entrouvert
/
mandaye-vincennes
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

begin port to the last mandaye version

This commit is contained in:
Jérôme Schneider 2014-04-04 11:53:43 +02:00
parent 2d5451f982
commit 368f22e334
8 changed files with 87 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
data/README Normal file
View File

@ -0,0 +1,2 @@
Folder where Mandaye files will be stored.
It's only use to store metadata files.

25
mandaye_vincennes/auth/vincennes.py
View File

@ -12,11 +12,13 @@ from urlparse import parse_qs
from mandaye.auth.authform import AuthForm
from mandaye.log import logger
from mandaye.models import Site, ExtUser, LocalUser
from mandaye.models import ServiceProvider, SPUser, IDPUser
from mandaye.db import sql_session
from mandaye.response import _502, _302
from mandaye.server import get_response
from mandaye_vincennes import config
class VincennesAuth(AuthForm):
""" Specific authentification class for Vincennes
"""
@ -44,12 +46,11 @@ class VincennesAuth(AuthForm):
def get_current_unique_id(self, env):
""" Return the current Vincennes unique id
"""
from mandaye import config
# TODO: test time validity
if not env['QUERY_STRING']:
return None
query = self._parse_qs(env['QUERY_STRING'])
if query.has_key('token'):
if query.has_key('token') and query['token']:
try:
token = query['token']
token = base64.b64decode(token)
@ -91,23 +92,23 @@ class VincennesAuth(AuthForm):
logger.debug('Trying to auto log user on %s' % self.site_name)
env['beaker.session']['auto_login'] = True
env['beaker.session'].save()
login = self.get_current_login(env)
unique_id = self.get_current_unique_id(env)
if env['beaker.session'].has_key('next_url'):
path = env['beaker.session']['next_url']
else:
logger.warning('Auto login without mandaye_next_url automatically redirect to /')
path = '/'
if not login:
if not unique_id:
logger.debug('Auto login failed because the user is not connected on vincennes.fr')
return _302(path, request.cookies)
env['beaker.session']['unique_id'] = unique_id
env['beaker.session'].save()
ext_user = sql_session().query(ExtUser).\
join(LocalUser).\
join(Site).\
filter(LocalUser.login==login).\
filter(Site.name==self.site_name).\
order_by(ExtUser.last_connection.desc()).\
ext_user = sql_session().query(SPUser).\
join(IDPUser).\
join(ServiceProvider).\
filter(IDPUser.unique_id==unique_id).\
filter(ServiceProvider.name==self.site_name).\
order_by(SPUser.last_connection.desc()).\
first()
if not ext_user:
logger.debug("No association found redirect to the association page %s" % values.get('associate_url'))
@ -115,7 +116,7 @@ class VincennesAuth(AuthForm):
return _302(values.get('associate_url') + "?type=first&next_url=%s" % path)
else:
response = self._login_ext_user(ext_user, env, condition, values)
logger.info("User %s has been successfully auto login on %s" % (login, self.site_name))
logger.info("User %s has been successfully auto login on %s" % (unique_id, self.site_name))
return _302(path, response.cookies)
def auto_connection(self, env, values, request, response):

