arcopole: add association templates and fix reverse proxy

This commit is contained in:
Jérôme Schneider 2014-09-03 12:37:02 +02:00
parent b3f62b5d43
commit 539b209721
6 changed files with 366 additions and 44 deletions

View File

@ -2,7 +2,7 @@
"site_name": "arcopole",
"server_name": ["arco.local:8000"],
"location": "/",
"target": "http://arcopole.local",
"target": "http://srvsirstest.cud.local",
"mapper": "arcopole",
"auth_type": "saml2_arcopole",
"saml2_idp_metadata": "http://authentic.local/idp/saml2/metadata",

View File

@ -163,7 +163,8 @@ session_opts = {
'session.url': config.get('session', 'url'),
'session.cookie_expires': config.getboolean('session', 'cookie_expires'),
'session.timeout': config.getint('session', 'timeout'),
'session.data_dir': config.get('session', 'data_dir')
'session.data_dir': config.get('session', 'data_dir'),
'session.path': '/'
}
# Import local config

View File

@ -1,7 +1,7 @@
from mandaye.template import serve_template
class ReplayFilter:
class ArcopoleFilter:
@staticmethod
def associate(env, values, request, response):

View File

@ -21,10 +21,11 @@ login_url, form_attrs, post_fields and username_field are obligatory
* mapping
"""
from mandaye_cud.filters.example import ReplayFilter
from mandaye_cud.filters.cud import ArcopoleFilter
from mandaye.filters.default import MandayeFilter
form_values = {
'login_url': '/studio/accueil',
'login_url': '/studio/accueil?callback=mamaman',
'form_attrs': { 'id': 'login-form' },
'post_fields': ['username', 'password'],
'username_field': 'username',
@ -32,13 +33,20 @@ form_values = {
}
urls = {
'associate_url': '/mandaye/associate',
'associate_url': '/studio/mandayeassociate',
'connection_url': '/mandaye/sso',
'disassociate_url': '/mandaye/disassociate',
'login_url': '/mandaye/login'
}
mapping = [
{
'path': r'/',
'on_response': [{
'filter': MandayeFilter.fix_response_abs_url,
'content-types': ['application/x-javascript', 'text/html', 'application/xml'],
}]
},
{
'path': r'/mandaye/login$',
'method': 'GET',
@ -58,21 +66,23 @@ mapping = [
'response': {'auth': 'slo',}
},
{
'path': r'/mandaye/associate$',
'path': r'/studio/mandayeassociate$',
'method': 'GET',
'target': '/studio/accueil',
'on_response': [{
'filter': ReplayFilter.associate,
'filter': ArcopoleFilter.associate,
'values': {
'action': urls['associate_url'],
'template': 'associate.html',
'template': 'arcopole/associate.html',
'sp_name': 'Arcopole',
'login_name': form_values['username_field'],
'password_name': form_values['password_field'],
},
},]
},
{
'path': r'/mandaye/associate$',
'path': r'/studio/mandayeassociate$',
'method': 'POST',
'response': {
'auth': 'associate_submit',

