migrate to mandaye 0.8
This commit is contained in:
parent
7c2d54f0ca
commit
8fb3be4e74
|
@ -0,0 +1,11 @@
|
|||
{
|
||||
"site_name": "biblio",
|
||||
"server_name": ["biblio.local:8000"],
|
||||
"location": "/",
|
||||
"target": "http://biblio.vincennes.fr",
|
||||
"mapper": "biblio",
|
||||
"auth_type": "saml2",
|
||||
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
|
||||
"saml2_signature_public_key": "certs/saml.crt",
|
||||
"saml2_signature_private_key": "certs/saml.key"
|
||||
}
|
|
@ -0,0 +1,9 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdbs+ZLkuz0DISpAKhHn
|
||||
WvNBSW4G0xmlUyZcjUWDQlJH7wC3yxhjioQ2oFpxqcuNf5ft/E1E5KUTqZhcKyX9
|
||||
i7XCmhPoea/fmYH3Egxbucv7++sM+TyZpUWbA0TZHBYAjcUPR/1HTcEz3bl0SqB0
|
||||
EdjhN5PpXPu1p4pGDPXc4aIkEpFU3mlK+TlV5SrivEqNS/SI14VA9g2WWdJk4+CK
|
||||
PgozCfeiFtaiu2zem4uQSmd5AG0f0Av4jzxgut22owFYi9PV+Yl0cWoMOUphAwsR
|
||||
RE4gckEqbhLYluAy+VglgzfT4YCXBQ6o23EH0Z0tW28KnIYEY4dQkLca9YRAKhHc
|
||||
ywIDAQAB
|
||||
-----END PUBLIC KEY-----
|
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAxdbs+ZLkuz0DISpAKhHnWvNBSW4G0xmlUyZcjUWDQlJH7wC3
|
||||
yxhjioQ2oFpxqcuNf5ft/E1E5KUTqZhcKyX9i7XCmhPoea/fmYH3Egxbucv7++sM
|
||||
+TyZpUWbA0TZHBYAjcUPR/1HTcEz3bl0SqB0EdjhN5PpXPu1p4pGDPXc4aIkEpFU
|
||||
3mlK+TlV5SrivEqNS/SI14VA9g2WWdJk4+CKPgozCfeiFtaiu2zem4uQSmd5AG0f
|
||||
0Av4jzxgut22owFYi9PV+Yl0cWoMOUphAwsRRE4gckEqbhLYluAy+VglgzfT4YCX
|
||||
BQ6o23EH0Z0tW28KnIYEY4dQkLca9YRAKhHcywIDAQABAoIBAHS7XPXhW36zAD64
|
||||
XEW2bKj4cOQvvG0ga7EFKITeqBUg0XrPFKMMD+eyHT0+QGSsSyAm9+/vc5/pWxGt
|
||||
aWy4LMMbiug4qOnsAOXljm+ixRh6qIK67Nu+ivW+fTlPjT8KKGd+B4c1hbX2MnE4
|
||||
NMq3o+TH8BNH/eC0UDm715tcEmk6pUSBH3lq3CG7W1TyVjC3FGJcjBAj/X6J45lE
|
||||
skJHt9d67KG/MwmzuyoI+U9q2b3jSzoIGzzQQaOItGx3OefRjqWeUyDlUWobuFNV
|
||||
Lky+XjmOFJC0voQsUiV2mBSJejHmfuLjJfE+W/HrRc3YwftxCp+emaFshs56U4Ob
|
||||
UWu2F9kCgYEA7livJ1nYhHVyYueX6kWKTkBCzcwQO0agLsuYpspDjKGqgUOlFHXW
|
||||
9CS+DPi/r086iRYLwmGuaFAnNQJqS3ofjowj9/iZCGD/qe6jj9zMmokWDl1FALYe
|
||||
jT3Eg1HLfhe8hddA815yheL5uIVw3t34TTaQuokN86nkcv/bJ53SW4UCgYEA1H4v
|
||||
jk88pCNnADqmAnXNbuhPK+w6llre159vtStgKaJrcCZiTejFVpffpdp1b8hU21S2
|
||||
lg/FgXHgvrdfwq+uZ+lRNJGyCX3mqe3uXWn6d42A/7tgmRDW4NXtxwelV8MTpwHw
|
||||
nS4hwmDyLyYMupyBlw5Iv7N3XmDBJu/tsEPMgA8CgYBP5MpRlnxNalD9dkQl80l5
|
||||
EXFTKqQGOpZXGUgCIKqj6U0OJ26efSGglPBfyMH4McadTRaEAdpEfRmnWzfmNPl+
|
||||
/trPtDUX6evJOoT5JDoxUuJhzkHjCykSjzHgEvrzOWGoO486BN6+omayw4giLKWe
|
||||
vDunS2mx07EQG1OK5AwvQQKBgCZY21YwQH5SkTz+WIUrIza3n8oKaIxHu91nvW4R
|
||||
dNouoHrtwmHS9wHoiIjSwsy4d2/ZetXb5MW2eluQlix5Ld08wtXc0SdbXCwgbxrW
|
||||
jEfU9omwE/+rhUuv76gyXglXgA1skTKcZ6U/f5U4paVrpwtOnZxS0+DpTxIqzFc5
|
||||
9QbLAoGAeqLr0vm4SKnvtwK9F/Q784Rc8Ygq56vUcQIZ81yL4BsE0h6fuTHcSq+H
|
||||
NhO5mQFr+CcitGDE48/CRxfw1HYpk+KOtRzY+EdKGAKEu26sUSh7GNCw3TkOvPTo
|
||||
E/RgydWsPwjJBDp03z87cITfaoyqoIWLtEmUTeDY8m5dGu0EBzk=
|
||||
-----END RSA PRIVATE KEY-----
|
|
@ -0,0 +1,11 @@
|
|||
{
|
||||
"site_name": "duonet",
|
||||
"server_name": ["conservatoire.local:8000"],
|
||||
"location": "/",
|
||||
"target": "https://extranet.duonet.fr",
|
||||
"mapper": "duonet",
|
||||
"auth_type": "saml2",
|
||||
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
|
||||
"saml2_signature_public_key": "certs/saml.crt",
|
||||
"saml2_signature_private_key": "certs/saml.key"
|
||||
}
|
|
@ -0,0 +1,11 @@
|
|||
{
|
||||
"site_name": "espace_famille",
|
||||
"server_name": ["espace-famille.local:8000"],
|
||||
"location": "/",
|
||||
"target": "https://vincennes-noredirect.espace-famille.net",
|
||||
"mapper": "espace_famille",
|
||||
"auth_type": "saml2_espace_famille",
|
||||
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
|
||||
"saml2_signature_public_key": "certs/saml.crt",
|
||||
"saml2_signature_private_key": "certs/saml.key"
|
