begin port to the last mandaye version
This commit is contained in:
parent
2d5451f982
commit
368f22e334
|
@ -0,0 +1,2 @@
|
||||||
|
Folder where Mandaye files will be stored.
|
||||||
|
It's only use to store metadata files.
|
|
@ -12,11 +12,13 @@ from urlparse import parse_qs
|
||||||
|
|
||||||
from mandaye.auth.authform import AuthForm
|
from mandaye.auth.authform import AuthForm
|
||||||
from mandaye.log import logger
|
from mandaye.log import logger
|
||||||
from mandaye.models import Site, ExtUser, LocalUser
|
from mandaye.models import ServiceProvider, SPUser, IDPUser
|
||||||
from mandaye.db import sql_session
|
from mandaye.db import sql_session
|
||||||
from mandaye.response import _502, _302
|
from mandaye.response import _502, _302
|
||||||
from mandaye.server import get_response
|
from mandaye.server import get_response
|
||||||
|
|
||||||
|
from mandaye_vincennes import config
|
||||||
|
|
||||||
class VincennesAuth(AuthForm):
|
class VincennesAuth(AuthForm):
|
||||||
""" Specific authentification class for Vincennes
|
""" Specific authentification class for Vincennes
|
||||||
"""
|
"""
|
||||||
|
@ -44,12 +46,11 @@ class VincennesAuth(AuthForm):
|
||||||
def get_current_unique_id(self, env):
|
def get_current_unique_id(self, env):
|
||||||
""" Return the current Vincennes unique id
|
""" Return the current Vincennes unique id
|
||||||
"""
|
"""
|
||||||
from mandaye import config
|
|
||||||
# TODO: test time validity
|
# TODO: test time validity
|
||||||
if not env['QUERY_STRING']:
|
if not env['QUERY_STRING']:
|
||||||
return None
|
return None
|
||||||
query = self._parse_qs(env['QUERY_STRING'])
|
query = self._parse_qs(env['QUERY_STRING'])
|
||||||
if query.has_key('token'):
|
if query.has_key('token') and query['token']:
|
||||||
try:
|
try:
|
||||||
token = query['token']
|
token = query['token']
|
||||||
token = base64.b64decode(token)
|
token = base64.b64decode(token)
|
||||||
|
@ -91,23 +92,23 @@ class VincennesAuth(AuthForm):
|
||||||
logger.debug('Trying to auto log user on %s' % self.site_name)
|
logger.debug('Trying to auto log user on %s' % self.site_name)
|
||||||
env['beaker.session']['auto_login'] = True
|
env['beaker.session']['auto_login'] = True
|
||||||
env['beaker.session'].save()
|
env['beaker.session'].save()
|
||||||
login = self.get_current_login(env)
|
unique_id = self.get_current_unique_id(env)
|
||||||
if env['beaker.session'].has_key('next_url'):
|
if env['beaker.session'].has_key('next_url'):
|
||||||
path = env['beaker.session']['next_url']
|
path = env['beaker.session']['next_url']
|
||||||
else:
|
else:
|
||||||
logger.warning('Auto login without mandaye_next_url automatically redirect to /')
|
logger.warning('Auto login without mandaye_next_url automatically redirect to /')
|
||||||
path = '/'
|
path = '/'
|
||||||
if not login:
|
if not unique_id:
|
||||||
logger.debug('Auto login failed because the user is not connected on vincennes.fr')
|
logger.debug('Auto login failed because the user is not connected on vincennes.fr')
|
||||||
return _302(path, request.cookies)
|
return _302(path, request.cookies)
|
||||||
env['beaker.session']['unique_id'] = unique_id
|
env['beaker.session']['unique_id'] = unique_id
|
||||||
env['beaker.session'].save()
|
env['beaker.session'].save()
|
||||||
ext_user = sql_session().query(ExtUser).\
|
ext_user = sql_session().query(SPUser).\
