entrouvert
/
mandaye-vincennes
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

migrate to mandaye 0.8

This commit is contained in:
Jérôme Schneider 2014-05-30 15:06:55 +02:00
parent 7c2d54f0ca
commit 8fb3be4e74
15 changed files with 379 additions and 374 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
conf.d/biblio Normal file
View File

@ -0,0 +1,11 @@
{
"site_name": "biblio",
"server_name": ["biblio.local:8000"],
"location": "/",
"target": "http://biblio.vincennes.fr",
"mapper": "biblio",
"auth_type": "saml2",
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
"saml2_signature_public_key": "certs/saml.crt",
"saml2_signature_private_key": "certs/saml.key"
}

9
conf.d/certs/saml.crt Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdbs+ZLkuz0DISpAKhHn
WvNBSW4G0xmlUyZcjUWDQlJH7wC3yxhjioQ2oFpxqcuNf5ft/E1E5KUTqZhcKyX9
i7XCmhPoea/fmYH3Egxbucv7++sM+TyZpUWbA0TZHBYAjcUPR/1HTcEz3bl0SqB0
EdjhN5PpXPu1p4pGDPXc4aIkEpFU3mlK+TlV5SrivEqNS/SI14VA9g2WWdJk4+CK
PgozCfeiFtaiu2zem4uQSmd5AG0f0Av4jzxgut22owFYi9PV+Yl0cWoMOUphAwsR
RE4gckEqbhLYluAy+VglgzfT4YCXBQ6o23EH0Z0tW28KnIYEY4dQkLca9YRAKhHc
ywIDAQAB
-----END PUBLIC KEY-----

27
conf.d/certs/saml.key Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAxdbs+ZLkuz0DISpAKhHnWvNBSW4G0xmlUyZcjUWDQlJH7wC3
yxhjioQ2oFpxqcuNf5ft/E1E5KUTqZhcKyX9i7XCmhPoea/fmYH3Egxbucv7++sM
+TyZpUWbA0TZHBYAjcUPR/1HTcEz3bl0SqB0EdjhN5PpXPu1p4pGDPXc4aIkEpFU
3mlK+TlV5SrivEqNS/SI14VA9g2WWdJk4+CKPgozCfeiFtaiu2zem4uQSmd5AG0f
0Av4jzxgut22owFYi9PV+Yl0cWoMOUphAwsRRE4gckEqbhLYluAy+VglgzfT4YCX
BQ6o23EH0Z0tW28KnIYEY4dQkLca9YRAKhHcywIDAQABAoIBAHS7XPXhW36zAD64
XEW2bKj4cOQvvG0ga7EFKITeqBUg0XrPFKMMD+eyHT0+QGSsSyAm9+/vc5/pWxGt
aWy4LMMbiug4qOnsAOXljm+ixRh6qIK67Nu+ivW+fTlPjT8KKGd+B4c1hbX2MnE4
NMq3o+TH8BNH/eC0UDm715tcEmk6pUSBH3lq3CG7W1TyVjC3FGJcjBAj/X6J45lE
skJHt9d67KG/MwmzuyoI+U9q2b3jSzoIGzzQQaOItGx3OefRjqWeUyDlUWobuFNV
Lky+XjmOFJC0voQsUiV2mBSJejHmfuLjJfE+W/HrRc3YwftxCp+emaFshs56U4Ob
UWu2F9kCgYEA7livJ1nYhHVyYueX6kWKTkBCzcwQO0agLsuYpspDjKGqgUOlFHXW
9CS+DPi/r086iRYLwmGuaFAnNQJqS3ofjowj9/iZCGD/qe6jj9zMmokWDl1FALYe
jT3Eg1HLfhe8hddA815yheL5uIVw3t34TTaQuokN86nkcv/bJ53SW4UCgYEA1H4v
jk88pCNnADqmAnXNbuhPK+w6llre159vtStgKaJrcCZiTejFVpffpdp1b8hU21S2
lg/FgXHgvrdfwq+uZ+lRNJGyCX3mqe3uXWn6d42A/7tgmRDW4NXtxwelV8MTpwHw
nS4hwmDyLyYMupyBlw5Iv7N3XmDBJu/tsEPMgA8CgYBP5MpRlnxNalD9dkQl80l5
EXFTKqQGOpZXGUgCIKqj6U0OJ26efSGglPBfyMH4McadTRaEAdpEfRmnWzfmNPl+
/trPtDUX6evJOoT5JDoxUuJhzkHjCykSjzHgEvrzOWGoO486BN6+omayw4giLKWe
vDunS2mx07EQG1OK5AwvQQKBgCZY21YwQH5SkTz+WIUrIza3n8oKaIxHu91nvW4R
dNouoHrtwmHS9wHoiIjSwsy4d2/ZetXb5MW2eluQlix5Ld08wtXc0SdbXCwgbxrW
jEfU9omwE/+rhUuv76gyXglXgA1skTKcZ6U/f5U4paVrpwtOnZxS0+DpTxIqzFc5
9QbLAoGAeqLr0vm4SKnvtwK9F/Q784Rc8Ygq56vUcQIZ81yL4BsE0h6fuTHcSq+H
NhO5mQFr+CcitGDE48/CRxfw1HYpk+KOtRzY+EdKGAKEu26sUSh7GNCw3TkOvPTo
E/RgydWsPwjJBDp03z87cITfaoyqoIWLtEmUTeDY8m5dGu0EBzk=
-----END RSA PRIVATE KEY-----