View File

@ -0,0 +1,345 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Association</title>
<link href="favicon.ico" rel="shortcut icon">
<link href="./css/accueil.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="js/jquery-1.7.2.min.js"></script>
<script type="text/javascript" src="js/jquery-ui-1.8.19.custom.min.js"></script>
<script type="text/javascript" src="js/jquery.validate.min.js"></script>
<script type="text/javascript" src="js/jquery.base64.min.js"></script>
<script type="text/javascript" src="js/jquery.tools.min.js"></script>
<script type="text/javascript" src="js/functions.js"></script>
<script type="text/javascript" src="js/jquery.pngfix.js"></script>
<script type="text/javascript">
/**
* JQuery init function
*/
$(function() {
// Dialog
$('#login-box').dialog({
autoOpen : true,
width : 380,
modal : true,
resizable: false,
buttons : {
"Associer son compte" : function() {
$('#login-form').submit();
return false;
}
}
});
// hide the original submit button if javascript is active
$('#login-box form input[type=submit]').hide();
// register a click handler on checkboxes text
// add automatic check on username when checking password
$('#mem-user').click(function() {
if ($('#chbx-mem-user').attr('checked')) {
$('#chbx-mem-user').attr('checked', true);
} else {
$('#chbx-mem-user').attr('checked', false);
$('#chbx-mem-pass').attr('checked', false);
}
});
$('#mem-pass').click(function() {
if ($('#chbx-mem-pass').attr('checked')) {
$('#chbx-mem-pass').attr('checked', true);
$('#chbx-mem-user').attr('checked', true);
} else {
$('#chbx-mem-pass').attr('checked', false);
}
});
// register a submit handler to submit the form asynchronously
$('#login-form')
.submit(
function() {
//alert($('#password-clair').val()
// + " => "
// + $.base64.encode($('#password-clair')
// .val()));
// copie du username dans le formulaire envoyé
$('#username').val(
$.trim($('#username-clair').val()));
// idem password avec encodage base64
$('#password').val(
$.base64.encode($.trim($('#password-clair')
.val())));
// copie des valeurs de check box
if ($('#chbx-mem-user').attr('checked')) {
$('#mem-username').val("1");
} else {
$('#mem-username').val("");
}
if ($('#chbx-mem-pass').attr('checked')) {
$('#mem-password').val("1");
} else {
$('#mem-password').val("");
}
// clear error div
$("#login-box-error").html("");
$("#login-box-error").hide();
// calling serialize() on a form transforms form inputs to a string suitable for $.get and $.post
$.post($(this).attr('action'),
$(this).serialize(),
resultOfLoginAttempt, "jsonp")
.error( function() {
alert("Error à l'exécution de la reqûete d'authentification (AJAX)");
});
return false;
});
$('#user-box form')
.submit(
function() {
$.post($(this).attr('action'), $(this).serialize(),
resultOfLogoutAttempt, "jsonp")
.error(
function() {
alert("Error à l'exécution de la reqûete de déconnexion (AJAX)");
});
return false;
});
// register a keypress handler
$('#login-box form').find('input').keypress(function(e) {
if ((e.which && e.which == 13) || (e.keyCode && e.keyCode == 13)) {
$('#login-form').submit();
return false;
}
});
// Dialog Link
$('#dialog_link').click(function() {
$('#login-box').dialog('open');
return false;
});
// Logout link
$('#logout_link').click(function() {
$('#user-box form').submit();
return false;
});
// image de chargment ajax en cours
$('#loadingDiv').hide() // hide it initially
.ajaxStart(function() {
$(this).show();
}).ajaxStop(function() {
$(this).hide();
});
$('#masque').validate();
// un appid a ete fourni, afficahge du masque de connexion
});
/*
* handle login :
* succes affichage du username du formulaire dans la zone info
*/
function resultOfLoginAttempt(data) {
if (data.error != null) {
//alert("C'est bien un erreur d'authntification");
$("#login-box-error").html(data.error);
$("#login-box-error").show();
} else {
$('#userinfo-username').html($.trim($('#username-clair').val()));
$("#userinfo").show();
$("#connect").hide();
$('#login-box').dialog("close");
majApplications();
}
}
/**
* handle logout action
*/
function resultOfLogoutAttempt(data) {
if (data.error != null) {
alert(data.error);
} else {
$("#userinfo").hide();
$('#userinfo-username').html("");
$("#connect").show();
$('#login-box').dialog("close");
majApplications();
}
}
/**
* requete ajax de maj de la liste des applications de l'utilisateur en session
* la servlet retourne les appli public en l'absence de session
*/
function majApplications() {
$.ajax({
type : "POST",
url : "apps",
dataType : "text"
}).done(function(data) {
$('#arcopole-app').html("");
$('#arcopole-app').html(data);
var $spans = $('li');
var n = $('#arcopole-app').find($spans).length;
// User messages
