arcopole: add association templates and fix reverse proxy
This commit is contained in:
parent
b3f62b5d43
commit
539b209721
|
@ -2,7 +2,7 @@
|
|||
"site_name": "arcopole",
|
||||
"server_name": ["arco.local:8000"],
|
||||
"location": "/",
|
||||
"target": "http://arcopole.local",
|
||||
"target": "http://srvsirstest.cud.local",
|
||||
"mapper": "arcopole",
|
||||
"auth_type": "saml2_arcopole",
|
||||
"saml2_idp_metadata": "http://authentic.local/idp/saml2/metadata",
|
||||
|
|
|
@ -163,7 +163,8 @@ session_opts = {
|
|||
'session.url': config.get('session', 'url'),
|
||||
'session.cookie_expires': config.getboolean('session', 'cookie_expires'),
|
||||
'session.timeout': config.getint('session', 'timeout'),
|
||||
'session.data_dir': config.get('session', 'data_dir')
|
||||
'session.data_dir': config.get('session', 'data_dir'),
|
||||
'session.path': '/'
|
||||
}
|
||||
|
||||
# Import local config
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
|
||||
from mandaye.template import serve_template
|
||||
|
||||
class ReplayFilter:
|
||||
class ArcopoleFilter:
|
||||
|
||||
@staticmethod
|
||||
def associate(env, values, request, response):
|
|
@ -21,10 +21,11 @@ login_url, form_attrs, post_fields and username_field are obligatory
|
|||
* mapping
|
||||
"""
|
||||
|
||||
from mandaye_cud.filters.example import ReplayFilter
|
||||
from mandaye_cud.filters.cud import ArcopoleFilter
|
||||
from mandaye.filters.default import MandayeFilter
|
||||
|
||||
form_values = {
|
||||
'login_url': '/studio/accueil',
|
||||
'login_url': '/studio/accueil?callback=mamaman',
|
||||
'form_attrs': { 'id': 'login-form' },
|
||||
'post_fields': ['username', 'password'],
|
||||
'username_field': 'username',
|
||||
|
@ -32,13 +33,20 @@ form_values = {
|
|||
}
|
||||
|
||||
urls = {
|
||||
'associate_url': '/mandaye/associate',
|
||||
'associate_url': '/studio/mandayeassociate',
|
||||
'connection_url': '/mandaye/sso',
|
||||
'disassociate_url': '/mandaye/disassociate',
|
||||
'login_url': '/mandaye/login'
|
||||
}
|
||||
|
||||
mapping = [
|
||||
{
|
||||
'path': r'/',
|
||||
'on_response': [{
|
||||
'filter': MandayeFilter.fix_response_abs_url,
|
||||
'content-types': ['application/x-javascript', 'text/html', 'application/xml'],
|
||||
}]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/login$',
|
||||
'method': 'GET',
|
||||
|
@ -58,21 +66,23 @@ mapping = [
|
|||
'response': {'auth': 'slo',}
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/associate$',
|
||||
'path': r'/studio/mandayeassociate$',
|
||||
'method': 'GET',
|
||||
'target': '/studio/accueil',
|
||||
'on_response': [{
|
||||
'filter': ReplayFilter.associate,
|
||||
'filter': ArcopoleFilter.associate,
|
||||
'values': {
|
||||
'action': urls['associate_url'],
|
||||
'template': 'associate.html',
|
||||
'template': 'arcopole/associate.html',
|
||||
'sp_name': 'Arcopole',
|
||||
'login_name': form_values['username_field'],
|
||||
'password_name': form_values['password_field'],
|
||||
},
|
||||
|
||||
},]
|
||||
},
|
||||
{
|
||||
'path': r'/mandaye/associate$',
|
||||
'path': r'/studio/mandayeassociate$',
|
||||
'method': 'POST',
|
||||
'response': {
|
||||
'auth': 'associate_submit',
|
||||
|
|
|
@ -0,0 +1,345 @@
|
|||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
|
||||
<title>Association</title>
|
||||
|
||||
<link href="favicon.ico" rel="shortcut icon">
|
||||
<link href="./css/accueil.css" rel="stylesheet" type="text/css" />
|
||||
|
||||
<script type="text/javascript" src="js/jquery-1.7.2.min.js"></script>
|
||||
<script type="text/javascript" src="js/jquery-ui-1.8.19.custom.min.js"></script>
|
||||
<script type="text/javascript" src="js/jquery.validate.min.js"></script>
|
||||
<script type="text/javascript" src="js/jquery.base64.min.js"></script>
|
||||
|
||||
