entrouvert
/
mandaye-meyzieu
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

manage sso and slo

This commit is contained in:
Jérôme Schneider 2014-06-02 23:35:58 +02:00
parent 8e99b9a8e2
commit 93f8b55a86
6 changed files with 47 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
*.db
*.pyc
*.pyo

11
conf.d/linuxfr_saml_example
View File

@ -1,11 +0,0 @@
{
"site_name": "linuxfr",
"server_name": ["linuxfrsaml.local:8000"],
"location": "/",
"target": "https://linuxfr.org",
"mapper": "linuxfr",
"auth_type": "saml2",
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
"saml2_signature_public_key": "certs/saml.crt",
"saml2_signature_private_key": "certs/saml.key"
}

2
conf.d/portatil_famille
View File

@ -5,7 +5,7 @@
"target": "http://villes2.portail-familles.com:8080",
"mapper": "portail_famille_ecities",
"auth_type": "saml2",
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
"saml2_idp_metadata": "https://sso-vincennes.dev.entrouvert.org/idp/saml2/metadata",
"saml2_signature_public_key": "certs/saml.crt",
"saml2_signature_private_key": "certs/saml.key"
}

20
rp_meyzieu/filters/portail_famille_ecitiz.py
View File

@ -1,11 +1,14 @@
import urllib
import re
from urlparse import parse_qs
from mandaye.log import logger
def associate(env, values, request, response):
if response.msg and "<form" in response.msg:
sub = re.subn(r'<form action="/ffaxsslMeyzieu/workflow_url".*?>', '<form action="/ffaxsslMeyzieu/mandaye_associate" method="post" accept-charset="UTF-8">',
sub = re.subn(r'<form action="/ffaxsslMeyzieu/workflow_url".*?>',
'<form action="/ffaxsslMeyzieu/mandaye_associate" method="post" accept-charset="UTF-8">',
response.msg)
response.msg = sub[0]
if sub[1] != 1:
@ -19,3 +22,18 @@ def associate(env, values, request, response):
logger.warning('Filter portail_famille_ecitiz.associate: submit replacement failed !')
return response
def clean_js(env, values, request, response):
if response.msg and 'alert("Veuillez, s' in response.msg:
response.msg = re.sub(r'<script type="text/javascript"> alert\("Veuillez, s\'il vous pl.*?>',
'', response.msg)
return response
def rewrite_logout_form(env, values, request, response):
if response.msg and 'egoSubmitMeDeconnecter_action220_6T9N' in response.msg:
response.msg = re.sub(
re.compile('</form>\n<form enctype="multipart/form-data".*?<input type="submit" name="egoSubmitMeDeconnecter_action220_6T9N".*?</form>', re.MULTILINE|re.DOTALL),
'<a href="/mandaye/slo"><input type="button" name="egoSubmitMeDeconnecter_action220_6T9N" class="egoLabelButtonGuidgetStyle egoLabelButtonGuidgetStyleLeftToRight" title="" value="Me deconnecter"></a>',
response.msg)
return response

85
rp_meyzieu/mappers/linuxfr_example.py
View File

@ -1,85 +0,0 @@
"""
You need to defined 3 variables :
* form_values (defined the login form values):
form_values = {
'login_url': '/login',
'post_url': '/login',
'form_attrs': { 'name': 'form40', },
'username_field': 'user',
'password_field': 'pass',
'post_fields': ['birthdate', 'card_number']
}
login_url, form_attrs, post_fields and username_field are obligatory
* urls (a dictionnary with urls) :
urls = {
'associate_url': '/mandaye/associate',
'connection_url': '/mandaye/sso',
'login_url': '/mandaye/login'
}
* mapping
"""
from rp_meyzieu.filters.example import ReplayFilter
form_values = {
'login_url': '/compte/connexion',
'form_attrs': { 'id': 'new_account' },
'post_fields': ['account[login]', 'account[password]'],
'username_field': 'account[login]',
'password_field': 'account[password]',
}
urls = {
'associate_url': '/mandaye_associate',
'connection_url': '/mandaye/sso',
'login_url': '/mandaye/login'
}
mapping = [
{
'path': r'/mandaye/login$',
'method': 'GET',
'response': [{
'auth': 'login',
'condition': 'response.code==302',
},]
},
{
'path': r'/mandaye/sso$',
'method': 'GET',
'response': [{
'auth': 'sso',
}]
},
{
'path': r'/mandaye/slo$',
'method': 'GET',
'response': [{
'auth': 'slo',
}]
},
{
'path': r'/mandaye_associate$',
'method': 'GET',
'target': '/ffaxsslMeyzieu/workflow_url?ECITIZ_ACTIVITY_PATH=Citoyen&ECITIZ_HOME_URL=citoyen.jsp&ECITIZ_PROCESS_ID=guichet&ECITIZ_DECONNECTION_URL=services_list.jsp&ECITIZ_ORG=MEY00',
'on_response': [{
'filter': ecitiz.associate,
'values': {
'action': urls['associate_url'],
},
},]
},
{
'path': r'/mandaye_associate$',
'method': 'POST',
'response': [
{
'auth': 'associate_submit',
'condition': "response.code==302"
},
]
},
]

25
rp_meyzieu/mappers/portail_famille_ecities.py
View File

@ -38,6 +38,8 @@ urls = {
'login_url': '/mandaye/login'
}
index_url = '/ffaxsslMeyzieu/workflow_url?ECITIZ_ACTIVITY_PATH=Citoyen&ECITIZ_HOME_URL=citoyen.jsp&ECITIZ_PROCESS_ID=guichet&ECITIZ_DECONNECTION_URL=services_list.jsp&ECITIZ_ORG=MEY00'
mapping = [
{
'path': r'/mandaye/login$',
@ -61,6 +63,22 @@ mapping = [
'auth': 'slo',
}]
},
{
'path': (r'/ffaxsslMeyzieu/$', r'/ffaxsslMeyzieu/workflow_url'),
'method': 'GET',
'on_response': [{
'content-types': ['text/html'],
'filter': portail_famille_ecitiz.rewrite_logout_form
}],
},
{
'path': r'/ffaxsslMeyzieu/workflow_url$',
'method': 'POST',
'on_response': [{
'content-types': ['text/html'],
'filter': portail_famille_ecitiz.rewrite_logout_form
}]
},
{
'path': r'/ffaxsslMeyzieu/mandaye_associate$',
'method': 'GET',
@ -71,7 +89,9 @@ mapping = [
'action': urls['associate_url'],
'template': 'portail_famille/associate.html',
},
},]
},
{'filter': portail_famille_ecitiz.clean_js}
]
},
{
'path': r'/ffaxsslMeyzieu/mandaye_associate$',
@ -100,6 +120,9 @@ mapping = [
'method': 'GET',
'response': [{
'auth': 'single_logout_return',
'values': {
'next_url': index_url
},
}]
},
]