|
||||||
join(LocalUser).\
|
join(IDPUser).\
|
||||||
join(Site).\
|
join(ServiceProvider).\
|
||||||
filter(LocalUser.login==login).\
|
filter(IDPUser.unique_id==unique_id).\
|
||||||
filter(Site.name==self.site_name).\
|
filter(ServiceProvider.name==self.site_name).\
|
||||||
order_by(ExtUser.last_connection.desc()).\
|
order_by(SPUser.last_connection.desc()).\
|
||||||
first()
|
first()
|
||||||
if not ext_user:
|
if not ext_user:
|
||||||
logger.debug("No association found redirect to the association page %s" % values.get('associate_url'))
|
logger.debug("No association found redirect to the association page %s" % values.get('associate_url'))
|
||||||
|
@ -115,7 +116,7 @@ class VincennesAuth(AuthForm):
|
||||||
return _302(values.get('associate_url') + "?type=first&next_url=%s" % path)
|
return _302(values.get('associate_url') + "?type=first&next_url=%s" % path)
|
||||||
else:
|
else:
|
||||||
response = self._login_ext_user(ext_user, env, condition, values)
|
response = self._login_ext_user(ext_user, env, condition, values)
|
||||||
logger.info("User %s has been successfully auto login on %s" % (login, self.site_name))
|
logger.info("User %s has been successfully auto login on %s" % (unique_id, self.site_name))
|
||||||
return _302(path, response.cookies)
|
return _302(path, response.cookies)
|
||||||
|
|
||||||
def auto_connection(self, env, values, request, response):
|
def auto_connection(self, env, values, request, response):
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
import os
|
import os
|
||||||
|
|
||||||
|
@ -46,11 +45,15 @@ data_dir = os.path.join(_PROJECT_PATH, 'data')
|
||||||
|
|
||||||
# Email notification configuration
|
# Email notification configuration
|
||||||
email_notification = False
|
email_notification = False
|
||||||
|
email_prefix = '[Mandaye CAM]'
|
||||||
smtp_host = 'localhost'
|
smtp_host = 'localhost'
|
||||||
smtp_port = 25
|
smtp_port = 25
|
||||||
email_from = 'traceback@entrouvert.com'
|
email_from = 'traceback@entrouvert.com'
|
||||||
email_to = ['admin@localhost']
|
email_to = ['admin@localhost']
|
||||||
|
|
||||||
|
# platform : should be prod, recette or dev
|
||||||
|
platform = "prod"
|
||||||
|
|
||||||
# Use long traceback with xtraceback
|
# Use long traceback with xtraceback
|
||||||
use_long_trace = True
|
use_long_trace = True
|
||||||
|
|
||||||
|
@ -81,6 +84,54 @@ ssl = False
|
||||||
keyfile = ''
|
keyfile = ''
|
||||||
certfile = ''
|
certfile = ''
|
||||||
|
|
||||||
|
SAML_SIGNATURE_PUBLIC_KEY = '''-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDIzCCAgugAwIBAgIJANUBoick1pDpMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
|
||||||
|
BAoTCkVudHJvdXZlcnQwHhcNMTAxMjE0MTUzMzAyWhcNMTEwMTEzMTUzMzAyWjAV
|
||||||
|
MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
||||||
|
CgKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZn9Kqm4Cp
|
||||||
|
06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrUH8QT8NGh
|
||||||
|
ABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59xihSqsoFr
|
||||||
|
kmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9Hri8JRdXi
|
||||||
|
VT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziazZfvvw/VG
|
||||||
|
Tm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABo3YwdDAdBgNVHQ4EFgQUeF8ePnu0
|
||||||
|
fcAK50iBQDgAhHkOu8kwRQYDVR0jBD4wPIAUeF8ePnu0fcAK50iBQDgAhHkOu8mh