||||
}
|
|
@ -3,16 +3,6 @@ import os
|
|||
|
||||
_PROJECT_PATH = os.path.join(os.path.dirname(__file__), '..')
|
||||
|
||||
## Virtual hosts configuration
|
||||
hosts = {
|
||||
'linuxfr.local:8000': [
|
||||
{'path': r'/',
|
||||
'target': 'http://linuxfr.org',
|
||||
'mapping': 'mandaye.configs.linuxfr_saml_example.linuxfr_mapping'
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
## SQL Backend config
|
||||
# Database configuration
|
||||
# http://docs.sqlalchemy.org/en/rel_0_7/core/engines.html
|
||||
|
@ -20,22 +10,60 @@ hosts = {
|
|||
# dialect+driver://username:password@host:port/database
|
||||
db_url = 'sqlite:///' + os.path.join(_PROJECT_PATH, 'test.db')
|
||||
|
||||
## Log configuration
|
||||
debug = False
|
||||
syslog = False
|
||||
log_file = os.path.join(_PROJECT_PATH, 'mandaye_vincennes/mandaye_mandaye_vincennes.log')
|
||||
log_level = logging.INFO
|
||||
# Log rotation
|
||||
# W[0-6] : weekly (0: Monday), D: day, ... (python doc)
|
||||
log_when = 'W6'
|
||||
# Every week
|
||||
log_interval = 1
|
||||
# BackupCount (keep one year of log)
|
||||
log_backup = 52
|
||||
|
||||
## Log configuration
|
||||
LOGGING = {
|
||||
'version': 1,
|
||||
'disable_existing_loggers': True,
|
||||
|
||||
'formatters': {
|
||||
'console': {
|
||||
'format': '%(asctime)s %(levelname)s %(message)s',
|
||||
'datefmt': '%H:%M:%S',
|
||||
},
|
||||
'file': {
|
||||
'format': '%(asctime)s %(levelname)s %(uuid)s %(message)s',
|
||||
'datefmt': '%Y-%m-%d %H:%M:%S'
|
||||
}
|
||||
},
|
||||
'handlers': {
|
||||
'console': {
|
||||
'level': 'DEBUG',
|
||||
'class': 'logging.StreamHandler',
|
||||
'formatter': 'console'
|
||||
},
|
||||
'syslog': {
|
||||
'level': 'INFO',
|
||||
'class': 'entrouvert.logging.handlers.SysLogHandler',
|
||||
'formatter': 'file',
|
||||
'address': '/dev/log'
|
||||
},
|
||||
},
|
||||
'loggers': {
|
||||
'': {
|
||||
'handlers': ['console'],
|
||||
'level': 'DEBUG',
|
||||
'propagate': False,
|
||||
},
|
||||
'mandaye': {
|
||||
'handlers': ['console', 'syslog'],
|
||||
'level': 'DEBUG',
|
||||
'propagate': False,
|
||||
},
|
||||
'mandaye_vincennes': {
|
||||
'handlers': ['console', 'syslog'],
|
||||
'level': 'DEBUG',
|
||||
'propagate': False,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
## PATH
|
||||
# Template directory
|
||||
template_directory = os.path.join(_PROJECT_PATH, 'mandaye_vincennes/templates')
|
||||
# Configuration directory
|
||||
config_root = os.path.join(_PROJECT_PATH, 'conf.d')
|
||||
# Static url
|
||||
static_url = '/mandaye/static'
|
||||
# Static folder
|
||||
|
@ -43,6 +71,9 @@ static_root = os.path.join(_PROJECT_PATH, 'mandaye_vincennes/static')
|
|||
# Data dir
|
||||
data_dir = os.path.join(_PROJECT_PATH, 'data')
|
||||
|
||||
# Raven Sentry configuration
|
||||
raven_dsn = None
|
||||
|
||||
# Email notification configuration
|
||||
email_notification = False
|
||||
email_prefix = '[Mandaye CAM]'
|
||||
|
@ -51,9 +82,6 @@ smtp_port = 25
|
|||
email_from = 'traceback@entrouvert.com'
|
||||
email_to = ['admin@localhost']
|
||||
|
||||
# platform : should be prod, recette or dev
|
||||
platform = "prod"
|
||||
|
||||
# Use long traceback with xtraceback
|
||||
use_long_trace = True
|
||||
|
||||
|
@ -75,62 +103,23 @@ session_opts = {
|
|||
'session.data_dir': '/var/tmp/beaker'
|
||||
}
|
||||
|
||||
# Supported authentification
|
||||
authentifications = {
|
||||
'saml2': 'mandaye.auth.saml2.SAML2Auth',
|
||||
'saml2_espace_famille': 'mandaye_vincennes.auth.espacefamille.EspaceFamilleAuth'
|
||||
}
|
||||
|
||||
# sp mappers
|
||||
mappers = {
|
||||
'biblio': 'mandaye_vincennes.mappers.biblio_vincennes',
|
||||
'duonet': 'mandaye_vincennes.mappers.duonet_vincennes',
|
||||
