entrouvert
/
mandaye-cam
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

saml2: allow to modify idp url and saml key

This commit is contained in:
Jérôme Schneider 2013-11-04 17:08:16 +01:00
parent 4f380a938e
commit e2abf6360d
3 changed files with 61 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
cam/config.py
View File

@ -52,6 +52,9 @@ smtp_port = 25
email_from = 'traceback@entrouvert.com'
email_to = ['admin@localhost']
# platform : should be prod, recette or dev
platform = "prod"
# Use long traceback with xtraceback
use_long_trace = True
@ -82,6 +85,54 @@ ssl = False
keyfile = ''
certfile = ''
SAML_SIGNATURE_PUBLIC_KEY = '''-----BEGIN CERTIFICATE-----
MIIDIzCCAgugAwIBAgIJANUBoick1pDpMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
BAoTCkVudHJvdXZlcnQwHhcNMTAxMjE0MTUzMzAyWhcNMTEwMTEzMTUzMzAyWjAV
MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZn9Kqm4Cp
06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrUH8QT8NGh
ABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59xihSqsoFr
kmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9Hri8JRdXi
VT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziazZfvvw/VG
Tm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABo3YwdDAdBgNVHQ4EFgQUeF8ePnu0
fcAK50iBQDgAhHkOu8kwRQYDVR0jBD4wPIAUeF8ePnu0fcAK50iBQDgAhHkOu8mh
GaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQDVAaInJNaQ6TAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAy8l3GhUtpPHx0FxzbRHVaaUSgMwYKGPhE
IdGhqekKUJIx8et4xpEMFBl5XQjBNq/mp5vO3SPb2h2PVSks7xWnG3cvEkqJSOeo
fEEhkqnM45b2MH1S5uxp4i8UilPG6kmQiXU2rEUBdRk9xnRWos7epVivTSIv1Ncp
lG6l41SXp6YgIb2ToT+rOKdIGIQuGDlzeR88fDxWEU0vEujZv/v1PE1YOV0xKjTT
JumlBc6IViKhJeo1wiBBrVRIIkKKevHKQzteK8pWm9CYWculxT26TZ4VWzGbo06j
o2zbumirrLLqnt1gmBDvDvlOwC/zAAyL4chbz66eQHTiIYZZvYgy
-----END CERTIFICATE-----'''
SAML_SIGNATURE_PRIVATE_KEY = '''-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZ
n9Kqm4Cp06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrU
H8QT8NGhABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59x
ihSqsoFrkmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9H
ri8JRdXiVT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziaz
Zfvvw/VGTm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABAoIBAQCj8t2iKXya10HG
V6Saaeih8aftoLBV38VwFqqjPU0+iKqDpk2JSXBhjI6s7uFIsaTNJpR2Ga1qvns1
hJQEDMQSLhJvXfBgSkHylRWCpJentr4E3D7mnw5pRsd61Ev9U+uHcdv/WHP4K5hM
xsdiwXNXD/RYd1Q1+6bKrCuvnNJVmWe0/RV+r3T8Ni5xdMVFbRWt/VEoE620XX6c
a9TQPiA5i/LRVyie+js7Yv+hVjGOlArtuLs6ECQsivfPrqKLOBRWcofKdcf+4N2e
3cieUqwzC15C31vcMliD9Hax9c1iuTt9Q3Xzo20fOSazAnQ5YBEExyTtrFBwbfQu
ku6hp81pAoGBAN6bc6iJtk5ipYpsaY4ZlbqdjjG9KEXB6G1MExPU7SHXOhOF0cDH
/pgMsv9hF2my863MowsOj3OryVhdQhwA6RrV263LRh+JU8NyHV71BwAIfI0BuVfj
6r24KudwtUcvMr9pJIrJyMAMaw5ZyNoX7YqFpS6fcisSJYdSBSoxzrzVAoGBANu6
xVeMqGavA/EHSOQP3ipDZ3mnWbkDUDxpNhgJG8Q6lZiwKwLoSceJ8z0PNY3VetGA
RbqtqBGfR2mcxHyzeqVBpLnXZC4vs/Vy7lrzTiHDRZk2SG5EkHMSKFA53jN6S/nJ
JWpYZC8lG8w4OHaUfDHFWbptxdGYCgY4//sjeiuXAoGBANuhurJ99R5PnA8AOgEW
4zD1hLc0b4ir8fvshCIcAj9SUB20+afgayRv2ye3Dted1WkUL4WYPxccVhLWKITi
rRtqB03o8m3pG3kJnUr0LIzu0px5J/o8iH3ZOJOTE3iBa+uI/KHmxygc2H+XPGFa
HGeAxuJCNO2kAN0Losbnz5dlAoGAVsCn94gGWPxSjxA0PC7zpTYVnZdwOjbPr/pO
LDE0cEY9GBq98JjrwEd77KibmVMm+Z4uaaT0jXiYhl8pyJ5IFwUS13juCbo1z/u/
ldMoDvZ8/R/MexTA/1204u/mBecMJiO/jPw3GdIJ5phv2omHe1MSuSNsDfN8Sbap
gmsgaiMCgYB/nrTk89Fp7050VKCNnIt1mHAcO9cBwDV8qrJ5O3rIVmrg1T6vn0aY
wRiVcNacaP+BivkrMjr4BlsUM6yH4MOBsNhLURiiCL+tLJV7U0DWlCse/doWij4U
TKX6tp6oI+7MIJE6ySZ0cBqOiydAkBePZhu57j6ToBkTa0dbHjn1WA==
-----END RSA PRIVATE KEY-----'''
# Import local config
try:
from cam.local_config import *

