Fixed RP3 errors
This commit is contained in:
parent
4d5d75d776
commit
7e095f658b
|
@ -1,21 +1,23 @@
|
|||
PORT = 8666
|
||||
#BASE = "http://lingon.catalogix.se:" + str(PORT) + "/"
|
||||
#BASE = "http://hashog.umdc.umu.se:" + str(PORT) + "/"
|
||||
#BASE = "https://lingon.ladok.umu.se:" + str(PORT) + "/"
|
||||
BASE = "http://localhost:" + str(PORT) + "/"
|
||||
|
||||
# If BASE is https these has to be specified
|
||||
SERVER_KEY = ''
|
||||
SERVER_CERT = ''
|
||||
SERVER_CERT = "certs/server.crt"
|
||||
SERVER_KEY = "certs/server.key"
|
||||
CA_BUNDLE = None
|
||||
|
||||
VERIFY_SSL = False
|
||||
|
||||
# information used when registering the client, this may be the same for all OPs
|
||||
|
||||
ME = {
|
||||
"application_type": "web",
|
||||
"application_name": "idpproxy",
|
||||
"contacts": ["ops@example.com"],
|
||||
"redirect_uris": ["%sauthz_cb" % BASE],
|
||||
"post_logout_redirect_uris": ["%slogout" % BASE]
|
||||
"post_logout_redirect_uris": ["%slogout" % BASE],
|
||||
"response_types": ["code"]
|
||||
}
|
||||
|
||||
BEHAVIOUR = {
|
||||
|
@ -25,7 +27,7 @@ BEHAVIOUR = {
|
|||
|
||||
ACR_VALUES = ["SAML"]
|
||||
|
||||
# The keys in this dictionary are the OPs short user friendly name
|
||||
# The keys in this dictionary are the OPs short userfriendly name
|
||||
# not the issuer (iss) name.
|
||||
|
||||
CLIENTS = {
|
||||
|
@ -36,59 +38,33 @@ CLIENTS = {
|
|||
"client_info": ME,
|
||||
"behaviour": BEHAVIOUR
|
||||
},
|
||||
# # No webfinger support, but OP information lookup and client registration
|
||||
# "xenosmilus": {
|
||||
# "srv_discovery_url": "https://xenosmilus2.umdc.umu.se:8091/",
|
||||
#"oictest": {
|
||||
# "srv_discovery_url": "https://oictest.umdc.umu.se:8085/",
|
||||
# "client_info": ME,
|
||||
# "behaviour": BEHAVIOUR
|
||||
#},
|
||||
# "lingon": {
|
||||
# "srv_discovery_url": "https://lingon.ladok.umu.se:8092/",
|
||||
# "client_info": ME,
|
||||
# "behaviour": BEHAVIOUR
|
||||
# "behaviour": BEHAVIOUR,
|
||||
# "verify_ssl": False
|
||||
# },
|
||||
# # Supports OP information lookup but not client registration
|
||||
# "op.example.org": {
|
||||
# "srv_discovery_url": "https://example.org/op/discovery_endpoint",
|
||||
# Supports OP information lookup but not client registration
|
||||
# "google": {
|
||||
# "srv_discovery_url": "https://accounts.google.com/",
|
||||
# "client_registration": {
|
||||
# "client_id": "abcdefgh",
|
||||
# "client_secret": "123456789",
|
||||
# "redirect_uris": ["https://rp.example.com/authn_cb"],
|
||||
# "token_endpoint_auth_method": "client_secret_post",
|
||||
# }
|
||||
# },
|
||||
# # Does not support OP information lookup but dynamic client registration
|
||||
# "noop.example.com": {
|
||||
# "provider_info": {
|
||||
# "issuer": "",
|
||||
# "authorization_endpoint": "",
|
||||
# "token_endpoint": "",
|
||||
# "userinfo_endpoint": "",
|
||||
# "registration_endpoint": "",
|
||||
# "jwks_uri": "",
|
||||
# "scopes_supported": "",
|
||||
# "response_types_supported": "",
|
||||
# "subject_types_supported": "",
|
||||
# "id_token_signing_alg_values_supported": "",
|
||||
# "claims_supported": "",
|
||||
# "client_id": "xxxxxxxxx.apps.googleusercontent.com",
|
||||
# "client_secret": "2222222222",
|
||||
# "redirect_uris": ["%s/google" % BASE],
|
||||
# },
|
||||
# "client_info": ME,
|
||||
# },
|
||||
# # Does not support any dynamic functionality
|
||||
# "nodyn.example.com": {
|
||||
# "provider_info": {
|
||||
# "issuer": "",
|
||||
# "authorization_endpoint": "",
|
||||
# "token_endpoint": "",
|
||||
# "userinfo_endpoint": "",
|
||||
# "registration_endpoint": "",
|
||||
# "jwks_uri": "",
|
||||
# "scopes_supported": "",
|
||||
# "response_types_supported": "",
|
||||
# "subject_types_supported": "",
|
||||
# "id_token_signing_alg_values_supported": "",
|
||||
# "claims_supported": "",
|
||||
# "behaviour": {
|
||||
# "response_type": "code",
|
||||
# "scope": ["openid",
|
||||
# "https://www.googleapis.com/auth/userinfo.profile",
|
||||
# "https://www.googleapis.com/auth/userinfo.email"]
|
||||
# },
|
||||
# "client_registration": {
|
||||
# "client_id": "abcdefg",
|
||||
# "client_secret": "123456789",
|
||||
# "redirect_uris": ["https://rp.example.com/authn_cb"],
|
||||
# "token_endpoint_auth_method": "client_secret_post",
|
||||
# "allow": {
|
||||
# "issuer_mismatch": True
|
||||
# }
|
||||
# },
|
||||
# }
|
||||
}
|
|
@ -1,13 +1,11 @@
|
|||
<%!