11
conf.d/duonet Normal file
View File

@ -0,0 +1,11 @@
{
"site_name": "duonet",
"server_name": ["conservatoire.local:8000"],
"location": "/",
"target": "https://extranet.duonet.fr",
"mapper": "duonet",
"auth_type": "saml2",
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
"saml2_signature_public_key": "certs/saml.crt",
"saml2_signature_private_key": "certs/saml.key"
}

11
conf.d/espace_famille Normal file
View File

@ -0,0 +1,11 @@
{
"site_name": "espace_famille",
"server_name": ["espace-famille.local:8000"],
"location": "/",
"target": "https://vincennes-noredirect.espace-famille.net",
"mapper": "espace_famille",
"auth_type": "saml2_espace_famille",
"saml2_idp_metadata": "http://www.identity-hub.com/idp/saml2/metadata",
"saml2_signature_public_key": "certs/saml.crt",
"saml2_signature_private_key": "certs/saml.key"
}

141
mandaye_vincennes/config.py
View File

@ -3,16 +3,6 @@ import os
_PROJECT_PATH = os.path.join(os.path.dirname(__file__), '..')
## Virtual hosts configuration
hosts = {
'linuxfr.local:8000': [
{'path': r'/',
'target': 'http://linuxfr.org',
'mapping': 'mandaye.configs.linuxfr_saml_example.linuxfr_mapping'
},
],
}
## SQL Backend config
# Database configuration
# http://docs.sqlalchemy.org/en/rel_0_7/core/engines.html
@ -20,22 +10,60 @@ hosts = {
# dialect+driver://username:password@host:port/database
db_url = 'sqlite:///' + os.path.join(_PROJECT_PATH, 'test.db')
## Log configuration
debug = False
syslog = False
log_file = os.path.join(_PROJECT_PATH, 'mandaye_vincennes/mandaye_mandaye_vincennes.log')
log_level = logging.INFO
# Log rotation
# W[0-6] : weekly (0: Monday), D: day, ... (python doc)
log_when = 'W6'
# Every week
log_interval = 1
# BackupCount (keep one year of log)
log_backup = 52
## Log configuration
LOGGING = {
'version': 1,
'disable_existing_loggers': True,
'formatters': {
'console': {
'format': '%(asctime)s %(levelname)s %(message)s',
'datefmt': '%H:%M:%S',
},
'file': {
'format': '%(asctime)s %(levelname)s %(uuid)s %(message)s',
'datefmt': '%Y-%m-%d %H:%M:%S'
}
},
'handlers': {
'console': {
'level': 'DEBUG',
'class': 'logging.StreamHandler',
'formatter': 'console'
},
'syslog': {
'level': 'INFO',
'class': 'entrouvert.logging.handlers.SysLogHandler',
'formatter': 'file',
'address': '/dev/log'
},
},
'loggers': {
'': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'mandaye': {
'handlers': ['console', 'syslog'],
'level': 'DEBUG',
'propagate': False,
},
'mandaye_vincennes': {
'handlers': ['console', 'syslog'],
'level': 'DEBUG',
'propagate': False,
},
},
}
## PATH
# Template directory
template_directory = os.path.join(_PROJECT_PATH, 'mandaye_vincennes/templates')
# Configuration directory
config_root = os.path.join(_PROJECT_PATH, 'conf.d')
# Static url
static_url = '/mandaye/static'
# Static folder
@ -43,6 +71,9 @@ static_root = os.path.join(_PROJECT_PATH, 'mandaye_vincennes/static')
# Data dir
data_dir = os.path.join(_PROJECT_PATH, 'data')
# Raven Sentry configuration
raven_dsn = None
# Email notification configuration
email_notification = False
email_prefix = '[Mandaye CAM]'
@ -51,9 +82,6 @@ smtp_port = 25
email_from = 'traceback@entrouvert.com'
email_to = ['admin@localhost']
# platform : should be prod, recette or dev
platform = "prod"
# Use long traceback with xtraceback
use_long_trace = True
@ -75,62 +103,23 @@ session_opts = {
'session.data_dir': '/var/tmp/beaker'
}
# Supported authentification
authentifications = {
'saml2': 'mandaye.auth.saml2.SAML2Auth',
'saml2_espace_famille': 'mandaye_vincennes.auth.espacefamille.EspaceFamilleAuth'
}
# sp mappers
mappers = {
'biblio': 'mandaye_vincennes.mappers.biblio_vincennes',
'duonet': 'mandaye_vincennes.mappers.duonet_vincennes',
'espace_famille': 'mandaye_vincennes.mappers.famille_vincennes',
}
# Choose storage
# Only mandaye.backends.sql at the moment
storage_backend = "mandaye.backends.sql"
# Needed if ssl is activated
ssl = False
keyfile = ''
certfile = ''
SAML_SIGNATURE_PUBLIC_KEY = '''-----BEGIN CERTIFICATE-----
MIIDIzCCAgugAwIBAgIJANUBoick1pDpMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
BAoTCkVudHJvdXZlcnQwHhcNMTAxMjE0MTUzMzAyWhcNMTEwMTEzMTUzMzAyWjAV
MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZn9Kqm4Cp
06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrUH8QT8NGh
ABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59xihSqsoFr
kmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9Hri8JRdXi
VT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziazZfvvw/VG
Tm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABo3YwdDAdBgNVHQ4EFgQUeF8ePnu0
