diff --git a/extra/ifef.py b/extra/ifef.py
index cb8f33f..6a594e3 100644
--- a/extra/ifef.py
+++ b/extra/ifef.py
@@ -6,6 +6,9 @@ import modules.configuration
import authentic.admin.root
import modules.afterjobs
import modules.callback
+import modules.admin_settings
+import modules.qommon_template
+import modules.authentic_saml
get_publisher_class().register_translation_domain('ifef')
authentic.admin.root.register_page('afterjobs',
diff --git a/extra/modules/admin_settings.py b/extra/modules/admin_settings.py
new file mode 100644
index 0000000..ca6ef9c
--- /dev/null
+++ b/extra/modules/admin_settings.py
@@ -0,0 +1,58 @@
+import authentic.admin.settings as settings
+from authentic.form import *
+import qommon.template
+from qommon import get_cfg
+from quixote import get_publisher, redirect
+import authentic.identities as identities
+
+STYLESHEET_URL = 'stylesheet_url'
+REFERER_PREFIX_URL = 'referer_prefix_url'
+CUSTOM_DOMAIN = 'custom_domain'
+REGISTRATION_FIELD = 'registration_fields'
+THEME = 'theme'
+
+class NewLibertyProviderUI(settings.LibertyProviderUI):
+ def edit_form(self):
+ form = super(NewLibertyProviderUI, self).edit_form()
+ form.add(StringWidget, STYLESHEET_URL,
+ title=_('Customized stylesheet URL'),
+ value=self.lp.get(STYLESHEET_URL, ''),
+ hint=_('The URL must be https if authentic also use https'))
+ form.add(StringWidget, REFERER_PREFIX_URL,
+ title=_('Prefix URL of the HTTP_REFERER'),
+ value=self.lp.get(REFERER_PREFIX_URL, ''),
+ hint=_('Used to find which service initiated a request to Authentic'))
+ names = [None] + [x[0] for x in qommon.template.get_themes().iteritems()]
+ form.add(SingleSelectWidget, THEME,
+ title=_('Custom theme'),
+ value=self.lp.get(THEME,None),
+ hint=_('Theme to use when an interaction is initated by this service'),
+ options=names)
+ form.add(StringWidget, CUSTOM_DOMAIN,
+ title=_('Custom domain'),
+ value=self.lp.get(CUSTOM_DOMAIN,None),
+ hint=_('If the IdP is published on this domain, the used theme will the custom theme for this service.'),
+ options=names)
+ form.add(identities.WidgetList, REGISTRATION_FIELD,
+ title=_('Registration fields'),
+ element_type=StringWidget,
+ value=self.lp.get(REGISTRATION_FIELD,[]),
+ hint=_('List of specific fields to show on the registration page.'))
+ return form
+ def edit_submit(self):
+ return super(NewLibertyProviderUI, self).edit_submit()
+
+class NewLibertyProvidersDir(settings.LibertyProvidersDir):
+ def submit_new(self, form, key_provider_id=None):
+ lpk, error = super(NewLibertyProvidersDir, self).submit_new(form,
+ key_provider_id)
+ if not error and form.get_widget(STYLESHEET_URL):
+ v = {}
+ for k in (STYLESHEET_URL, REFERER_PREFIX_URL, THEME, CUSTOM_DOMAIN, REGISTRATION_FIELD):
+ v[k] = form.get_widget(k).parse()
+ get_cfg('providers').get(lpk).update(v)
+ get_publisher().write_cfg()
+ return lpk, error
+
+settings.LibertyProviderUI = NewLibertyProviderUI
+settings.LibertyProvidersDir = NewLibertyProvidersDir
diff --git a/extra/modules/authentic_saml.py b/extra/modules/authentic_saml.py
new file mode 100644
index 0000000..1ec7128
--- /dev/null
+++ b/extra/modules/authentic_saml.py
@@ -0,0 +1,11 @@
+from quixote import get_session
+import authentic.liberty.saml2
+import qommon.misc as misc
+
+# Yeah another monkey patch
+old_invoke_login = authentic.liberty.saml2.RootDirectory.invoke_login
+def invoke_login(self, login, query):
+ print 'my invoke login'
+ get_session().service = misc.get_provider_key(login.remoteProviderId)
+ return old_invoke_login(self, login, query)
+authentic.liberty.saml2.RootDirectory.invoke_login = invoke_login
diff --git a/extra/modules/qommon_template.py b/extra/modules/qommon_template.py
new file mode 100644
index 0000000..d599ce4
--- /dev/null
+++ b/extra/modules/qommon_template.py
@@ -0,0 +1,44 @@
+import qommon.template as template
+from quixote import get_request, get_publisher, get_session
+from qommon import get_cfg
+from admin_settings import STYLESHEET_URL, REFERER_PREFIX_URL, THEME, \
+ CUSTOM_DOMAIN
+
+__old_decorate = template.decorate
+
+def decorate(body, response):
+ request = get_request()
+ referer = request.environ.get('HTTP_REFERER')
+ domain = request.environ.get('SERVER_NAME')