|
||||
def op_choice(op_list):
|
||||
"""
|
||||
Creates a dropdown list of OpenID Connect providers
|
||||
"""
|
||||
element = "<select name=\"op\">"
|
||||
for name in op_list:
|
||||
element += "<option value=\"%s\">%s</option>" % (name, name)
|
||||
element += "</select>"
|
||||
return element
|
||||
#Creates a dropdown list of OpenID Connect providers
|
||||
element = "<select name=\"op\">"
|
||||
for name in op_list:
|
||||
element += "<option value=\"%s\">%s</option>" % (name, name)
|
||||
element += "</select>"
|
||||
return element
|
||||
%>
|
||||
|
||||
<!DOCTYPE html>
|
||||
|
|
|
@ -1,41 +1,41 @@
|
|||
<!DOCTYPE html>
|
||||
|
||||
<%!
|
||||
import htmlentitydefs
|
||||
import re, string
|
||||
<%!
|
||||
import htmlentitydefs
|
||||
import re, string
|
||||
|
||||
# this pattern matches substrings of reserved and non-ASCII characters
|
||||
pattern = re.compile(r"[&<>\"\x80-\xff]+")
|
||||
# this pattern matches substrings of reserved and non-ASCII characters
|
||||
pattern = re.compile(r"[&<>\"\x80-\xff]+")
|
||||
|
||||
# create character map
|
||||
entity_map = {}
|
||||
# create character map
|
||||
entity_map = {}
|
||||
|
||||
for i in range(256):
|
||||
for i in range(256):
|
||||
entity_map[chr(i)] = "&#%d;" % i
|
||||
|
||||
for entity, char in htmlentitydefs.entitydefs.items():
|
||||
for entity, char in htmlentitydefs.entitydefs.items():
|
||||
if entity_map.has_key(char):
|
||||
entity_map[char] = "&%s;" % entity
|
||||
|
||||
def escape_entity(m, get=entity_map.get):
|
||||
def escape_entity(m, get=entity_map.get):
|
||||
return string.join(map(get, m.group()), "")
|
||||
|
||||
def escape(string):
|
||||
def escape(string):
|
||||
return pattern.sub(escape_entity, string)
|
||||
|
||||
def create_result(userinfo):
|
||||
"""
|
||||
Creates a display of user information.
|
||||
"""
|
||||
element = "<p>You have successfully authenticated!</p>"
|
||||
def create_result(userinfo):
|
||||
"""
|
||||
Creates a display of user information.
|
||||
"""
|
||||
element = "<p>You have successfully authenticated!</p>"
|
||||
|
||||
for key, value in userinfo.items():
|
||||
element += "<div class='row'>"
|
||||
element += "<div class='col-md-3'>" + escape(unicode(key).encode("utf-8")) + "</div>"
|
||||
element += "<div class='col-md-7'>" + escape(unicode(value).encode("utf-8")) + "</div>"
|
||||
element += "</div>"
|
||||
return element
|
||||
%>
|
||||
for key, value in userinfo.items():
|
||||
element += "<div class='row'>"
|
||||
element += "<div class='col-md-3'>" + escape(unicode(key).encode("utf-8")) + "</div>"
|
||||
element += "<div class='col-md-7'>" + escape(unicode(value).encode("utf-8")) + "</div>"
|
||||
element += "</div>"
|
||||
return element
|
||||
%>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
|
|
|
@ -22,7 +22,7 @@ class Client(oic.Client):
|
|||
def __init__(self, client_id=None, ca_certs=None,
|
||||
client_prefs=None, client_authn_method=None, keyjar=None,
|
||||
verify_ssl=True, behaviour=None):
|
||||
super(Client, self).__init__(self, client_id, ca_certs, client_prefs,
|
||||
oic.Client.__init__(self, client_id, ca_certs, client_prefs,
|
||||
client_authn_method, keyjar, verify_ssl)
|
||||
if behaviour:
|
||||
self.behaviour = behaviour
|
||||
|
|
Reference in New Issue