Affichage variables SAMLResponse apres authentification
This commit is contained in:
parent
043672143a
commit
06d00c2211
|
@ -1,24 +1,6 @@
|
|||
from django.shortcuts import render
|
||||
from django.http import HttpResponse
|
||||
#from django.template import RequestContext
|
||||
from django.views.decorators.csrf import csrf_exempt
|
||||
|
||||
import xml.etree.ElementTree as ET
|
||||
import ldap
|
||||
import ldap.modlist as modlist
|
||||
import json
|
||||
|
||||
#import django-mellonA
|
||||
|
||||
|
||||
# From combo/commbo/public/views.py
|
||||
# TODO dependency boil-down
|
||||
#=======================
|
||||
import json
|
||||
import urllib
|
||||
import urlparse
|
||||
|
||||
import django
|
||||
from django.conf import settings
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth import logout as auth_logout
|
||||
|
@ -29,21 +11,22 @@ from django.http import (Http404, HttpResponse, HttpResponseRedirect,
|
|||
HttpResponsePermanentRedirect)
|
||||
from django.shortcuts import render, resolve_url
|
||||
from django.template import RequestContext, loader
|
||||
|
||||
if django.VERSION >= (1, 8):
|
||||
from django.utils import lorem_ipsum
|
||||
else:
|
||||
from django.contrib.webdesign import lorem_ipsum
|
||||
|
||||
from django.utils.translation import ugettext as _
|
||||
from django.forms.widgets import Media
|
||||
from mellon.utils import get_idps
|
||||
#============================
|
||||
|
||||
import pdb
|
||||
from mellon.models import UserSAMLIdentifier
|
||||
from inspect import getmembers
|
||||
|
||||
|
||||
import xml.etree.ElementTree as ET
|
||||
import ldap
|
||||
import ldap.modlist as modlist
|
||||
import json
|
||||
import urllib
|
||||
import urlparse
|
||||
import django
|
||||
import pdb
|
||||
|
||||
# Create your views here.
|
||||
base = "ou=People,dc=entrouvert,dc=lan"
|
||||
scope = ldap.SCOPE_SUBTREE
|
||||
|
@ -61,43 +44,18 @@ def index(request):
|
|||
# # We need to format the entry before adding it
|
||||
# # in the LDAP directory
|
||||
# LDAPAddEntry(identity)
|
||||
|
||||
#pdb.set_trace()
|
||||
#req = request.META
|
||||
|
||||
#return HttpResponse(WCSSubmit(identity))
|
||||
#return HttpResponse("'"+str(req)+"'")
|
||||
|
||||
#XXX transactional/atomic operation
|
||||
#loggedin = UserSAMLIdentifier.objects.last()
|
||||
#loggedin = UserSAMLIdentifier.objects.last().user
|
||||
#loggedin = UserSAMLIdentifier.objects.last().serializable_value
|
||||
#loggedin = UserSAMLIdentifier.objects.last()
|
||||
#loggedin = dir(UserSAMLIdentifier.objects.last())
|
||||
#loggedin = dir(dict(UserSAMLIdentifier.objects.last()))
|
||||
#loggedin = UserSAMLIdentifier.objects.last().id
|
||||
#loggedin = dir(UserSAMLIdentifier.objects.last().user)
|
||||
#loggedin = UserSAMLIdentifier.objects.last().user.first_name
|
||||
#loggedin = getmembers(UserSAMLIdentifier.objects.last().user)
|
||||
#return HttpResponse(str(loggedin))
|
||||
#loggedin = UserSAMLIdentifier.objects.last().user
|
||||
#loggedin = UserSAMLIdentifier.objects.last().user.username
|
||||
#loggedin = str(UserSAMLIdentifier.objects.last().user.username)