'espace_famille': 'mandaye_vincennes.mappers.famille_vincennes',
|
||||
}
|
||||
|
||||
# Choose storage
|
||||
# Only mandaye.backends.sql at the moment
|
||||
storage_backend = "mandaye.backends.sql"
|
||||
|
||||
# Needed if ssl is activated
|
||||
ssl = False
|
||||
keyfile = ''
|
||||
certfile = ''
|
||||
|
||||
SAML_SIGNATURE_PUBLIC_KEY = '''-----BEGIN CERTIFICATE-----
|
||||
MIIDIzCCAgugAwIBAgIJANUBoick1pDpMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
|
||||
BAoTCkVudHJvdXZlcnQwHhcNMTAxMjE0MTUzMzAyWhcNMTEwMTEzMTUzMzAyWjAV
|
||||
MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
||||
CgKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZn9Kqm4Cp
|
||||
06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrUH8QT8NGh
|
||||
ABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59xihSqsoFr
|
||||
kmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9Hri8JRdXi
|
||||
VT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziazZfvvw/VG
|
||||
Tm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABo3YwdDAdBgNVHQ4EFgQUeF8ePnu0
|
||||
fcAK50iBQDgAhHkOu8kwRQYDVR0jBD4wPIAUeF8ePnu0fcAK50iBQDgAhHkOu8mh
|
||||
GaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQDVAaInJNaQ6TAMBgNVHRMEBTAD
|
||||
AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAy8l3GhUtpPHx0FxzbRHVaaUSgMwYKGPhE
|
||||
IdGhqekKUJIx8et4xpEMFBl5XQjBNq/mp5vO3SPb2h2PVSks7xWnG3cvEkqJSOeo
|
||||
fEEhkqnM45b2MH1S5uxp4i8UilPG6kmQiXU2rEUBdRk9xnRWos7epVivTSIv1Ncp
|
||||
lG6l41SXp6YgIb2ToT+rOKdIGIQuGDlzeR88fDxWEU0vEujZv/v1PE1YOV0xKjTT
|
||||
JumlBc6IViKhJeo1wiBBrVRIIkKKevHKQzteK8pWm9CYWculxT26TZ4VWzGbo06j
|
||||
o2zbumirrLLqnt1gmBDvDvlOwC/zAAyL4chbz66eQHTiIYZZvYgy
|
||||
-----END CERTIFICATE-----'''
|
||||
|
||||
SAML_SIGNATURE_PRIVATE_KEY = '''-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZ
|
||||
n9Kqm4Cp06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrU
|
||||
H8QT8NGhABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59x
|
||||
ihSqsoFrkmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9H
|
||||
ri8JRdXiVT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziaz
|
||||
Zfvvw/VGTm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABAoIBAQCj8t2iKXya10HG
|
||||
V6Saaeih8aftoLBV38VwFqqjPU0+iKqDpk2JSXBhjI6s7uFIsaTNJpR2Ga1qvns1
|
||||
hJQEDMQSLhJvXfBgSkHylRWCpJentr4E3D7mnw5pRsd61Ev9U+uHcdv/WHP4K5hM
|
||||
xsdiwXNXD/RYd1Q1+6bKrCuvnNJVmWe0/RV+r3T8Ni5xdMVFbRWt/VEoE620XX6c
|
||||
a9TQPiA5i/LRVyie+js7Yv+hVjGOlArtuLs6ECQsivfPrqKLOBRWcofKdcf+4N2e
|
||||
3cieUqwzC15C31vcMliD9Hax9c1iuTt9Q3Xzo20fOSazAnQ5YBEExyTtrFBwbfQu
|
||||
ku6hp81pAoGBAN6bc6iJtk5ipYpsaY4ZlbqdjjG9KEXB6G1MExPU7SHXOhOF0cDH
|
||||
/pgMsv9hF2my863MowsOj3OryVhdQhwA6RrV263LRh+JU8NyHV71BwAIfI0BuVfj
|
||||
6r24KudwtUcvMr9pJIrJyMAMaw5ZyNoX7YqFpS6fcisSJYdSBSoxzrzVAoGBANu6
|
||||
xVeMqGavA/EHSOQP3ipDZ3mnWbkDUDxpNhgJG8Q6lZiwKwLoSceJ8z0PNY3VetGA
|
||||
RbqtqBGfR2mcxHyzeqVBpLnXZC4vs/Vy7lrzTiHDRZk2SG5EkHMSKFA53jN6S/nJ
|
||||
JWpYZC8lG8w4OHaUfDHFWbptxdGYCgY4//sjeiuXAoGBANuhurJ99R5PnA8AOgEW
|
||||
4zD1hLc0b4ir8fvshCIcAj9SUB20+afgayRv2ye3Dted1WkUL4WYPxccVhLWKITi
|
||||
rRtqB03o8m3pG3kJnUr0LIzu0px5J/o8iH3ZOJOTE3iBa+uI/KHmxygc2H+XPGFa
|
||||
HGeAxuJCNO2kAN0Losbnz5dlAoGAVsCn94gGWPxSjxA0PC7zpTYVnZdwOjbPr/pO
|
||||
LDE0cEY9GBq98JjrwEd77KibmVMm+Z4uaaT0jXiYhl8pyJ5IFwUS13juCbo1z/u/
|
||||
ldMoDvZ8/R/MexTA/1204u/mBecMJiO/jPw3GdIJ5phv2omHe1MSuSNsDfN8Sbap
|
||||
gmsgaiMCgYB/nrTk89Fp7050VKCNnIt1mHAcO9cBwDV8qrJ5O3rIVmrg1T6vn0aY
|
||||
wRiVcNacaP+BivkrMjr4BlsUM6yH4MOBsNhLURiiCL+tLJV7U0DWlCse/doWij4U
|
||||
TKX6tp6oI+7MIJE6ySZ0cBqOiydAkBePZhu57j6ToBkTa0dbHjn1WA==
|
||||
-----END RSA PRIVATE KEY-----'''
|
||||
|
||||
# Import local config
|
||||
try:
|
||||
|
|
|
@ -1,186 +0,0 @@
|
|||
|
||||
from mandaye.auth.saml2 import SAML2Auth
|
||||