fcAK50iBQDgAhHkOu8kwRQYDVR0jBD4wPIAUeF8ePnu0fcAK50iBQDgAhHkOu8mh
GaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQDVAaInJNaQ6TAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAy8l3GhUtpPHx0FxzbRHVaaUSgMwYKGPhE
IdGhqekKUJIx8et4xpEMFBl5XQjBNq/mp5vO3SPb2h2PVSks7xWnG3cvEkqJSOeo
fEEhkqnM45b2MH1S5uxp4i8UilPG6kmQiXU2rEUBdRk9xnRWos7epVivTSIv1Ncp
lG6l41SXp6YgIb2ToT+rOKdIGIQuGDlzeR88fDxWEU0vEujZv/v1PE1YOV0xKjTT
JumlBc6IViKhJeo1wiBBrVRIIkKKevHKQzteK8pWm9CYWculxT26TZ4VWzGbo06j
o2zbumirrLLqnt1gmBDvDvlOwC/zAAyL4chbz66eQHTiIYZZvYgy
-----END CERTIFICATE-----'''
SAML_SIGNATURE_PRIVATE_KEY = '''-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZ
n9Kqm4Cp06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrU
H8QT8NGhABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59x
ihSqsoFrkmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9H
ri8JRdXiVT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziaz
Zfvvw/VGTm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABAoIBAQCj8t2iKXya10HG
V6Saaeih8aftoLBV38VwFqqjPU0+iKqDpk2JSXBhjI6s7uFIsaTNJpR2Ga1qvns1
hJQEDMQSLhJvXfBgSkHylRWCpJentr4E3D7mnw5pRsd61Ev9U+uHcdv/WHP4K5hM
xsdiwXNXD/RYd1Q1+6bKrCuvnNJVmWe0/RV+r3T8Ni5xdMVFbRWt/VEoE620XX6c
a9TQPiA5i/LRVyie+js7Yv+hVjGOlArtuLs6ECQsivfPrqKLOBRWcofKdcf+4N2e
3cieUqwzC15C31vcMliD9Hax9c1iuTt9Q3Xzo20fOSazAnQ5YBEExyTtrFBwbfQu
ku6hp81pAoGBAN6bc6iJtk5ipYpsaY4ZlbqdjjG9KEXB6G1MExPU7SHXOhOF0cDH
/pgMsv9hF2my863MowsOj3OryVhdQhwA6RrV263LRh+JU8NyHV71BwAIfI0BuVfj
6r24KudwtUcvMr9pJIrJyMAMaw5ZyNoX7YqFpS6fcisSJYdSBSoxzrzVAoGBANu6
xVeMqGavA/EHSOQP3ipDZ3mnWbkDUDxpNhgJG8Q6lZiwKwLoSceJ8z0PNY3VetGA
RbqtqBGfR2mcxHyzeqVBpLnXZC4vs/Vy7lrzTiHDRZk2SG5EkHMSKFA53jN6S/nJ
JWpYZC8lG8w4OHaUfDHFWbptxdGYCgY4//sjeiuXAoGBANuhurJ99R5PnA8AOgEW
4zD1hLc0b4ir8fvshCIcAj9SUB20+afgayRv2ye3Dted1WkUL4WYPxccVhLWKITi
rRtqB03o8m3pG3kJnUr0LIzu0px5J/o8iH3ZOJOTE3iBa+uI/KHmxygc2H+XPGFa
HGeAxuJCNO2kAN0Losbnz5dlAoGAVsCn94gGWPxSjxA0PC7zpTYVnZdwOjbPr/pO
LDE0cEY9GBq98JjrwEd77KibmVMm+Z4uaaT0jXiYhl8pyJ5IFwUS13juCbo1z/u/
ldMoDvZ8/R/MexTA/1204u/mBecMJiO/jPw3GdIJ5phv2omHe1MSuSNsDfN8Sbap
gmsgaiMCgYB/nrTk89Fp7050VKCNnIt1mHAcO9cBwDV8qrJ5O3rIVmrg1T6vn0aY
wRiVcNacaP+BivkrMjr4BlsUM6yH4MOBsNhLURiiCL+tLJV7U0DWlCse/doWij4U
TKX6tp6oI+7MIJE6ySZ0cBqOiydAkBePZhu57j6ToBkTa0dbHjn1WA==
-----END RSA PRIVATE KEY-----'''
# Import local config
try:

186
mandaye_vincennes/configs/biblio_vincennes.py
View File

@ -1,186 +0,0 @@
from mandaye.auth.saml2 import SAML2Auth
from mandaye.configs import saml2 as saml2_config
from mandaye_vincennes import config
from mandaye_vincennes.filters import vincennes
form_values = {
'post_url': '/sezhame/page/connexion-abonne?destination=user',
'login_url': '/sezhame/page/connexion-abonne',
'form_attrs': { 'id': 'dk-opac15-login-form', },
'post_fields': ['user', 'password'],
'username_field': 'user',
'password_field': 'password',
}
saml2_config.IDP_METADATA = "https://sso-vincennes.dev.entrouvert.org/idp/saml2/metadata"
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
saml2_config.SP_LOGOUT_URL = "/sezhame/logout"
auth = SAML2Auth(form_values, 'biblio', saml2_config)
filters = vincennes.Biblio()
biblio_mapping = [
{
'path': r'/(?!/*mandaye)',
'on_response': [
{
'filter': filters.resp_html,
'content-types': ['application/x-javascript', 'text/html', 'text/css'],
'decompress': False,
},
],
},
{
'path': r'/sezhame',
'on_response': [{
'filter': filters.resp_multicompte_html,
'content-types': ['text/html'],
'values': {
'associate_url': '/mandaye/associate',
'template': 'biblio/multicompte.html',
'nosso_template': 'biblio/nosso.html',
'site_name': 'biblio'
},
},]
},
{
'path': r'/mandaye/login$',
'method': 'GET',
'response': [{
'filter': auth.login,
'values': {
'associate_url': '/mandaye/associate',
},
'condition': 'response.code==302',
},]
},
{
'path': r'/mandaye/sso$',
'method': 'GET',
'response': [{
'filter': auth.sso,
},]
},
{
'path': r'/mandaye/slo$',
'method': 'GET',
'response': [{
'filter': auth.slo,
},]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['metadata'],
'method': 'GET',
'response': [{
'filter': auth.metadata,
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_sign_on_post'],
'method': 'POST',
'response': [{
'filter': auth.single_sign_on_post,
'values': {
'login_url': '/mandaye/login',
'next_url': '/sezhame'
}
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout'],
'method': 'GET',
'response': [{
'filter': auth.single_logout,
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout_return'],
'method': 'GET',
'response': [{
'filter': auth.single_logout_return,
'values': {
'next_url': '/shezame'
}
}]
},
{
'path': r'/mandaye/associate$',
'method': 'GET',
'target': '/sezhame/page/connexion-abonne',
'on_response': [{
'filter': filters.resp_associate_login,
'values': {
'action': '/mandaye/associate',
'template': 'biblio/associate.html',
'badlogin_msg': "Numéro de carte ou/et mot de passe incorrects",
'failed_msg': "Vos identifiants pour la bibliothèque ne fonctionnent plus ! Merci de les ressaisir.",
},
},
{
'filter': filters.resp_multicompte_html,
'values': {
'associate_url': '/mandaye/associate',
'template': 'biblio/multicompte.html',
'nosso_template': 'biblio/nosso.html',
'site_name': 'biblio'
},
},]
},
{
'path': r'/mandaye/associate$',
'method': 'POST',
'response': [
{
'filter': auth.associate_submit,
'values': {
'connection_url': '/mandaye/sso',
'associate_url': '/mandaye/associate',
},
'condition': "response.code==302"
},
]
},
{
'path': r'/sezhame/page/connexion-abonne$',
'method': 'GET',
'on_response': [{
'filter': filters.resp_html_login_page,
'values': {
'connection_url': '/mandaye/sso',
'template': 'biblio/login.html',
'title': 'Connexion via votre compte citoyen'
}
}]
},
{
'path': r'/mandaye/change_user$',
'method': 'GET',
'response': [{
'filter': auth.change_user,
'values': {
'associate_url': '/mandaye/associate',
},
}]
},
{
'path': r'/mandaye/disassociate$',
'method': 'GET',
'response': [{
'filter': auth.disassociate,
'values': {
'next_url': '/sezhame',
},
}]
},
{
'path': r'/sezhame/logout$',
'on_response': [{'filter': auth.slo}]
},
]

2
mandaye_vincennes/filters/vincennes.py
View File

@ -85,7 +85,7 @@ class Biblio:
This fix the fucking absolute url of the biblio site
"""
if response.msg:
response.msg = response.msg.replace(env["target"].geturl(),
response.msg = response.msg.replace(str(env["target"].geturl()),
'%s://%s' % (env["mandaye.scheme"], env["HTTP_HOST"]))
if env["mandaye.scheme"] == 'https':
response.msg = response.msg.replace('http://' + env["HTTP_HOST"],

0
mandaye_vincennes/configs/__init__.py → mandaye_vincennes/mappers/__init__.py
View File