|
||||
#loggedin = getmembers(UserSAMLIdentifier.objects.last().user)
|
||||
#return render(request, 'logged.html', {'loggedin' : loggedin})
|
||||
#return HttpResponse(str(settings.MELLON_ATTRIBUTE_MAPPING.keys()))
|
||||
#return HttpResponse(loggedin)
|
||||
|
||||
loggedin = {}
|
||||
workaround = " "
|
||||
|
||||
#keys = settings.MELLON_ATTRIBUTE_MAPPING.keys()
|
||||
# Build the SSO operation summary:
|
||||
loggedin['first_name'] = UserSAMLIdentifier.objects.last().user.first_name
|
||||
loggedin['last_name'] = UserSAMLIdentifier.objects.last().user.last_name
|
||||
loggedin['email'] = UserSAMLIdentifier.objects.last().user.email
|
||||
loggedin['password'] = UserSAMLIdentifier.objects.last().user.password
|
||||
return render(request, 'logged.html', {'loggedin' : loggedin, 'workaround' : workaround})
|
||||
#return HttpResponse(str(dict))
|
||||
|
||||
# Render HTML from minimalistic POC template:
|
||||
return render(request, 'logged.html', {'loggedin' : loggedin})
|
||||
|
||||
def ParseSAML(saml_assert):
|
||||
# XML namespaces defined in the sample SAML assertion:
|
||||
|
|
|
@ -44,9 +44,6 @@ LOGIN_REDIRECT_URL = '/saml/index/'
|
|||
LOGOUT_URL = '/saml/logout/'
|
||||
|
||||
MELLON_ATTRIBUTE_MAPPING = {
|
||||
#'email': '{attributes[email][0]}',
|
||||
#'first_name': '{attributes[first_name][0]}',
|
||||
#'last_name': '{attributes[last_name][0]}',
|
||||
'first_name': '{attributes[fname_test][0]}',
|
||||
'last_name': '{attributes[lname_test][0]}',
|
||||
'email' : '{attributes[email_test][0]}',
|
||||
|
@ -59,7 +56,6 @@ MELLON_SUPERUSER_MAPPING = {
|
|||
|
||||
MELLON_USERNAME_TEMPLATE = '{attributes[name_id_content]}'
|
||||
|
||||
#MELLON_IDENTITY_PROVIDERS = []
|
||||
MELLON_IDENTITY_PROVIDERS = [{
|
||||
'METADATA_URL': 'http://localhost:8000/idp/saml2/metadata'
|
||||
}]
|
||||
|
|
|
@ -5,4 +5,4 @@ from django.views.decorators.csrf import csrf_exempt
|
|||
|
||||
@csrf_exempt
|
||||
def index(request):
|
||||
return HttpResponse("Minimalistic homepage<br>"+request.scheme+" <br><br>"+request.method+" <br><br>"+str(request.body)+" <br><br>"+str(request.COOKIES)+" <br><br>"+str(request.META))
|
||||
return HttpResponse("SP located at /saml/{login,index}")
|
||||
|
|
|
@ -3,6 +3,6 @@
|
|||
{% block content %}
|
||||
{% csrf_token %}
|
||||
{% for l, u in loggedin.items %}
|
||||
{{ workaround }} {{ l }} : {{ u }} <br>
|
||||
{{ l }} : {{ u }} <br>
|
||||
{% endfor %}
|
||||
{% endblock %}
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,39 @@
|
|||
<?xml version="1.0"?>
|
||||
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_CD4CC621A02FDE6054649B69E6DBCC41" InResponseTo="_A79D6A8E4A93A92D65EE570ECA571BDB" Version="2.0" IssueInstant="2017-02-15T14:14:04Z" Destination="http://localhost:8008/accounts/mellon/login/" Consent="urn:oasis:names:tc:SAML:2.0:consent:prior">
|
||||
<saml:Issuer>http://localhost:8000/idp/saml2/metadata</saml:Issuer>
|
||||