from mandaye.configs import saml2 as saml2_config
|
||||
|
||||
from mandaye_vincennes import config
|
||||
from mandaye_vincennes.filters import vincennes
|
||||
|
||||
form_values = {
|
||||
'post_url': '/sezhame/page/connexion-abonne?destination=user',
|
||||
'login_url': '/sezhame/page/connexion-abonne',
|
||||
'form_attrs': { 'id': 'dk-opac15-login-form', },
|
||||
'post_fields': ['user', 'password'],
|
||||
'username_field': 'user',
|
||||
'password_field': 'password',
|
||||
}
|
||||
|
||||
saml2_config.IDP_METADATA = "https://sso-vincennes.dev.entrouvert.org/idp/saml2/metadata"
|
||||
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
|
||||
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
|
||||
saml2_config.SP_LOGOUT_URL = "/sezhame/logout"
|
||||
|
||||
|
||||
auth = SAML2Auth(form_values, 'biblio', saml2_config)
|
||||
filters = vincennes.Biblio()
|
||||
|
||||
biblio_mapping = [
|
||||
{
|
||||
'path': r'/(?!/*mandaye)',
|
||||
'on_response': [
|
||||
{
|
||||
'filter': filters.resp_html,
|
||||
'content-types': ['application/x-javascript', 'text/html', 'text/css'],
|
||||
'decompress': False,
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
'path': r'/sezhame',
|
||||
'on_response': [{
|
||||
'filter': filters.resp_multicompte_html,
|
||||
'content-types': ['text/html'],
|
||||
'values': {
|
||||
'associate_url': '/mandaye/associate',
|
||||
'template': 'biblio/multicompte.html',
|
||||
'nosso_template': 'biblio/nosso.html',
|
||||
'site_name': 'biblio'
|
||||
},
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/login$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.login,
|
||||
'values': {
|
||||
'associate_url': '/mandaye/associate',
|
||||
},
|
||||
'condition': 'response.code==302',
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/sso$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.sso,
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/slo$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.slo,
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['metadata'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.metadata,
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_sign_on_post'],
|
||||
'method': 'POST',
|
||||
'response': [{
|
||||
'filter': auth.single_sign_on_post,
|
||||
'values': {
|
||||
'login_url': '/mandaye/login',
|
||||
'next_url': '/sezhame'
|
||||
}
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.single_logout,
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout_return'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.single_logout_return,
|
||||
'values': {
|
||||
'next_url': '/shezame'
|
||||
}
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/associate$',
|
||||
'method': 'GET',
|
||||
'target': '/sezhame/page/connexion-abonne',
|
||||
'on_response': [{
|
||||
'filter': filters.resp_associate_login,
|
||||
'values': {
|
||||
'action': '/mandaye/associate',
|
||||
'template': 'biblio/associate.html',
|
||||
'badlogin_msg': "Numéro de carte ou/et mot de passe incorrects",
|
||||
'failed_msg': "Vos identifiants pour la bibliothèque ne fonctionnent plus ! Merci de les ressaisir.",
|
||||
},
|
||||
},
|
||||
{
|
||||
'filter': filters.resp_multicompte_html,
|
||||
'values': {
|
||||
'associate_url': '/mandaye/associate',
|
||||
'template': 'biblio/multicompte.html',
|
||||
'nosso_template': 'biblio/nosso.html',
|
||||
'site_name': 'biblio'
|
||||
},
|
||||
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/associate$',
|
||||
'method': 'POST',
|
||||
'response': [
|
||||
{
|
||||
'filter': auth.associate_submit,
|
||||
'values': {
|
||||
'connection_url': '/mandaye/sso',
|
||||
'associate_url': '/mandaye/associate',
|
||||
},
|
||||
'condition': "response.code==302"
|
||||
},
|
||||
]
|