+ session = get_session()
+
+ more_css = []
+ body_class = []
+ theme = None
+ stylesheet_url = None
+ requesting_service = None
+
+ for key, value in get_cfg('providers', {}).iteritems():
+ custom_domain = value.get(CUSTOM_DOMAIN)
+ referer_prefix_url = value.get(REFERER_PREFIX_URL)
+ if custom_domain == domain or \
+ (request.form and request.form.get('service') == key) or \
+ (referer_prefix_url and referer and referer.startswith(referer_prefix_url)) or \
+ getattr(session, 'service', None) == key:
+ theme = value.get(THEME)
+ requesting_service = key
+ stylesheet_url = value.get(STYLESHEET_URL)
+ break
+ if requesting_service:
+ session.service = requesting_service
+ body_class.append(requesting_service)
+ if stylesheet_url:
+ more_css.append(stylesheet_url)
+ if theme:
+ get_publisher().cfg['branding']['theme'] = theme
+ response.filter.update({'more_css': more_css, 'body_class': body_class})
+ return __old_decorate(body, response)
+
+template.decorate = decorate
+import authentic.sessions
+authentic.sessions.BasicSession._has_info_keys.append('service')
diff --git a/extra/modules/root.ptl b/extra/modules/root.ptl
index 67b4ea8..ad3e688 100644
--- a/extra/modules/root.ptl
+++ b/extra/modules/root.ptl
@@ -1,6 +1,7 @@
from qommon import get_cfg, get_logger
-from quixote import redirect
+from quixote import redirect, get_session
from authentic.form import *
+from quixote.html import htmltext
import qommon.errors as errors
import qommon.template as template
import authentic.identities as identities
@@ -10,6 +11,8 @@ import authentic.admin.configuration as configuration
import urllib2
import captcha
from callback import BatchJob, XmlRpcAction
+import lasso
+import authentic.misc as misc
schema = (('PART_EMP', _('Particulier-employeur')),
(_('Salarie du Particulier-employeur'),
@@ -50,17 +53,34 @@ def check_classification(classification):
class IfefRootDirectory(authentic.root.RootDirectory):
_q_exports = authentic.root.RootDirectory._q_exports + [ 'register2' ]
+ def _q_traverse(self, path):
+ request = get_request()
+ if request.form and request.form.get('service'):
+ service = request.form['service']
+ get_session().service = service
+ request.service = service
+ return super(IfefRootDirectory, self)._q_traverse(path)
+
def register2 (self):
return self.register(version=2)
def register (self, version=1):
identities_cfg = get_cfg('identities', {})
+ session = get_session()
if not identities_cfg.get('creation') in ('self', 'moderated'):
raise errors.TraversalError()
form = Form(enctype="multipart/form-data")
- for field in identities.get_store_class().fields:
+ fields = identities.get_store_class().fields
+ keys = []
+ if getattr(session, 'service', None):
+ keys = get_cfg('providers',{}).get(session.service, {}) \
+ .get('registration_fields')
+ if keys:
+ fields = [ field for field in fields \
+ if field.key in keys ]
+ for field in fields:
if getattr(field, str('on_register'), True):
field.add_to_form(form) and None
@@ -79,51 +99,58 @@ vous connecter au portail de l'IFEF. Il peut contenir seulement des lettres et d
else:
form.add(HtmlWidget, htmltext('
%s
') % _('A password will be mailed to you.'))
- classification = get_request().form.get('classification')
- if classification:
- if not check_classification(classification):
- classification = None
- if version == 1:
- s=''
+ else:
+ s='' % _('Vous etes')
+ for i, q in enumerate(schema):
+ if isinstance(q, tuple):
+ s += '
%s' % q[0]
+ for j, q in enumerate(q[1:]):
+ s += '%s' % (i, j, i, j, q)
+ s += '
\n'
- else:
- code, text = q
- if code == classification:
- selected = 'selected="1"'
else:
- selected = ''
- s += '\n' % (selected, code, text)
- s += ''
- else:
- s='' % _('Vous etes')
- for i, q in enumerate(schema):
- if isinstance(q, tuple):
- s += '
%s' % q[0]
- for j, q in enumerate(q[1:]):
- s += '%s' % (i, j, i, j, q)
- s += '
\n'
+ s += '
%s
' % (i, i, q)
+ s+=''
- else:
- s += '
%s
' % (i, i, q)
- s+=''
-
- if get_request().get_method() == 'POST' and not classification:
+ if add_classification and get_request().get_method() == 'POST' \
+ and not classification:
form.set_error('username', ' ')
form.add(HtmlWidget, 'erreur', htmltext('