<script type="text/javascript" src="js/jquery.tools.min.js"></script>
|
||||
<script type="text/javascript" src="js/functions.js"></script>
|
||||
<script type="text/javascript" src="js/jquery.pngfix.js"></script>
|
||||
|
||||
<script type="text/javascript">
|
||||
/**
|
||||
* JQuery init function
|
||||
*/
|
||||
$(function() {
|
||||
// Dialog
|
||||
$('#login-box').dialog({
|
||||
autoOpen : true,
|
||||
width : 380,
|
||||
modal : true,
|
||||
resizable: false,
|
||||
buttons : {
|
||||
"Associer son compte" : function() {
|
||||
$('#login-form').submit();
|
||||
return false;
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
// hide the original submit button if javascript is active
|
||||
$('#login-box form input[type=submit]').hide();
|
||||
|
||||
// register a click handler on checkboxes text
|
||||
// add automatic check on username when checking password
|
||||
$('#mem-user').click(function() {
|
||||
if ($('#chbx-mem-user').attr('checked')) {
|
||||
$('#chbx-mem-user').attr('checked', true);
|
||||
} else {
|
||||
$('#chbx-mem-user').attr('checked', false);
|
||||
$('#chbx-mem-pass').attr('checked', false);
|
||||
}
|
||||
});
|
||||
$('#mem-pass').click(function() {
|
||||
if ($('#chbx-mem-pass').attr('checked')) {
|
||||
$('#chbx-mem-pass').attr('checked', true);
|
||||
$('#chbx-mem-user').attr('checked', true);
|
||||
} else {
|
||||
$('#chbx-mem-pass').attr('checked', false);
|
||||
}
|
||||
});
|
||||
|
||||
// register a submit handler to submit the form asynchronously
|
||||
$('#login-form')
|
||||
.submit(
|
||||
function() {
|
||||
//alert($('#password-clair').val()
|
||||
// + " => "
|
||||
// + $.base64.encode($('#password-clair')
|
||||
// .val()));
|
||||
// copie du username dans le formulaire envoyé
|
||||
$('#username').val(
|
||||
$.trim($('#username-clair').val()));
|
||||
// idem password avec encodage base64
|
||||
$('#password').val(
|
||||
$.base64.encode($.trim($('#password-clair')
|
||||
.val())));
|
||||
// copie des valeurs de check box
|
||||
if ($('#chbx-mem-user').attr('checked')) {
|
||||
$('#mem-username').val("1");
|
||||
} else {
|
||||
$('#mem-username').val("");
|
||||
}
|
||||
if ($('#chbx-mem-pass').attr('checked')) {
|
||||
$('#mem-password').val("1");
|
||||
} else {
|
||||
$('#mem-password').val("");
|
||||
}
|
||||
|
||||
// clear error div
|
||||
$("#login-box-error").html("");
|
||||
$("#login-box-error").hide();
|
||||
// calling serialize() on a form transforms form inputs to a string suitable for $.get and $.post
|
||||
$.post($(this).attr('action'),
|
||||
$(this).serialize(),
|
||||
resultOfLoginAttempt, "jsonp")
|
||||
.error( function() {
|
||||
alert("Error à l'exécution de la reqûete d'authentification (AJAX)");
|
||||
});
|
||||
return false;
|
||||
});
|
||||
|
||||
$('#user-box form')
|
||||
.submit(
|
||||
function() {
|
||||
$.post($(this).attr('action'), $(this).serialize(),
|
||||
resultOfLogoutAttempt, "jsonp")
|
||||
.error(
|
||||
function() {
|
||||
alert("Error à l'exécution de la reqûete de déconnexion (AJAX)");
|
||||
});
|
||||
return false;
|
||||
});
|
||||
|
||||
// register a keypress handler
|
||||
$('#login-box form').find('input').keypress(function(e) {
|
||||
if ((e.which && e.which == 13) || (e.keyCode && e.keyCode == 13)) {
|
||||
$('#login-form').submit();
|
||||
return false;
|
||||
}
|
||||
});
|
||||
|
||||
// Dialog Link
|
||||
$('#dialog_link').click(function() {
|
||||
$('#login-box').dialog('open');
|
||||
return false;
|
||||
});
|
||||
|
||||
// Logout link
|
||||
$('#logout_link').click(function() {
|
||||
$('#user-box form').submit();
|
||||
return false;
|
||||
});
|
||||
|
||||
// image de chargment ajax en cours
|
||||
$('#loadingDiv').hide() // hide it initially
|
||||
.ajaxStart(function() {
|
||||
$(this).show();
|
||||