||||
},
|
||||
{
|
||||
'path': r'/sezhame/page/connexion-abonne$',
|
||||
'method': 'GET',
|
||||
'on_response': [{
|
||||
'filter': filters.resp_html_login_page,
|
||||
'values': {
|
||||
'connection_url': '/mandaye/sso',
|
||||
'template': 'biblio/login.html',
|
||||
'title': 'Connexion via votre compte citoyen'
|
||||
}
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/change_user$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.change_user,
|
||||
'values': {
|
||||
'associate_url': '/mandaye/associate',
|
||||
},
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/disassociate$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.disassociate,
|
||||
'values': {
|
||||
'next_url': '/sezhame',
|
||||
},
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/sezhame/logout$',
|
||||
'on_response': [{'filter': auth.slo}]
|
||||
},
|
||||
]
|
||||
|
||||
|
|
@ -85,7 +85,7 @@ class Biblio:
|
|||
This fix the fucking absolute url of the biblio site
|
||||
"""
|
||||
if response.msg:
|
||||
response.msg = response.msg.replace(env["target"].geturl(),
|
||||
response.msg = response.msg.replace(str(env["target"].geturl()),
|
||||
'%s://%s' % (env["mandaye.scheme"], env["HTTP_HOST"]))
|
||||
if env["mandaye.scheme"] == 'https':
|
||||
response.msg = response.msg.replace('http://' + env["HTTP_HOST"],
|
||||
|
|
|
@ -0,0 +1,163 @@
|
|||
|
||||
from mandaye.auth.saml2 import END_POINTS_PATH
|
||||
from mandaye_vincennes.filters import vincennes
|
||||
|
||||
form_values = {
|
||||
'post_url': '/sezhame/page/connexion-abonne?destination=user',
|
||||
'login_url': '/sezhame/page/connexion-abonne',
|
||||
'form_attrs': { 'id': 'dk-opac15-login-form', },
|
||||
'post_fields': ['user', 'password'],
|
||||
'username_field': 'user',
|
||||
'password_field': 'password',
|
||||
}
|
||||
|
||||
filters = vincennes.Biblio()
|
||||
|
||||
urls = {
|
||||
'login_url': '/mandaye/login',
|
||||
'connection_url': '/mandaye/sso',
|
||||
'associate_url': '/mandaye/associate',
|
||||
}
|
||||
|
||||
mapping = [
|
||||
{
|
||||
'path': r'/(?!/*mandaye)',
|
||||
'on_response': [
|
||||
{
|
||||
'filter': filters.resp_html,
|
||||
'content-types': ['application/x-javascript', 'text/html', 'text/css'],
|
||||
'decompress': False,
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
'path': r'/sezhame',
|
||||
'on_response': [{
|
||||
'filter': filters.resp_multicompte_html,
|
||||
'content-types': ['text/html'],
|
||||
'values': {
|
||||
'associate_url': '/mandaye/associate',
|
||||
'template': 'biblio/multicompte.html',
|
||||
'nosso_template': 'biblio/nosso.html',
|
||||
'site_name': 'biblio'
|
||||
},
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/login$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'login',
|
||||
'condition': 'response.code==302',
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/sso$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'sso',
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/slo$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'slo',
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % END_POINTS_PATH['single_sign_on_post'],
|
||||
'method': 'POST',
|
||||
'response': [{
|
||||
'auth': 'single_sign_on_post',
|
||||
'values': {
|
||||
'next_url': '/sezhame'
|
||||
}
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % END_POINTS_PATH['single_logout'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'single_logout',
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % END_POINTS_PATH['single_logout_return'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'single_logout_return',
|
||||
'values': {
|
||||
'next_url': '/shezame'
|
||||
}
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/associate$',
|
||||
