGOlArtuLs6ECQsivfPrqKLOBRWcofKdcf+4N2e
|
||||
3cieUqwzC15C31vcMliD9Hax9c1iuTt9Q3Xzo20fOSazAnQ5YBEExyTtrFBwbfQu
|
||||
ku6hp81pAoGBAN6bc6iJtk5ipYpsaY4ZlbqdjjG9KEXB6G1MExPU7SHXOhOF0cDH
|
||||
/pgMsv9hF2my863MowsOj3OryVhdQhwA6RrV263LRh+JU8NyHV71BwAIfI0BuVfj
|
||||
6r24KudwtUcvMr9pJIrJyMAMaw5ZyNoX7YqFpS6fcisSJYdSBSoxzrzVAoGBANu6
|
||||
xVeMqGavA/EHSOQP3ipDZ3mnWbkDUDxpNhgJG8Q6lZiwKwLoSceJ8z0PNY3VetGA
|
||||
RbqtqBGfR2mcxHyzeqVBpLnXZC4vs/Vy7lrzTiHDRZk2SG5EkHMSKFA53jN6S/nJ
|
||||
JWpYZC8lG8w4OHaUfDHFWbptxdGYCgY4//sjeiuXAoGBANuhurJ99R5PnA8AOgEW
|
||||
4zD1hLc0b4ir8fvshCIcAj9SUB20+afgayRv2ye3Dted1WkUL4WYPxccVhLWKITi
|
||||
rRtqB03o8m3pG3kJnUr0LIzu0px5J/o8iH3ZOJOTE3iBa+uI/KHmxygc2H+XPGFa
|
||||
HGeAxuJCNO2kAN0Losbnz5dlAoGAVsCn94gGWPxSjxA0PC7zpTYVnZdwOjbPr/pO
|
||||
LDE0cEY9GBq98JjrwEd77KibmVMm+Z4uaaT0jXiYhl8pyJ5IFwUS13juCbo1z/u/
|
||||
ldMoDvZ8/R/MexTA/1204u/mBecMJiO/jPw3GdIJ5phv2omHe1MSuSNsDfN8Sbap
|
||||
gmsgaiMCgYB/nrTk89Fp7050VKCNnIt1mHAcO9cBwDV8qrJ5O3rIVmrg1T6vn0aY
|
||||
wRiVcNacaP+BivkrMjr4BlsUM6yH4MOBsNhLURiiCL+tLJV7U0DWlCse/doWij4U
|
||||
TKX6tp6oI+7MIJE6ySZ0cBqOiydAkBePZhu57j6ToBkTa0dbHjn1WA==
|
||||
-----END RSA PRIVATE KEY-----'''
|
||||
|
||||
# Import local config
|
||||
try:
|
||||
from mandaye_vincennes.local_config import *
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
|
||||
from mandaye_vincennes.auth.vincennes import VincennesAuth
|
||||
from mandaye.auth.saml2 import SAML2Auth
|
||||
from mandaye.configs import saml2 as saml2_config
|
||||
|
||||
from mandaye_vincennes import config
|
||||
from mandaye_vincennes.filters import vincennes
|
||||
|
||||
form_values = {
|
||||
|
@ -10,7 +13,12 @@ form_values = {
|
|||
'password_field': 'password',
|
||||
}
|
||||
|
||||
auth = VincennesAuth(form_values, 'biblio', 'https://www.vincennes.fr/comptecitoyen/auth')
|
||||
saml2_config.IDP_METADATA = "https://sso.vincennes.dev2.entrouvert.org/idp/saml2/metadata"
|
||||
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
|
||||
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
|
||||
|
||||
|
||||
auth = SAML2Auth(form_values, 'biblio', saml2_config)
|
||||
filters = vincennes.Biblio()
|
||||
|
||||
biblio_mapping = [
|
||||
|
@ -20,15 +28,9 @@ biblio_mapping = [
|
|||
{
|
||||
'filter': filters.resp_html,
|
||||
'content-types': ['application/x-javascript', 'text/html', 'text/css'],
|
||||
'decompress': False,
|
||||
},
|
||||
{
|
||||
'filter': auth.auto_connection,
|
||||
'values': {
|
||||
'next_url': '/mandaye/auto_login',
|
||||
'empty_referer': True,
|
||||
'autologin_from': 'www.vincennes.fr'
|
||||
}
|
||||
}],
|
||||
],
|
||||
},
|
||||
{
|
||||
'path': r'/sezhame',
|
||||
|
|
|
@ -10,7 +10,7 @@ from mandaye.log import logger
|
|||
from mandaye.response import _302, _401
|
||||
from mandaye.template import serve_template
|
||||
|
||||
from mandaye.backend.default import ManagerSPUser
|
||||
from mandaye.backends.default import ManagerSPUser
|
||||
|
||||
def get_associate_form(env, values):
|
||||
""" Return association template content
|
||||
|
@ -61,7 +61,6 @@ def get_multi_template(env, values, current_account):
|
|||
return template
|
||||
return None
|
||||
|
||||
|
||||
class Biblio:
|
||||
|
||||
def resp_html_login_page(self, env, values, request, response):
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
2013-10-27 21:51:52 INFO CAM rp start
|
||||
2013-10-27 21:52:48 INFO CAM rp start
|
|
@ -5,7 +5,7 @@
|
|||
"""
|
||||
|
||||
import os
|
||||
os.environ['MANDAYE_CONFIG_MODULE'] = 'cam.config'
|
||||
os.environ['MANDAYE_CONFIG_MODULE'] = 'mandaye_vincennes.config'
|
||||
|
||||
import base64
|
||||
|
||||
|
@ -67,11 +67,10 @@ def main():
|
|||
command.upgrade(alembic_cfg, "head")
|
||||
logger.info("Database upgraded")
|
||||
if options.cryptpwd:
|
||||
pass
|
||||
#from mandaye.backends.default import ManagerSPUser
|
||||
#for user in ManagerSPUser.all():
|
||||
# user.password = encrypt_pwd(user.password)
|
||||
#ManagerSPUser.save()
|
||||
from mandaye.backends.default import ManagerSPUser
|
||||
for user in ManagerSPUser.all():
|
||||
user.password = encrypt_pwd(user.password)
|
||||
ManagerSPUser.save()
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
|
|
Reference in New Issue