12
cam/configs/archimed_saml.py
View File

@ -1,9 +1,9 @@
from mandaye.auth.saml2 import SAML2Auth
from mandaye.filters.replay import ReplayFilter
from mandaye.configs import saml2 as saml2_config
from cam.filters import archimed
from cam import config
base = 'EXPLOITATION'
@ -15,7 +15,15 @@ form_values = {
'password_field': 'password',
}
saml2_config.IDP_METADATA = "http://idp-montpellier.entrouvert.org/idp/saml2/metadata"
if config.platform == "dev":
saml2_config.IDP_METADATA = "http://idp-montpellier.entrouvert.org/idp/saml2/metadata"
elif config.platform == "recette":
saml2_config.IDP_METADATA = "https://idp-test-entrouvert.montpellier-agglo.com/idp/saml2/metadata"
else:
saml2_config.IDP_METADATA = "https://compte-citoyen.montpellier-agglo.com/idp/saml2/metadata"
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
auth = SAML2Auth(form_values, 'archimed', saml2_config)

47
cam/configs/linuxfr_saml_example.py
View File

@ -1,47 +0,0 @@
from mandaye.auth.saml2 import SAML2Auth
from mandaye.filters.replay import ReplayFilter
from mandaye.configs import saml2 as saml2_config
form_values = {
'login_url': '/compte/connexion',
'form_attrs': { 'id': 'new_account' },
'post_fields': ['account[login]', 'account[password]'],
'username_field': 'account[login]',
'password_field': 'account[password]',
}
auth = SAML2Auth(form_values, 'linuxfr', saml2_config)
linuxfr_mapping = [
{
'path': r'/mandaye/associate$',
'method': 'GET',
'on_response': [{
'filter': ReplayFilter.associate,
'values': {
'action': '/mandaye/associate',
'template': 'associate.html',
'sp_name': 'Linux FR',
'login_name': form_values['username_field'],
'password_name': form_values['password_field'],
},
},]
},
{
'path': r'/mandaye/associate$',
'method': 'POST',
'response': [
{
'filter': auth.associate_submit,
'values': {
'connection_url': '/mandaye/sso',
'associate_url': '/mandaye/associate',
},
'condition': "response.code==302"
},
]
},
]
linuxfr_mapping.extend(auth.get_default_mapping())