'method': 'GET',
|
||||
'target': '/sezhame/page/connexion-abonne',
|
||||
'on_response': [{
|
||||
'filter': filters.resp_associate_login,
|
||||
'values': {
|
||||
'action': '/mandaye/associate',
|
||||
'template': 'biblio/associate.html',
|
||||
'badlogin_msg': "Numéro de carte ou/et mot de passe incorrects",
|
||||
'failed_msg': "Vos identifiants pour la bibliothèque ne fonctionnent plus ! Merci de les ressaisir.",
|
||||
},
|
||||
},
|
||||
{
|
||||
'filter': filters.resp_multicompte_html,
|
||||
'values': {
|
||||
'associate_url': '/mandaye/associate',
|
||||
'template': 'biblio/multicompte.html',
|
||||
'nosso_template': 'biblio/nosso.html',
|
||||
'site_name': 'biblio'
|
||||
},
|
||||
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/associate$',
|
||||
'method': 'POST',
|
||||
'response': [
|
||||
{
|
||||
'auth': 'associate_submit',
|
||||
'condition': "response.code==302"
|
||||
},
|
||||
]
|
||||
},
|
||||
{
|
||||
'path': r'/sezhame/page/connexion-abonne$',
|
||||
'method': 'GET',
|
||||
'on_response': [{
|
||||
'filter': filters.resp_html_login_page,
|
||||
'values': {
|
||||
'connection_url': '/mandaye/sso',
|
||||
'template': 'biblio/login.html',
|
||||
'title': 'Connexion via votre compte citoyen'
|
||||
}
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/change_user$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'change_user',
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/disassociate$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'disassociate',
|
||||
'values': {
|
||||
'next_url': '/sezhame',
|
||||
},
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/sezhame/logout$',
|
||||
'on_response': [{'auth': 'slo'}]
|
||||
},
|
||||
]
|
||||
|
|
@ -1,11 +1,7 @@
|
|||
|
||||
from mandaye.auth.saml2 import SAML2Auth
|
||||
from mandaye.configs import saml2 as saml2_config
|
||||
|
||||
from mandaye_vincennes import config
|
||||
from mandaye.auth.saml2 import END_POINTS_PATH
|
||||
from mandaye_vincennes.filters.vincennes import Duonet
|
||||
|
||||
|
||||
filters = Duonet()
|
||||
duonet_key = 'CV4j27Em0dM%3d'
|
||||
|
||||
|
@ -17,13 +13,13 @@ form_values = {
|
|||
'password_field': 'txtCode'
|
||||
}
|
||||
|
||||
saml2_config.IDP_METADATA = "https://sso-vincennes.dev.entrouvert.org/idp/saml2/metadata"
|
||||
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
|
||||
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
|
||||
urls = {
|
||||
'login_url': '/vincennes/login',
|
||||
'connection_url': '/mandaye/sso',
|
||||
'associate_url': '/associate',
|
||||
}
|
||||
|
||||
auth = SAML2Auth(form_values, 'duonet', saml2_config)
|
||||
|
||||
duonet_mapping = [
|
||||
mapping = [
|
||||
{
|
||||
'path': r'/',
|
||||
'on_response': [
|
||||
|
@ -52,67 +48,39 @@ duonet_mapping = [
|
|||
'path': r'/vincennes/login$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.login,
|
||||
'values': {
|
||||
'associate_url': '/associate',
|
||||
},
|
||||
'auth':'login',
|
||||
'condition': 'response.code==302',
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/associate$',
|
||||
'method': 'GET',
|
||||
'target': '/Connect.aspx?key=%s' % duonet_key,
|
||||
'on_response': [{
|
||||
'filter': filters.resp_associate,
|
||||
'values': {
|
||||
'action': '/associate',
|
||||
'template': 'duonet/associate.html',
|
||||
'badlogin_msg': "Mauvais identifiants",
|
||||
'failed_msg': "Vos identifiants pour le conservatoire ne fonctionnent plus ! Merci de les ressaisir.",
|
||||
},
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/associate$',
|
||||
'method': 'POST',
|
||||
'response': [
|
||||
{
|
||||
'filter': auth.associate_submit,
|
||||
'values': {
|
||||
'connection_url': '/mandaye/sso',
|
||||
'associate_url': '/associate',
|
||||