53
mandaye_vincennes/config.py
View File

@ -1,4 +1,3 @@
import logging
import os
@ -46,11 +45,15 @@ data_dir = os.path.join(_PROJECT_PATH, 'data')
# Email notification configuration
email_notification = False
email_prefix = '[Mandaye CAM]'
smtp_host = 'localhost'
smtp_port = 25
email_from = 'traceback@entrouvert.com'
email_to = ['admin@localhost']
# platform : should be prod, recette or dev
platform = "prod"
# Use long traceback with xtraceback
use_long_trace = True
@ -81,6 +84,54 @@ ssl = False
keyfile = ''
certfile = ''
SAML_SIGNATURE_PUBLIC_KEY = '''-----BEGIN CERTIFICATE-----
MIIDIzCCAgugAwIBAgIJANUBoick1pDpMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
BAoTCkVudHJvdXZlcnQwHhcNMTAxMjE0MTUzMzAyWhcNMTEwMTEzMTUzMzAyWjAV
MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZn9Kqm4Cp
06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrUH8QT8NGh
ABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59xihSqsoFr
kmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9Hri8JRdXi
VT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziazZfvvw/VG
Tm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABo3YwdDAdBgNVHQ4EFgQUeF8ePnu0
fcAK50iBQDgAhHkOu8kwRQYDVR0jBD4wPIAUeF8ePnu0fcAK50iBQDgAhHkOu8mh
GaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQDVAaInJNaQ6TAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAy8l3GhUtpPHx0FxzbRHVaaUSgMwYKGPhE
IdGhqekKUJIx8et4xpEMFBl5XQjBNq/mp5vO3SPb2h2PVSks7xWnG3cvEkqJSOeo
fEEhkqnM45b2MH1S5uxp4i8UilPG6kmQiXU2rEUBdRk9xnRWos7epVivTSIv1Ncp
lG6l41SXp6YgIb2ToT+rOKdIGIQuGDlzeR88fDxWEU0vEujZv/v1PE1YOV0xKjTT
JumlBc6IViKhJeo1wiBBrVRIIkKKevHKQzteK8pWm9CYWculxT26TZ4VWzGbo06j
o2zbumirrLLqnt1gmBDvDvlOwC/zAAyL4chbz66eQHTiIYZZvYgy
-----END CERTIFICATE-----'''
SAML_SIGNATURE_PRIVATE_KEY = '''-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZ
n9Kqm4Cp06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrU
H8QT8NGhABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59x
ihSqsoFrkmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9H
ri8JRdXiVT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziaz
Zfvvw/VGTm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABAoIBAQCj8t2iKXya10HG
V6Saaeih8aftoLBV38VwFqqjPU0+iKqDpk2JSXBhjI6s7uFIsaTNJpR2Ga1qvns1
hJQEDMQSLhJvXfBgSkHylRWCpJentr4E3D7mnw5pRsd61Ev9U+uHcdv/WHP4K5hM
xsdiwXNXD/RYd1Q1+6bKrCuvnNJVmWe0/RV+r3T8Ni5xdMVFbRWt/VEoE620XX6c
a9TQPiA5i/LRVyie+js7Yv+hVjGOlArtuLs6ECQsivfPrqKLOBRWcofKdcf+4N2e
3cieUqwzC15C31vcMliD9Hax9c1iuTt9Q3Xzo20fOSazAnQ5YBEExyTtrFBwbfQu
ku6hp81pAoGBAN6bc6iJtk5ipYpsaY4ZlbqdjjG9KEXB6G1MExPU7SHXOhOF0cDH
/pgMsv9hF2my863MowsOj3OryVhdQhwA6RrV263LRh+JU8NyHV71BwAIfI0BuVfj
6r24KudwtUcvMr9pJIrJyMAMaw5ZyNoX7YqFpS6fcisSJYdSBSoxzrzVAoGBANu6
xVeMqGavA/EHSOQP3ipDZ3mnWbkDUDxpNhgJG8Q6lZiwKwLoSceJ8z0PNY3VetGA
RbqtqBGfR2mcxHyzeqVBpLnXZC4vs/Vy7lrzTiHDRZk2SG5EkHMSKFA53jN6S/nJ
JWpYZC8lG8w4OHaUfDHFWbptxdGYCgY4//sjeiuXAoGBANuhurJ99R5PnA8AOgEW
4zD1hLc0b4ir8fvshCIcAj9SUB20+afgayRv2ye3Dted1WkUL4WYPxccVhLWKITi
rRtqB03o8m3pG3kJnUr0LIzu0px5J/o8iH3ZOJOTE3iBa+uI/KHmxygc2H+XPGFa
HGeAxuJCNO2kAN0Losbnz5dlAoGAVsCn94gGWPxSjxA0PC7zpTYVnZdwOjbPr/pO
LDE0cEY9GBq98JjrwEd77KibmVMm+Z4uaaT0jXiYhl8pyJ5IFwUS13juCbo1z/u/
ldMoDvZ8/R/MexTA/1204u/mBecMJiO/jPw3GdIJ5phv2omHe1MSuSNsDfN8Sbap
gmsgaiMCgYB/nrTk89Fp7050VKCNnIt1mHAcO9cBwDV8qrJ5O3rIVmrg1T6vn0aY
wRiVcNacaP+BivkrMjr4BlsUM6yH4MOBsNhLURiiCL+tLJV7U0DWlCse/doWij4U
TKX6tp6oI+7MIJE6ySZ0cBqOiydAkBePZhu57j6ToBkTa0dbHjn1WA==
-----END RSA PRIVATE KEY-----'''
# Import local config
try:
from mandaye_vincennes.local_config import *