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">\n<SignedInfo>\n<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>\n<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>\n<Reference URI="#_CD4CC621A02FDE6054649B69E6DBCC41">\n<Transforms>\n<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>\n<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>\n</Transforms>\n<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>\n<DigestValue>ozqrnvN5HCJ8jxnPK8oT8U/+sHk=</DigestValue>\n</Reference>\n</SignedInfo>\n<SignatureValue>Ccne2rcykuXTgGW8QSNCANcliOvvl854uyiwPXGTGYbKfDNrFq87HNmDDizLslDY\nZVETw6TdVRi6vKlHebW0uWO9F4XRy7o4qEGiIEhLLGe1MIz+PWKqd1G1FcoQcEVG\nojZioS1BfWxcySZrU/OXftIsW929wYeXV+FsHauihGolAp5tnf+e0es5Gk2kuawy\nLBSEoWtriXRVMpEDfl1BHM61Y1uzkpmeA221e07WLDLr/KuAf4PS0px7l8YUEDz4\nA87GHekQ8ar2OiS+9unJ9DhZ+qFzLeddb6IdxHqUfWkdmAdajGffAyvfefEcm5wp\njE2b6cQPv0xh530CEFRXUw==</SignatureValue>\n<KeyInfo>\n<X509Data>\n<X509Certificate>MIIDIzCCAgugAwIBAgIJANUBoick1pDpMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV\nBAoTCkVudHJvdXZlcnQwHhcNMTAxMjE0MTUzMzAyWhcNMTEwMTEzMTUzMzAyWjAV\nMRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZn9Kqm4Cp\n06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrUH8QT8NGh\nABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59xihSqsoFr\nkmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9Hri8JRdXi\nVT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziazZfvvw/VG\nTm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABo3YwdDAdBgNVHQ4EFgQUeF8ePnu0\nfcAK50iBQDgAhHkOu8kwRQYDVR0jBD4wPIAUeF8ePnu0fcAK50iBQDgAhHkOu8mh\nGaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQDVAaInJNaQ6TAMBgNVHRMEBTAD\nAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAy8l3GhUtpPHx0FxzbRHVaaUSgMwYKGPhE\nIdGhqekKUJIx8et4xpEMFBl5XQjBNq/mp5vO3SPb2h2PVSks7xWnG3cvEkqJSOeo\nfEEhkqnM45b2MH1S5uxp4i8UilPG6kmQiXU2rEUBdRk9xnRWos7epVivTSIv1Ncp\nlG6l41SXp6YgIb2ToT+rOKdIGIQuGDlzeR88fDxWEU0vEujZv/v1PE1YOV0xKjTT\nJumlBc6IViKhJeo1wiBBrVRIIkKKevHKQzteK8pWm9CYWculxT26TZ4VWzGbo06j\no2zbumirrLLqnt1gmBDvDvlOwC/zAAyL4chbz66eQHTiIYZZvYgy</X509Certificate>\n</X509Data>\n</KeyInfo>\n</Signature>
|
||||
<samlp:Status>
|
||||
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
|
||||
</samlp:Status>
|
||||
<saml:Assertion Version="2.0" ID="_A86605DF1F9D51A8BD5EFB5F9B02A712" IssueInstant="2017-02-15T14:14:10Z">
|
||||
<saml:Issuer>http://localhost:8000/idp/saml2/metadata</saml:Issuer>
|
||||
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">\n<SignedInfo>\n<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>\n<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>\n<Reference URI="#_A86605DF1F9D51A8BD5EFB5F9B02A712">\n<Transforms>\n<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>\n<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>\n</Transforms>\n<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>\n<DigestValue>F9UyV7kkrdL45HhZmIG+qR8hqE8=</DigestValue>\n</Reference>\n</SignedInfo>\n<SignatureValue>cmFamTX6vzK0evsehNv8U7Mjz1JXdz60ZGpzEuner+xEdB8I4rISzWZBLmLQYMiU\n8IlCZYvOeaeHIwf/xStowUZy+dfjzYKMmN5OD9z9ifD5Kr6rNNS9a0Tsmu55HUvv\nD83CkGS2c8HsdpWTR3Og7ED2lVT6rsXTx+VgTJ1mzl0ONVKPSnTp8x09VgHbMFXh\nLq5Pg+5im+G0jJIcpVN3VesVzLdfP6w3CjJz5f+aMllfvRdYYSad0vyXlLUx59Al\nAsIeqFTFq3uKsVHH4yd/JZoFwrhFE4Q6Ve9UeTRw9qR+y6M+fd/cJTcvFzHjKo2A\nTEt9QYM4RpfPPy4conjGqg==</SignatureValue>\n<KeyInfo>\n<X509Data>\n<X509Certificate>MIIDIzCCAgugAwIBAgIJANUBoick1pDpMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV\nBAoTCkVudHJvdXZlcnQwHhcNMTAxMjE0MTUzMzAyWhcNMTEwMTEzMTUzMzAyWjAV\nMRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAvxFkfPdndlGgQPDZgFGXbrNAc/79PULZBuNdWFHDD9P5hNhZn9Kqm4Cp\n06Pe/A6u+g5wLnYvbZQcFCgfQAEzziJtb3J55OOlB7iMEI/T2AX2WzrUH8QT8NGh\nABONKU2Gg4XiyeXNhH5R7zdHlUwcWq3ZwNbtbY0TVc+n665EbrfV/59xihSqsoFr\nkmBLH0CoepUXtAzA7WDYn8AzusIuMx3n8844pJwgxhTB7Gjuboptlz9Hri8JRdXi\nVT9OS9Wt69ubcNoM6zuKASmtm48UuGnhj8v6XwvbjKZrL9kA+xf8ziazZfvvw/VG\nTm+IVFYB7d1x457jY5zjjXJvNysoowIDAQABo3YwdDAdBgNVHQ4EFgQUeF8ePnu0\nfcAK50iBQDgAhHkOu8kwRQYDVR0jBD4wPIAUeF8ePnu0fcAK50iBQDgAhHkOu8mh\nGaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQDVAaInJNaQ6TAMBgNVHRMEBTAD\nAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAy8l3GhUtpPHx0FxzbRHVaaUSgMwYKGPhE\nIdGhqekKUJIx8et4xpEMFBl5XQjBNq/mp5vO3SPb2h2PVSks7xWnG3cvEkqJSOeo\nfEEhkqnM45b2MH1S5uxp4i8UilPG6kmQiXU2rEUBdRk9xnRWos7epVivTSIv1Ncp\nlG6l41SXp6YgIb2ToT+rOKdIGIQuGDlzeR88fDxWEU0vEujZv/v1PE1YOV0xKjTT\nJumlBc6IViKhJeo1wiBBrVRIIkKKevHKQzteK8pWm9CYWculxT26TZ4VWzGbo06j\no2zbumirrLLqnt1gmBDvDvlOwC/zAAyL4chbz66eQHTiIYZZvYgy</X509Certificate>\n</X509Data>\n</KeyInfo>\n</Signature>
|
||||
<saml:Subject>
|
||||
<saml:NameID NameQualifier="http://localhost:8000/idp/saml2/metadata">_1E83322C6A38FF13CF515D299647E04E</saml:NameID>
|
||||
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
|
||||
<saml:SubjectConfirmationData NotOnOrAfter="2017-02-15T14:15:10.325204Z" Recipient="http://localhost:8008/accounts/mellon/login/" InResponseTo="_A79D6A8E4A93A92D65EE570ECA571BDB"/>
|
||||
</saml:SubjectConfirmation>
|
||||
</saml:Subject>
|
||||
<saml:Conditions NotBefore="2017-02-15T14:13:10.325204Z" NotOnOrAfter="2017-02-15T14:15:10.325204Z">
|
||||
<saml:AudienceRestriction>
|
||||
<saml:Audience>http://localhost:8008/accounts/mellon/metadata/</saml:Audience>
|
||||
</saml:AudienceRestriction>
|
||||
</saml:Conditions>
|
||||
<saml:AuthnStatement AuthnInstant="2017-02-15T14:14:10.325204Z" SessionIndex="_A86605DF1F9D51A8BD5EFB5F9B02A712" SessionNotOnOrAfter="2017-03-01T14:14:10Z">
|
||||
<saml:AuthnContext>
|
||||
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
|
||||
</saml:AuthnContext>
|
||||
</saml:AuthnStatement>
|
||||
<saml:AttributeStatement>
|
||||
<saml:Attribute Name="id_test" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" FriendlyName="Test ID">
|
||||
<saml:AttributeValue>2</saml:AttributeValue>
|
||||
</saml:Attribute>
|
||||
<saml:Attribute Name="lname_test" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" FriendlyName="Test Last Name">
|
||||
<saml:AttributeValue>Marillonnet</saml:AttributeValue>
|
||||
</saml:Attribute>
|
||||
<saml:Attribute Name="fname_test" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" FriendlyName="Test First Name">
|
||||
<saml:AttributeValue>Paul</saml:AttributeValue>
|
||||
</saml:Attribute>
|
||||
</saml:AttributeStatement>
|
||||
</saml:Assertion>
|
||||
</samlp:Response>
|
Reference in New Issue