},
|
||||
'condition': "response.code==302"
|
||||
},
|
||||
]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/sso$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.sso,
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/slo$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.slo,
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['metadata'],
|
||||
'path': r'/associate$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.metadata,
|
||||
'target': '/Connect.aspx?key=%s' % duonet_key,
|
||||
'on_response': [{
|
||||
'filter': filters.resp_associate,
|
||||
'values': {
|
||||
'action': '/associate',
|
||||
'template': 'duonet/associate.html',
|
||||
'badlogin_msg': "Mauvais identifiants",
|
||||
'failed_msg': "Vos identifiants pour le conservatoire ne fonctionnent plus ! Merci de les ressaisir.",
|
||||
},
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_sign_on_post'],
|
||||
'path': r'/associate$',
|
||||
'method': 'POST',
|
||||
'response': [
|
||||
{
|
||||
'auth': 'associate_submit',
|
||||
'condition': "response.code==302"
|
||||
},
|
||||
]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % END_POINTS_PATH['single_sign_on_post'],
|
||||
'method': 'POST',
|
||||
'response': [{
|
||||
'filter': auth.single_sign_on_post,
|
||||
'auth': 'single_sign_on_post',
|
||||
'values': {
|
||||
'login_url': '/vincennes/login',
|
||||
'next_url': '/Default.aspx'
|
||||
|
@ -120,27 +88,42 @@ duonet_mapping = [
|
|||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout'],
|
||||
'path': r'%s$' % END_POINTS_PATH['single_logout'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.single_logout,
|
||||
'auth': 'single_logout',
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout_return'],
|
||||
'path': r'%s$' % END_POINTS_PATH['single_logout_return'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.single_logout_return,
|
||||
'auth': 'single_logout_return',
|
||||
'values': {
|
||||
'next_url': '/Connect.aspx?key=%s' % duonet_key,
|
||||
}
|
||||
}]
|
||||
},
|
||||
|
||||
{
|
||||
'path': r'/mandaye/sso$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'sso',
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/slo$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'auth': 'slo',
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/disassociate$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.disassociate,
|
||||
'auth': 'disassociate',
|
||||
'values': {
|
||||
'next_url': '/',
|
||||
},
|
|
@ -1,8 +1,5 @@
|
|||
|
||||
from mandaye.configs import saml2 as saml2_config
|
||||
|
||||
from mandaye_vincennes import config
|
||||
from mandaye_vincennes.auth.espacefamille import EspaceFamilleAuth
|
||||
from mandaye.auth.saml2 import END_POINTS_PATH
|
||||
from mandaye_vincennes.filters.vincennes import EspaceFamille
|
||||
|
||||
folder_target = '/vincennes-noredirect'
|
||||
|
@ -15,16 +12,15 @@ form_values = {
|
|||
'post_fields': ['codeFamille', 'motDePasse'],
|
||||
'username_field': 'codeFamille',
|
||||
'password_field': 'motDePasse'
|
||||
}
|
||||
}
|
||||
|
||||
saml2_config.IDP_METADATA = "https://sso-vincennes.dev.entrouvert.org/idp/saml2/metadata"
|
||||
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
|
||||
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
|
||||
saml2_config.SP_LOGOUT_URL = "%s/deconnexion.do" % folder_target
|
||||
urls = {
|
||||
'login_url': '/mandaye/login',
|
||||
'associate_url': '%s/associate' % folder_target,
|
||||
'connection_url': '/mandaye/sso',
|
||||
}
|
||||
|
||||
auth = EspaceFamilleAuth(form_values, 'espace_famille', saml2_config)
|
||||
|
||||
famille_mapping = [
|
||||
mapping = [
|
||||
{
|
||||
'path': r'/$',
|
||||
'method': 'GET',
|
||||
|
@ -57,10 +53,7 @@ famille_mapping = [