var msgStart = "<span style=\"text-align: center; line-height:10em;\"><h5>";
var msgEnd ="</h5></span>";
if (n == 0)
{
if ($('#userinfo-username').html() == "")
{
$('#arcopole-app').html(msgStart + "Aucune application accessible, veuillez vous connecter" + msgEnd);
}
else
{
$('#arcopole-app').html(msgStart + "Aucune application disponible" + msgEnd);
}
}
// un appid a ete fourni ? et l'authentification n'est pas requise ?
// attention un mix de jsp (server) et javascript ( client )!!!
// a moins d'une redirection vers cet accueil depuis une appli lancé:
// sinon y a t il une seule application pour un utilisateur
// authentifié
if( $('#userinfo-username').html() != "" ) {
if( n == 1 ) {
$('#arcopole-app a').click();
} else {
// si le studio est la: click = lancement
$('#TFA').click();
}
}
});
}
/**
* requete ajax de maj de la liste des applications de l'utilisateur en session
* la servlet retourne les appli public en l'absence de session
*/
function majUserInfo() {
$.ajax({
type : "POST",
url : "orion/userinfo?token=__session_token",
dataType : "json"
}).done(function(data) {
if (data.username != "anonymous") {
$("#userinfo").show();
$("#connect").hide();
$('#userinfo-username').html(data.username);
} else {
$("#userinfo").hide();
$("#connect").show();
$('#userinfo-username').html("");
}
majApplications();
}).fail(function(jqXHR, textStatus){
$("#userinfo").hide();
$("#connect").show();
$('#userinfo-username').html("");
majApplications();
});
}
/**
* Fin chargement de la page:
* -> verification du username => source servlet session
* -> maj des applications : correlation entre app affichées et user en session
* => anonymous si pas de session
*/
function load() {
majUserInfo();
}
</script>
</head>
<body onload="javascript:load();">
<div class="contener">
<div class="content_gauche">
<div class="logo">
<img src="img/v_avatar.jpg" title="Votre logo ici" alt="esri France" />
</div>
<div class="welcome">
<h4>Bienvenue <span id="userinfo-username" style="word-wrap: break-word;"></span></h4>
<p><!--Message accueil ArcOpole--></p>
</div>
<div id="user-box">
<div id="userinfo">
<div id="userinfo-username-old"></div>
<form action="login">
<input id="logout" name="action" type="hidden" value="logout" />
</form>
<p>
<a href="#" id="logout_link" class="b_deconnecter" title="Se déconnecter à arcOpole Studio" alt="Se déconnecter"></a>
</p>
</div>
</div>
</div>
<!-- VERSION -->
<div id="version">
arcOpole Studio v3.2.0.1
</div>
<!-- APPS -->
<div id="arcopole-app" class="content_center"></div>
</div>
<div id="loadingDiv" style="display: none">
<img src="./img/loading.gif" alt="Loader" />
<!-- &nbsp;Patientez... -->
</div>
<!-- ui-dialog -->
<div id="login-box" title="Associer arcOpole Studio">
<form id="masque">
<p>Veuillez saisir votre identifiant et votre mot de
passe afin de les associer avec votre compte partenaire.</p>
<div id="login-box-error" class="authent-error"></div>
<div id="login-box-name">Utilisateur:</div>
<div id="login-box-field">
<input id="username-clair" class="form-login required"
value=""
size="30" maxlength="132" /> <label for="username-clair"
class="error">Ce champ est obligatoire.</label>
</div>
<div id="login-box-name">Mot de passe:</div>
<div id="login-box-field">
<input id="password-clair" type="password"
class="form-login required"
value=""
size="30" maxlength="132" /> <label for="password-clair"
class="error">Ce champ est obligatoire.</label>
</div>
</form>
</div>
<form id="login-form" action=".">
<input id="login" name="action" type="hidden" value="login" /> <input
id="username" name="username" type="hidden" value="" /> <input
id="password" name="password" type="hidden" value="" /> <input
id="mem-username" type="hidden" name="mem-username" value="" /> <input
id="mem-password" type="hidden" name="mem-password" value="" />
</form>
</body>
</html>

View File

@ -1,34 +0,0 @@
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head>
<link rel="stylesheet" href="${static_url}/css/style.css" />
<title>1er connexion</title>
</head>
<body>
<div id="wrap">
<div id="header">
<h1>Première connexion</h1>
<span>Associer un compte</span>
</div>
<div id="splash"></div>
<div id="content">
<h1>Association</h1>
<p>Associer ${sp_name} avec votre compte citoyen</p>
<form action="${action}" method="post" accept-charset="utf-8">
<div>
<label for="username">Utilisateur</label>
<input type="text" name="${login_name}" value="" id="username" />
</div>
<div>
<label for="password">Mot de passe</label>
<input type="password" name="${password_name}" value="" id="password" />
</div>
<p><input type="submit" value="Associer"></p>
</form>
</div>
<div id="footer">
Copyright &copy; 2014 Entr'ouvert
</div>
</div>
</body>
</html>