163
mandaye_vincennes/mappers/biblio_vincennes.py Normal file
View File

@ -0,0 +1,163 @@
from mandaye.auth.saml2 import END_POINTS_PATH
from mandaye_vincennes.filters import vincennes
form_values = {
'post_url': '/sezhame/page/connexion-abonne?destination=user',
'login_url': '/sezhame/page/connexion-abonne',
'form_attrs': { 'id': 'dk-opac15-login-form', },
'post_fields': ['user', 'password'],
'username_field': 'user',
'password_field': 'password',
}
filters = vincennes.Biblio()
urls = {
'login_url': '/mandaye/login',
'connection_url': '/mandaye/sso',
'associate_url': '/mandaye/associate',
}
mapping = [
{
'path': r'/(?!/*mandaye)',
'on_response': [
{
'filter': filters.resp_html,
'content-types': ['application/x-javascript', 'text/html', 'text/css'],
'decompress': False,
},
],
},
{
'path': r'/sezhame',
'on_response': [{
'filter': filters.resp_multicompte_html,
'content-types': ['text/html'],
'values': {
'associate_url': '/mandaye/associate',
'template': 'biblio/multicompte.html',
'nosso_template': 'biblio/nosso.html',
'site_name': 'biblio'
},
},]
},
{
'path': r'/mandaye/login$',
'method': 'GET',
'response': [{
'auth': 'login',
'condition': 'response.code==302',
},]
},
{
'path': r'/mandaye/sso$',
'method': 'GET',
'response': [{
'auth': 'sso',
},]
},
{
'path': r'/mandaye/slo$',
'method': 'GET',
'response': [{
'auth': 'slo',
},]
},
{
'path': r'%s$' % END_POINTS_PATH['single_sign_on_post'],
'method': 'POST',
'response': [{
'auth': 'single_sign_on_post',
'values': {
'next_url': '/sezhame'
}
}]
},
{
'path': r'%s$' % END_POINTS_PATH['single_logout'],
'method': 'GET',
'response': [{
'auth': 'single_logout',
}]
},
{
'path': r'%s$' % END_POINTS_PATH['single_logout_return'],
'method': 'GET',
'response': [{
'auth': 'single_logout_return',
'values': {
'next_url': '/shezame'
}
}]
},
{
'path': r'/mandaye/associate$',
'method': 'GET',
'target': '/sezhame/page/connexion-abonne',
'on_response': [{
'filter': filters.resp_associate_login,
'values': {
'action': '/mandaye/associate',
'template': 'biblio/associate.html',
'badlogin_msg': "Numéro de carte ou/et mot de passe incorrects",
'failed_msg': "Vos identifiants pour la bibliothèque ne fonctionnent plus ! Merci de les ressaisir.",
},
},
{
'filter': filters.resp_multicompte_html,
'values': {
'associate_url': '/mandaye/associate',
'template': 'biblio/multicompte.html',
'nosso_template': 'biblio/nosso.html',
'site_name': 'biblio'
},
},]
},
{
'path': r'/mandaye/associate$',
'method': 'POST',
'response': [
{
'auth': 'associate_submit',
'condition': "response.code==302"
},
]
},
{
'path': r'/sezhame/page/connexion-abonne$',
'method': 'GET',
'on_response': [{
'filter': filters.resp_html_login_page,
'values': {
'connection_url': '/mandaye/sso',
'template': 'biblio/login.html',
'title': 'Connexion via votre compte citoyen'
}
}]
},
{
'path': r'/mandaye/change_user$',
'method': 'GET',
'response': [{
'auth': 'change_user',
}]
},
{
'path': r'/mandaye/disassociate$',
'method': 'GET',
'response': [{
'auth': 'disassociate',
'values': {
'next_url': '/sezhame',
},
}]
},
{
'path': r'/sezhame/logout$',
'on_response': [{'auth': 'slo'}]
},
]

117
mandaye_vincennes/configs/duonet_vincennes.py → mandaye_vincennes/mappers/duonet_vincennes.py
View File

