works with more than one IdP
This commit is contained in:
parent
792565b1b2
commit
c79cd93d90
|
@ -5,7 +5,6 @@ import httplib
|
|||
|
||||
from quixote import get_request, get_response, redirect, get_field
|
||||
from quixote.directory import Directory
|
||||
from quixote.form import *
|
||||
from quixote.html import htmltext
|
||||
|
||||
from quixote.http_request import parse_header
|
||||
|
@ -16,19 +15,62 @@ import lasso
|
|||
|
||||
import wcs.misc
|
||||
from wcs import storage
|
||||
from wcs.form import *
|
||||
|
||||
|
||||
def html_top [html] (title = None):
|
||||
try:
|
||||
css = wcs.misc.cfg['appearance']['css']
|
||||
except KeyError:
|
||||
css = '/css/wcs.css'
|
||||
return """<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<title>%s</title>
|
||||
<link rel="stylesheet" type="text/css" href="%s"/>
|
||||
</head>
|
||||
<body>
|
||||
<div id="page">
|
||||
<div id="top">
|
||||
<h1>%s</h1>
|
||||
</div>
|
||||
<div id="main-content">""" % (title, css, title)
|
||||
|
||||
def html_foot [html] ():
|
||||
return """</div><div id="footer"><p id="lasso">Powered by Lasso</p></div></div></body></html>"""
|
||||
|
||||
|
||||
class RootDirectory(Directory):
|
||||
_q_exports = ["", "login", "assertionConsumer", "singleLogout", "soapEndpoint",
|
||||
"federationTermination", "federationTerminationReturn"]
|
||||
|
||||
def login(self):
|
||||
server = wcs.misc.get_lasso_server()
|
||||
login = lasso.Login(server)
|
||||
def login [html] (self):
|
||||
idps = wcs.misc.cfg.get('idp', {}).values()
|
||||
if len(idps) > 1:
|
||||
# XXX: form to select idp
|
||||
pass
|
||||
login.initAuthnRequest(None, lasso.HTTP_METHOD_REDIRECT)
|
||||
form = Form(enctype="multipart/form-data")
|
||||
options = []
|
||||
# XXX: use intro cookie to get value
|
||||
value = None
|
||||
for kidp, idp in wcs.misc.cfg.get('idp', {}).items():
|
||||
p = lasso.Provider(lasso.PROVIDER_ROLE_IDP, idp['metadata'], idp['publickey'], None)
|
||||
options.append((p.providerId, wcs.misc.get_provider_label(p)))
|
||||
if not value:
|
||||
value = p.providerId
|
||||
form.add(RadiobuttonsWidget, 'idp', value = value, options = options, delim = "<br/>")
|
||||
form.add_submit("submit", _("Submit"))
|
||||
if not form.is_submitted() or form.has_errors():
|
||||
html_top(_('Login'))
|
||||
'<p>%s</p>' % _('Select the identity provider you want to use.')
|
||||
form.render()
|
||||
html_foot()
|
||||
else:
|
||||
return self.perform_login(form.get_widget('idp').parse())
|
||||
else:
|
||||
return self.perform_login()
|
||||
|
||||
def perform_login(self, idp = None):
|
||||
server = wcs.misc.get_lasso_server()
|
||||
login = lasso.Login(server)
|
||||
login.initAuthnRequest(idp, lasso.HTTP_METHOD_REDIRECT)
|
||||
login.request.nameIdPolicy = "federated"
|
||||
login.request.forceAuthn = False
|
||||
login.request.isPassive = False
|
||||
|
|
Loading…
Reference in New Issue