|
||||||
|
GaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQDVAaInJNaQ6TAMBgNVHRMEBTAD
|
||||||
|
AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAy8l3GhUtpPHx0FxzbRHVaaUSgMwYKGPhE
|
||||||
|
IdGhqekKUJIx8et4xpEMFBl5XQjBNq/mp5vO3SPb2h2PVSks7xWnG3cvEkqJSOeo
|
||||||
|
fEEhkqnM45b2MH1S5uxp4i8UilPG6kmQiXU2rEUBdRk9xnRWos7epVivTSIv1Ncp
|
||||||
|
lG6l41SXp6YgIb2ToT+rOKdIGIQuGDlzeR88fDxWEU0vEujZv/v1PE1YOV0xKjTT
|
||||||
|
JumlBc6IViKhJeo1wiBBrVRIIkKKevHKQzteK8pWm9CYWculxT26TZ4VWzGbo06j
|
||||||
|
o2zbumirrLLqnt1gmBDvDvlOwC/zAAyL4chbz66eQHTiIYZZvYgy
|
||||||
|
-----END CERTIFICATE-----'''
|
||||||
|
|
||||||
|
SAML_SIGNATURE_PRIVATE_KEY = '''-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIIEpAIBAAKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZ
|
||||||
|
n9Kqm4Cp06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrU
|
||||||
|
H8QT8NGhABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59x
|
||||||
|
ihSqsoFrkmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9H
|
||||||
|
ri8JRdXiVT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziaz
|
||||||
|
Zfvvw/VGTm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABAoIBAQCj8t2iKXya10HG
|
||||||
|
V6Saaeih8aftoLBV38VwFqqjPU0+iKqDpk2JSXBhjI6s7uFIsaTNJpR2Ga1qvns1
|
||||||
|
hJQEDMQSLhJvXfBgSkHylRWCpJentr4E3D7mnw5pRsd61Ev9U+uHcdv/WHP4K5hM
|
||||||
|
xsdiwXNXD/RYd1Q1+6bKrCuvnNJVmWe0/RV+r3T8Ni5xdMVFbRWt/VEoE620XX6c
|
||||||
|
a9TQPiA5i/LRVyie+js7Yv+hVjGOlArtuLs6ECQsivfPrqKLOBRWcofKdcf+4N2e
|
||||||
|
3cieUqwzC15C31vcMliD9Hax9c1iuTt9Q3Xzo20fOSazAnQ5YBEExyTtrFBwbfQu
|
||||||
|
ku6hp81pAoGBAN6bc6iJtk5ipYpsaY4ZlbqdjjG9KEXB6G1MExPU7SHXOhOF0cDH
|
||||||
|
/pgMsv9hF2my863MowsOj3OryVhdQhwA6RrV263LRh+JU8NyHV71BwAIfI0BuVfj
|
||||||
|
6r24KudwtUcvMr9pJIrJyMAMaw5ZyNoX7YqFpS6fcisSJYdSBSoxzrzVAoGBANu6
|
||||||
|
xVeMqGavA/EHSOQP3ipDZ3mnWbkDUDxpNhgJG8Q6lZiwKwLoSceJ8z0PNY3VetGA
|
||||||
|
RbqtqBGfR2mcxHyzeqVBpLnXZC4vs/Vy7lrzTiHDRZk2SG5EkHMSKFA53jN6S/nJ
|
||||||
|
JWpYZC8lG8w4OHaUfDHFWbptxdGYCgY4//sjeiuXAoGBANuhurJ99R5PnA8AOgEW
|
||||||
|
4zD1hLc0b4ir8fvshCIcAj9SUB20+afgayRv2ye3Dted1WkUL4WYPxccVhLWKITi
|
||||||
|
rRtqB03o8m3pG3kJnUr0LIzu0px5J/o8iH3ZOJOTE3iBa+uI/KHmxygc2H+XPGFa
|
||||||
|
HGeAxuJCNO2kAN0Losbnz5dlAoGAVsCn94gGWPxSjxA0PC7zpTYVnZdwOjbPr/pO
|
||||||
|
LDE0cEY9GBq98JjrwEd77KibmVMm+Z4uaaT0jXiYhl8pyJ5IFwUS13juCbo1z/u/
|
||||||
|
ldMoDvZ8/R/MexTA/1204u/mBecMJiO/jPw3GdIJ5phv2omHe1MSuSNsDfN8Sbap
|
||||||
|
gmsgaiMCgYB/nrTk89Fp7050VKCNnIt1mHAcO9cBwDV8qrJ5O3rIVmrg1T6vn0aY
|
||||||
|
wRiVcNacaP+BivkrMjr4BlsUM6yH4MOBsNhLURiiCL+tLJV7U0DWlCse/doWij4U
|
||||||
|
TKX6tp6oI+7MIJE6ySZ0cBqOiydAkBePZhu57j6ToBkTa0dbHjn1WA==
|
||||||
|
-----END RSA PRIVATE KEY-----'''
|
||||||
|
|
||||||
# Import local config
|
# Import local config
|
||||||
try:
|
try:
|
||||||
from mandaye_vincennes.local_config import *
|
from mandaye_vincennes.local_config import *
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
|
|
||||||
from mandaye_vincennes.auth.vincennes import VincennesAuth
|
from mandaye.auth.saml2 import SAML2Auth
|
||||||
|
from mandaye.configs import saml2 as saml2_config
|
||||||
|
|
||||||
|
from mandaye_vincennes import config
|
||||||
from mandaye_vincennes.filters import vincennes
|
from mandaye_vincennes.filters import vincennes
|
||||||
|
|
||||||
form_values = {
|
form_values = {
|
||||||
|
@ -10,7 +13,12 @@ form_values = {
|
||||||