}).ajaxStop(function() {
|
||||
$(this).hide();
|
||||
});
|
||||
|
||||
$('#masque').validate();
|
||||
|
||||
// un appid a ete fourni, afficahge du masque de connexion
|
||||
|
||||
});
|
||||
|
||||
/*
|
||||
* handle login :
|
||||
* succes affichage du username du formulaire dans la zone info
|
||||
*/
|
||||
function resultOfLoginAttempt(data) {
|
||||
if (data.error != null) {
|
||||
//alert("C'est bien un erreur d'authntification");
|
||||
$("#login-box-error").html(data.error);
|
||||
$("#login-box-error").show();
|
||||
} else {
|
||||
$('#userinfo-username').html($.trim($('#username-clair').val()));
|
||||
$("#userinfo").show();
|
||||
$("#connect").hide();
|
||||
$('#login-box').dialog("close");
|
||||
majApplications();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* handle logout action
|
||||
*/
|
||||
function resultOfLogoutAttempt(data) {
|
||||
if (data.error != null) {
|
||||
alert(data.error);
|
||||
} else {
|
||||
$("#userinfo").hide();
|
||||
$('#userinfo-username').html("");
|
||||
$("#connect").show();
|
||||
$('#login-box').dialog("close");
|
||||
majApplications();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* requete ajax de maj de la liste des applications de l'utilisateur en session
|
||||
* la servlet retourne les appli public en l'absence de session
|
||||
*/
|
||||
function majApplications() {
|
||||
$.ajax({
|
||||
type : "POST",
|
||||
url : "apps",
|
||||
dataType : "text"
|
||||
|
||||
}).done(function(data) {
|
||||
$('#arcopole-app').html("");
|
||||
$('#arcopole-app').html(data);
|
||||
|
||||
var $spans = $('li');
|
||||
var n = $('#arcopole-app').find($spans).length;
|
||||
|
||||
// User messages
|
||||
var msgStart = "<span style=\"text-align: center; line-height:10em;\"><h5>";
|
||||
var msgEnd ="</h5></span>";
|
||||
if (n == 0)
|
||||
{
|
||||
if ($('#userinfo-username').html() == "")
|
||||
{
|
||||
$('#arcopole-app').html(msgStart + "Aucune application accessible, veuillez vous connecter" + msgEnd);
|
||||
}
|
||||
else
|
||||
{
|
||||
$('#arcopole-app').html(msgStart + "Aucune application disponible" + msgEnd);
|
||||
}
|
||||
}
|
||||
|
||||
// un appid a ete fourni ? et l'authentification n'est pas requise ?
|
||||
// attention un mix de jsp (server) et javascript ( client )!!!
|
||||
|
||||
|
||||
// a moins d'une redirection vers cet accueil depuis une appli lancé:
|
||||
|
||||
// sinon y a t il une seule application pour un utilisateur
|
||||
// authentifié
|
||||
if( $('#userinfo-username').html() != "" ) {
|
||||
if( n == 1 ) {
|
||||
$('#arcopole-app a').click();
|
||||
} else {
|
||||
// si le studio est la: click = lancement
|
||||
$('#TFA').click();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* requete ajax de maj de la liste des applications de l'utilisateur en session
|
||||
* la servlet retourne les appli public en l'absence de session
|
||||
*/
|
||||
function majUserInfo() {
|
||||
$.ajax({
|
||||
type : "POST",
|
||||
url : "orion/userinfo?token=__session_token",
|
||||
dataType : "json"
|
||||
}).done(function(data) {
|
||||
if (data.username != "anonymous") {
|
||||
$("#userinfo").show();
|
||||
$("#connect").hide();
|
||||
$('#userinfo-username').html(data.username);
|
||||
} else {
|
||||
$("#userinfo").hide();
|
||||
$("#connect").show();
|
||||
$('#userinfo-username').html("");
|
||||
}
|
||||
majApplications();
|
||||
}).fail(function(jqXHR, textStatus){
|
||||
$("#userinfo").hide();
|
||||
$("#connect").show();
|
||||
$('#userinfo-username').html("");
|
||||
majApplications();
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Fin chargement de la page:
|
||||
* -> verification du username => source servlet session
|
||||
* -> maj des applications : correlation entre app affichées et user en session
|
||||
* => anonymous si pas de session
