diff --git a/cam/auth/__init__.pu b/cam/auth/__init__.pu new file mode 100644 index 0000000..e69de29 diff --git a/cam/configs/archimed_saml.py b/cam/configs/archimed_saml.py new file mode 100644 index 0000000..2eaf256 --- /dev/null +++ b/cam/configs/archimed_saml.py @@ -0,0 +1,64 @@ + +from mandaye.auth.saml2 import SAML2Auth +from mandaye.filters.replay import ReplayFilter +from mandaye.configs import saml2 as saml2_config + +from cam.filters import archimed + +form_values = { + 'form_action': '/BM/DEFAULT/logon.svc/logon', + 'post_fields': ['username', 'password'], + 'username_field': 'username', + 'password_field': 'password', +} + +auth = SAML2Auth(form_values, 'archimed', saml2_config) + +archimed_mapping = [ + { + 'path': r'/', + 'method': 'GET', + 'on_request': [{ + 'filter': archimed.default_req, + }] + }, +# { +# 'path': r'/*', +# 'method': 'GET', +# 'content-types': ['text/html', 'application/javascript'], +# 'on_response': [{ +# 'filter': archimed.default_resp, +# }] +# }, + { + 'path': r'/mandaye/associate$', + 'method': 'GET', + 'on_response': [{ + 'filter': ReplayFilter.associate, + 'values': { + 'action': '/mandaye/associate', + 'template': 'associate.html', + 'sp_name': 'Linux FR', + 'login_name': form_values['username_field'], + 'password_name': form_values['password_field'], + }, + },] + }, + { + 'path': r'/mandaye/associate$', + 'method': 'POST', + 'response': [ + { + 'filter': auth.associate_submit, + 'values': { + 'connection_url': '/mandaye/sso', + 'associate_url': '/mandaye/associate', + }, + 'condition': "response.code==302" + }, + ] + }, + ] + +archimed_mapping.extend(auth.get_default_mapping()) + diff --git a/cam/configs/linuxfr_saml_example.py b/cam/configs/linuxfr_saml_example.py index 56e3960..3917eda 100644 --- a/cam/configs/linuxfr_saml_example.py +++ b/cam/configs/linuxfr_saml_example.py @@ -12,10 +12,8 @@ form_values = { } auth = SAML2Auth(form_values, 'linuxfr', saml2_config) -saml_mapping = auth.get_default_mapper() -linuxfr_mapping = saml_mapping.extend( - [ +linuxfr_mapping = [ { 'path': r'/mandaye/associate$', 'method': 'GET', @@ -45,6 +43,5 @@ linuxfr_mapping = saml_mapping.extend( ] }, ] - ) - +linuxfr_mapping.extend(auth.get_default_mapping()) diff --git a/cam/filters/archimed.py b/cam/filters/archimed.py new file mode 100644 index 0000000..b681abb --- /dev/null +++ b/cam/filters/archimed.py @@ -0,0 +1,12 @@ + +def default_req(env, values, request): + # Disable forward headers + request.headers.delheader('X-Forwarded-For') + request.headers.delheader('X-Forwarded-Host') + return request + +def default_resp(env, values, request, response): + #response.msg = response.msg.\ + # replace('http://demo-gamme-bibdoc.archimed.fr', + # 'http://archimed.local:8000') + return response diff --git a/cam_mandaye_manager b/cam_mandaye_manager index d23c350..62ddc27 100755 --- a/cam_mandaye_manager +++ b/cam_mandaye_manager @@ -67,10 +67,11 @@ def main(): command.upgrade(alembic_cfg, "head") logger.info("Database upgraded") if options.cryptpwd: - from mandaye.config.backend import ManagerSPUser - for user in ManagerSPUser.all(): - user.password = encrypt_pwd(user.password) - ManagerSPUser.save() + pass + #from mandaye.backends.default import ManagerSPUser + #for user in ManagerSPUser.all(): + # user.password = encrypt_pwd(user.password) + #ManagerSPUser.save() if __name__ == "__main__": main() diff --git a/data/README b/data/README new file mode 100644 index 0000000..8410143 --- /dev/null +++ b/data/README @@ -0,0 +1,2 @@ +Folder where Mandaye files will be stored. +It's only use to store metadata files.