'password_field': 'password',
|
'password_field': 'password',
|
||||||
}
|
}
|
||||||
|
|
||||||
auth = VincennesAuth(form_values, 'biblio', 'https://www.vincennes.fr/comptecitoyen/auth')
|
saml2_config.IDP_METADATA = "https://sso.vincennes.dev2.entrouvert.org/idp/saml2/metadata"
|
||||||
|
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
|
||||||
|
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
|
||||||
|
|
||||||
|
|
||||||
|
auth = SAML2Auth(form_values, 'biblio', saml2_config)
|
||||||
filters = vincennes.Biblio()
|
filters = vincennes.Biblio()
|
||||||
|
|
||||||
biblio_mapping = [
|
biblio_mapping = [
|
||||||
|
@ -20,15 +28,9 @@ biblio_mapping = [
|
||||||
{
|
{
|
||||||
'filter': filters.resp_html,
|
'filter': filters.resp_html,
|
||||||
'content-types': ['application/x-javascript', 'text/html', 'text/css'],
|
'content-types': ['application/x-javascript', 'text/html', 'text/css'],
|
||||||
|
'decompress': False,
|
||||||
},
|
},
|
||||||
{
|
],
|
||||||
'filter': auth.auto_connection,
|
|
||||||
'values': {
|
|
||||||
'next_url': '/mandaye/auto_login',
|
|
||||||
'empty_referer': True,
|
|
||||||
'autologin_from': 'www.vincennes.fr'
|
|
||||||
}
|
|
||||||
}],
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
'path': r'/sezhame',
|
'path': r'/sezhame',
|
||||||
|
|
|
@ -10,7 +10,7 @@ from mandaye.log import logger
|
||||||
from mandaye.response import _302, _401
|
from mandaye.response import _302, _401
|
||||||
from mandaye.template import serve_template
|
from mandaye.template import serve_template
|
||||||
|
|
||||||
from mandaye.backend.default import ManagerSPUser
|
from mandaye.backends.default import ManagerSPUser
|
||||||
|
|
||||||
def get_associate_form(env, values):
|
def get_associate_form(env, values):
|
||||||
""" Return association template content
|
""" Return association template content
|
||||||
|
@ -61,7 +61,6 @@ def get_multi_template(env, values, current_account):
|
||||||
return template
|
return template
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
|
||||||
class Biblio:
|
class Biblio:
|
||||||
|
|
||||||
def resp_html_login_page(self, env, values, request, response):
|
def resp_html_login_page(self, env, values, request, response):
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
2013-10-27 21:51:52 INFO CAM rp start
|
|
||||||
2013-10-27 21:52:48 INFO CAM rp start
|
|
|
@ -5,7 +5,7 @@
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import os
|
import os
|
||||||
os.environ['MANDAYE_CONFIG_MODULE'] = 'cam.config'
|
os.environ['MANDAYE_CONFIG_MODULE'] = 'mandaye_vincennes.config'
|
||||||
|
|
||||||
import base64
|
import base64
|
||||||
|
|
||||||
|
@ -67,11 +67,10 @@ def main():
|
||||||
command.upgrade(alembic_cfg, "head")
|
command.upgrade(alembic_cfg, "head")
|
||||||
logger.info("Database upgraded")
|
logger.info("Database upgraded")
|
||||||
if options.cryptpwd:
|
if options.cryptpwd:
|
||||||
pass
|
from mandaye.backends.default import ManagerSPUser
|
||||||
#from mandaye.backends.default import ManagerSPUser
|
for user in ManagerSPUser.all():
|
||||||
#for user in ManagerSPUser.all():
|
user.password = encrypt_pwd(user.password)
|
||||||
# user.password = encrypt_pwd(user.password)
|
ManagerSPUser.save()
|
||||||
#ManagerSPUser.save()
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
main()
|
main()
|
||||||
|
|
Reference in New Issue