@ -1,11 +1,7 @@
from mandaye.auth.saml2 import SAML2Auth
from mandaye.configs import saml2 as saml2_config
from mandaye_vincennes import config
from mandaye.auth.saml2 import END_POINTS_PATH
from mandaye_vincennes.filters.vincennes import Duonet
filters = Duonet()
duonet_key = 'CV4j27Em0dM%3d'
@ -17,13 +13,13 @@ form_values = {
'password_field': 'txtCode'
}
saml2_config.IDP_METADATA = "https://sso-vincennes.dev.entrouvert.org/idp/saml2/metadata"
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
urls = {
'login_url': '/vincennes/login',
'connection_url': '/mandaye/sso',
'associate_url': '/associate',
}
auth = SAML2Auth(form_values, 'duonet', saml2_config)
duonet_mapping = [
mapping = [
{
'path': r'/',
'on_response': [
@ -52,67 +48,39 @@ duonet_mapping = [
'path': r'/vincennes/login$',
'method': 'GET',
'response': [{
'filter': auth.login,
'values': {
'associate_url': '/associate',
},
'auth':'login',
'condition': 'response.code==302',
},]
},
{
'path': r'/associate$',
'method': 'GET',
'target': '/Connect.aspx?key=%s' % duonet_key,
'on_response': [{
'filter': filters.resp_associate,
'values': {
'action': '/associate',
'template': 'duonet/associate.html',
'badlogin_msg': "Mauvais identifiants",
'failed_msg': "Vos identifiants pour le conservatoire ne fonctionnent plus ! Merci de les ressaisir.",
},
}]
},
{
'path': r'/associate$',
'method': 'POST',
'response': [
{
'filter': auth.associate_submit,
'values': {
'connection_url': '/mandaye/sso',
'associate_url': '/associate',
},
'condition': "response.code==302"
},
]
},
{
'path': r'/mandaye/sso$',
'method': 'GET',
'response': [{
'filter': auth.sso,
}]
},
{
'path': r'/mandaye/slo$',
'method': 'GET',
'response': [{
'filter': auth.slo,
},]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['metadata'],
'path': r'/associate$',
'method': 'GET',
'response': [{
'filter': auth.metadata,
'target': '/Connect.aspx?key=%s' % duonet_key,
'on_response': [{
'filter': filters.resp_associate,
'values': {
'action': '/associate',
'template': 'duonet/associate.html',
'badlogin_msg': "Mauvais identifiants",
'failed_msg': "Vos identifiants pour le conservatoire ne fonctionnent plus ! Merci de les ressaisir.",
},
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_sign_on_post'],
'path': r'/associate$',
'method': 'POST',
'response': [
{
'auth': 'associate_submit',
'condition': "response.code==302"
},
]
},
{
'path': r'%s$' % END_POINTS_PATH['single_sign_on_post'],
'method': 'POST',
'response': [{
'filter': auth.single_sign_on_post,
'auth': 'single_sign_on_post',
'values': {
'login_url': '/vincennes/login',
'next_url': '/Default.aspx'
@ -120,27 +88,42 @@ duonet_mapping = [
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout'],
'path': r'%s$' % END_POINTS_PATH['single_logout'],
'method': 'GET',
'response': [{
'filter': auth.single_logout,
'auth': 'single_logout',
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout_return'],
'path': r'%s$' % END_POINTS_PATH['single_logout_return'],
'method': 'GET',
'response': [{
'filter': auth.single_logout_return,
'auth': 'single_logout_return',
'values': {
'next_url': '/Connect.aspx?key=%s' % duonet_key,
}
}]
},
{
'path': r'/mandaye/sso$',
'method': 'GET',
'response': [{
'auth': 'sso',
}]
},
{
'path': r'/mandaye/slo$',
'method': 'GET',
'response': [{
'auth': 'slo',
},]
},
{
'path': r'/mandaye/disassociate$',
'method': 'GET',
'response': [{
'filter': auth.disassociate,
'auth': 'disassociate',
'values': {
'next_url': '/',
},

62
mandaye_vincennes/configs/famille_vincennes.py → mandaye_vincennes/mappers/famille_vincennes.py
View File