22
mandaye_vincennes/configs/biblio_vincennes.py
View File

@ -1,5 +1,8 @@
from mandaye_vincennes.auth.vincennes import VincennesAuth
from mandaye.auth.saml2 import SAML2Auth
from mandaye.configs import saml2 as saml2_config
from mandaye_vincennes import config
from mandaye_vincennes.filters import vincennes
form_values = {
@ -10,7 +13,12 @@ form_values = {
'password_field': 'password',
}
auth = VincennesAuth(form_values, 'biblio', 'https://www.vincennes.fr/comptecitoyen/auth')
saml2_config.IDP_METADATA = "https://sso.vincennes.dev2.entrouvert.org/idp/saml2/metadata"
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
auth = SAML2Auth(form_values, 'biblio', saml2_config)
filters = vincennes.Biblio()
biblio_mapping = [
@ -20,15 +28,9 @@ biblio_mapping = [
{
'filter': filters.resp_html,
'content-types': ['application/x-javascript', 'text/html', 'text/css'],
'decompress': False,
},
{
'filter': auth.auto_connection,
'values': {
'next_url': '/mandaye/auto_login',
'empty_referer': True,
'autologin_from': 'www.vincennes.fr'
}
}],
],
},
{
'path': r'/sezhame',

3
mandaye_vincennes/filters/vincennes.py
View File

@ -10,7 +10,7 @@ from mandaye.log import logger
from mandaye.response import _302, _401
from mandaye.template import serve_template
from mandaye.backend.default import ManagerSPUser
from mandaye.backends.default import ManagerSPUser
def get_associate_form(env, values):
""" Return association template content
@ -61,7 +61,6 @@ def get_multi_template(env, values, current_account):
return template
return None
class Biblio:
def resp_html_login_page(self, env, values, request, response):

2
mandaye_vincennes/mandaye_mandaye_vincennes.log
View File

@ -1,2 +0,0 @@
2013-10-27 21:51:52 INFO CAM rp start
2013-10-27 21:52:48 INFO CAM rp start

11
mandaye_vincennes_manager
View File

@ -5,7 +5,7 @@
"""
import os
os.environ['MANDAYE_CONFIG_MODULE'] = 'cam.config'
os.environ['MANDAYE_CONFIG_MODULE'] = 'mandaye_vincennes.config'
import base64
@ -67,11 +67,10 @@ def main():
command.upgrade(alembic_cfg, "head")
logger.info("Database upgraded")
if options.cryptpwd:
pass
#from mandaye.backends.default import ManagerSPUser
#for user in ManagerSPUser.all():
# user.password = encrypt_pwd(user.password)
#ManagerSPUser.save()
from mandaye.backends.default import ManagerSPUser
for user in ManagerSPUser.all():
user.password = encrypt_pwd(user.password)
ManagerSPUser.save()
if __name__ == "__main__":
main()

4
setup.py
View File

@ -11,8 +11,8 @@ from setuptools import setup, find_packages
from sys import version
install_requires=[
'gunicorn>=0.13',
'mandaye>=0.4',
'gunicorn>=0.17',
'mandaye>=0.7',
'pycrypto>=2.0',
]