|
||||
*/
|
||||
function load() {
|
||||
majUserInfo();
|
||||
}
|
||||
</script>
|
||||
</head>
|
||||
<body onload="javascript:load();">
|
||||
|
||||
<div class="contener">
|
||||
<div class="content_gauche">
|
||||
<div class="logo">
|
||||
<img src="img/v_avatar.jpg" title="Votre logo ici" alt="esri France" />
|
||||
</div>
|
||||
<div class="welcome">
|
||||
<h4>Bienvenue <span id="userinfo-username" style="word-wrap: break-word;"></span></h4>
|
||||
<p><!--Message accueil ArcOpole--></p>
|
||||
</div>
|
||||
|
||||
<div id="user-box">
|
||||
<div id="userinfo">
|
||||
<div id="userinfo-username-old"></div>
|
||||
<form action="login">
|
||||
<input id="logout" name="action" type="hidden" value="logout" />
|
||||
</form>
|
||||
<p>
|
||||
<a href="#" id="logout_link" class="b_deconnecter" title="Se déconnecter à arcOpole Studio" alt="Se déconnecter"></a>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- VERSION -->
|
||||
<div id="version">
|
||||
arcOpole Studio v3.2.0.1
|
||||
</div>
|
||||
|
||||
|
||||
<!-- APPS -->
|
||||
<div id="arcopole-app" class="content_center"></div>
|
||||
</div>
|
||||
|
||||
<div id="loadingDiv" style="display: none">
|
||||
<img src="./img/loading.gif" alt="Loader" />
|
||||
<!-- Patientez... -->
|
||||
</div>
|
||||
|
||||
<!-- ui-dialog -->
|
||||
<div id="login-box" title="Associer arcOpole Studio">
|
||||
<form id="masque">
|
||||
<p>Veuillez saisir votre identifiant et votre mot de
|
||||
passe afin de les associer avec votre compte partenaire.</p>
|
||||
<div id="login-box-error" class="authent-error"></div>
|
||||
<div id="login-box-name">Utilisateur:</div>
|
||||
<div id="login-box-field">
|
||||
<input id="username-clair" class="form-login required"
|
||||
value=""
|
||||
size="30" maxlength="132" /> <label for="username-clair"
|
||||
class="error">Ce champ est obligatoire.</label>
|
||||
</div>
|
||||
<div id="login-box-name">Mot de passe:</div>
|
||||
<div id="login-box-field">
|
||||
<input id="password-clair" type="password"
|
||||
class="form-login required"
|
||||
value=""
|
||||
size="30" maxlength="132" /> <label for="password-clair"
|
||||
class="error">Ce champ est obligatoire.</label>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
<form id="login-form" action=".">
|
||||
<input id="login" name="action" type="hidden" value="login" /> <input
|
||||
id="username" name="username" type="hidden" value="" /> <input
|
||||
id="password" name="password" type="hidden" value="" /> <input
|
||||
id="mem-username" type="hidden" name="mem-username" value="" /> <input
|
||||
id="mem-password" type="hidden" name="mem-password" value="" />
|
||||
</form>
|
||||
|
||||
</body>
|
||||
</html>
|
|
@ -1,34 +0,0 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
|
||||
<html>
|
||||
<head>
|
||||
<link rel="stylesheet" href="${static_url}/css/style.css" />
|
||||
<title>1er connexion</title>
|
||||
</head>
|
||||
<body>
|
||||
<div id="wrap">
|
||||
<div id="header">
|
||||
<h1>Première connexion</h1>
|
||||
<span>Associer un compte</span>
|
||||
</div>
|
||||
<div id="splash"></div>
|
||||
<div id="content">
|
||||
<h1>Association</h1>
|
||||
<p>Associer ${sp_name} avec votre compte citoyen</p>
|
||||
<form action="${action}" method="post" accept-charset="utf-8">
|
||||
<div>
|
||||
<label for="username">Utilisateur</label>
|
||||
<input type="text" name="${login_name}" value="" id="username" />
|
||||
</div>
|
||||
<div>
|
||||
<label for="password">Mot de passe</label>
|
||||
<input type="password" name="${password_name}" value="" id="password" />
|
||||
</div>
|
||||
<p><input type="submit" value="Associer"></p>
|
||||
</form>
|
||||
</div>
|
||||
<div id="footer">
|
||||
Copyright © 2014 Entr'ouvert
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
Reference in New Issue