@ -1,8 +1,5 @@
from mandaye.configs import saml2 as saml2_config
from mandaye_vincennes import config
from mandaye_vincennes.auth.espacefamille import EspaceFamilleAuth
from mandaye.auth.saml2 import END_POINTS_PATH
from mandaye_vincennes.filters.vincennes import EspaceFamille
folder_target = '/vincennes-noredirect'
@ -15,16 +12,15 @@ form_values = {
'post_fields': ['codeFamille', 'motDePasse'],
'username_field': 'codeFamille',
'password_field': 'motDePasse'
}
}
saml2_config.IDP_METADATA = "https://sso-vincennes.dev.entrouvert.org/idp/saml2/metadata"
saml2_config.SAML_SIGNATURE_PUBLIC_KEY = config.SAML_SIGNATURE_PUBLIC_KEY
saml2_config.SAML_SIGNATURE_PRIVATE_KEY = config.SAML_SIGNATURE_PRIVATE_KEY
saml2_config.SP_LOGOUT_URL = "%s/deconnexion.do" % folder_target
urls = {
'login_url': '/mandaye/login',
'associate_url': '%s/associate' % folder_target,
'connection_url': '/mandaye/sso',
}
auth = EspaceFamilleAuth(form_values, 'espace_famille', saml2_config)
famille_mapping = [
mapping = [
{
'path': r'/$',
'method': 'GET',
@ -57,10 +53,7 @@ famille_mapping = [
'path': r'/mandaye/login$',
'method': 'GET',
'response': [{
'filter': auth.login,
'values': {
'associate_url': '%s/associate' % folder_target,
},
'auth': 'login',
'condition': 'response.code==302',
},]
},
@ -84,11 +77,7 @@ famille_mapping = [
'method': 'POST',
'response': [
{
'filter': auth.associate_submit,
'values': {
'associate_url': '%s/associate' % folder_target,
'connection_url': '/mandaye/sso',
},
'auth': 'associate_submit',
'condition': "response.code==302"
},
]
@ -97,41 +86,34 @@ famille_mapping = [
'path': r'/mandaye/sso$',
'method': 'GET',
'response': [{
'filter': auth.sso,
'auth': 'sso',
'values': {
'next_url': '/mandaye/login',
}
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['metadata'],
'method': 'GET',
'response': [{
'filter': auth.metadata,
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_sign_on_post'],
'path': r'%s$' % END_POINTS_PATH['single_sign_on_post'],
'method': 'POST',
'response': [{
'filter': auth.single_sign_on_post,
'auth': 'single_sign_on_post',
'values': {
'login_url': '/mandaye/login',
}
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout'],
'path': r'%s$' % END_POINTS_PATH['single_logout'],
'method': 'GET',
'response': [{
'filter': auth.single_logout,
'auth': 'single_logout',
}]
},
{
'path': r'%s$' % auth.config.END_POINTS_PATH['single_logout_return'],
'path': r'%s$' % END_POINTS_PATH['single_logout_return'],
'method': 'GET',
'response': [{
'filter': auth.single_logout_return,
'auth': 'single_logout_return',
'values': {
'next_url': '/'
}
@ -141,15 +123,15 @@ famille_mapping = [
'path': r'%s/deconnexion.do$' % folder_target,
'on_response': [
{
'filter': auth.slo,
'next_url': '/'
}],
},
'auth': 'slo',
'next_url': '/'
}],
},
{
'path': r'/mandaye/disassociate$',
'method': 'GET',
'response': [{
'filter': auth.disassociate,
'auth': 'disassociate',
'values': {
'next_url': '%s/deconnexion.do' % folder_target,
},

4
mandaye_vincennes/wsgi.py
View File

@ -5,9 +5,13 @@ from mandaye.server import MandayeApp
from mandaye_vincennes import config
from beaker.middleware import SessionMiddleware
from whitenoise import WhiteNoise
os.environ['MANDAYE_CONFIG_MODULE'] = 'mandaye_vincennes.config'
from mandaye import config
application = SessionMiddleware(MandayeApp(), config.session_opts)
application_dev = WhiteNoise(application, root=config.static_root, prefix=config.static_url)

7
mandaye_vincennes_server
View File

@ -15,15 +15,16 @@ from gunicorn.app.wsgiapp import WSGIApplication
class MandayeWSGIApplication(WSGIApplication):
def init(self, parser, opts, args):
self.cfg.set("default_proc_name", "mandaye_vincennes.wsgi:application")
self.app_uri = "mandaye_vincennes.wsgi:application"
self.cfg.set("default_proc_name", "mandaye_vincennes.wsgi:application_dev")
self.app_uri = "mandaye_vincennes.wsgi:application_dev"
def main():
""" The ``gunicorn`` command line runner for launcing Gunicorn with
generic WSGI applications.
"""
logger.info('CAM rp start')
logger.info('mandaye_vincennes reverse-proxy start')
MandayeWSGIApplication("%(prog)s [OPTIONS]").run()
if __name__ == "__main__":
main()

2
setup.py
View File

@ -12,7 +12,7 @@ from sys import version
install_requires=[
'gunicorn>=0.17',
'mandaye>=0.7',
'mandaye>=0.8',
'pycrypto>=2.6',
'BeautifulSoup>=3.1'
]