|
|||
'path': r'/mandaye/login$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.login,
|
||||
'values': {
|
||||
'associate_url': '%s/associate' % folder_target,
|
||||
},
|
||||
'auth': 'login',
|
||||
'condition': 'response.code==302',
|
||||
},]
|
||||
},
|
||||
|
@ -84,11 +77,7 @@ famille_mapping = [
|
|||
'method': 'POST',
|
||||
'response': [
|
||||
{
|
||||
'filter': auth.associate_submit,
|
||||
'values': {
|
||||
'associate_url': '%s/associate' % folder_target,
|
||||
'connection_url': '/mandaye/sso',
|
||||
},
|
||||
'auth': 'associate_submit',
|
||||
'condition': "response.code==302"
|
||||
},
|
||||
]
|
||||
|
@ -97,41 +86,34 @@ famille_mapping = [
|
|||
'path': r'/mandaye/sso$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.sso,
|
||||
'auth': 'sso',
|
||||
'values': {
|
||||
'next_url': '/mandaye/login',
|
||||
}
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['metadata'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.metadata,
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_sign_on_post'],
|
||||
'path': r'%s$' % END_POINTS_PATH['single_sign_on_post'],
|
||||
'method': 'POST',
|
||||
'response': [{
|
||||
'filter': auth.single_sign_on_post,
|
||||
'auth': 'single_sign_on_post',
|
||||
'values': {
|
||||
'login_url': '/mandaye/login',
|
||||
}
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout'],
|
||||
'path': r'%s$' % END_POINTS_PATH['single_logout'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.single_logout,
|
||||
'auth': 'single_logout',
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout_return'],
|
||||
'path': r'%s$' % END_POINTS_PATH['single_logout_return'],
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.single_logout_return,
|
||||
'auth': 'single_logout_return',
|
||||
'values': {
|
||||
'next_url': '/'
|
||||
}
|
||||
|
@ -141,15 +123,15 @@ famille_mapping = [
|
|||
'path': r'%s/deconnexion.do$' % folder_target,
|
||||
'on_response': [
|
||||
{
|
||||
'filter': auth.slo,
|
||||
'next_url': '/'
|
||||
}],
|
||||
},
|
||||
'auth': 'slo',
|
||||
'next_url': '/'
|
||||
}],
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/disassociate$',
|
||||
'method': 'GET',
|
||||
'response': [{
|
||||
'filter': auth.disassociate,
|
||||
'auth': 'disassociate',
|
||||
'values': {
|
||||
'next_url': '%s/deconnexion.do' % folder_target,
|
||||
},
|
|
@ -5,9 +5,13 @@ from mandaye.server import MandayeApp
|
|||
|
||||
from mandaye_vincennes import config
|
||||
from beaker.middleware import SessionMiddleware
|
||||
from whitenoise import WhiteNoise
|
||||
|
||||
os.environ['MANDAYE_CONFIG_MODULE'] = 'mandaye_vincennes.config'
|
||||
|
||||
from mandaye import config
|
||||
|
||||
application = SessionMiddleware(MandayeApp(), config.session_opts)
|
||||
application_dev = WhiteNoise(application, root=config.static_root, prefix=config.static_url)
|
||||
|
||||
|
||||
|
|
|
@ -15,15 +15,16 @@ from gunicorn.app.wsgiapp import WSGIApplication
|
|||
class MandayeWSGIApplication(WSGIApplication):
|
||||
|
||||
def init(self, parser, opts, args):
|
||||
self.cfg.set("default_proc_name", "mandaye_vincennes.wsgi:application")
|
||||
self.app_uri = "mandaye_vincennes.wsgi:application"
|
||||
self.cfg.set("default_proc_name", "mandaye_vincennes.wsgi:application_dev")
|
||||
self.app_uri = "mandaye_vincennes.wsgi:application_dev"
|
||||
|
||||
def main():
|
||||
""" The ``gunicorn`` command line runner for launcing Gunicorn with
|
||||
generic WSGI applications.
|
||||
"""
|
||||
logger.info('CAM rp start')
|
||||
logger.info('mandaye_vincennes reverse-proxy start')
|
||||
MandayeWSGIApplication("%(prog)s [OPTIONS]").run()
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
|
||||
|
|
Reference in New Issue