Refactored according to PEP8 and optimized imports
This commit is contained in:
parent
e443a16742
commit
57cd46ad23
|
@ -23,10 +23,7 @@ doc/_build
|
|||
# Remaining stuff
|
||||
oidc_example/op2/client_db.db
|
||||
oidc_example/op2/config.py
|
||||
oidc_example/op2/modules/base.mako.py
|
||||
oidc_example/op2/modules/login.mako.py
|
||||
oidc_example/op2/modules/root.mako.py
|
||||
oidc_example/op2/modules/unauthorized.mako.py
|
||||
oidc_example/op2/modules
|
||||
oidc_example/op2/sp.xml
|
||||
oidc_example/op2/sp_cert/tmp_mycert.pem
|
||||
oidc_example/op2/sp_cert/tmp_mykey.pem
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
<%!
|
||||
def op_choice(op_list):
|
||||
def op_choice(op_list):
|
||||
"""
|
||||
Creates a dropdown list of OpenID Connect providers
|
||||
"""
|
||||
|
@ -13,47 +13,50 @@ def op_choice(op_list):
|
|||
<!DOCTYPE html>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
<head>
|
||||
<title>pyoidc RP</title>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<!-- Bootstrap -->
|
||||
<link href="static/bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">
|
||||
<link href="static/style.css" rel="stylesheet" media="all">
|
||||
<link href="static/style.css" rel="stylesheet" media="all">
|
||||
|
||||
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
||||
<!--[if lt IE 9]>
|
||||
<script src="../../assets/js/html5shiv.js"></script>
|
||||
<script src="../../assets/js/respond.min.js"></script>
|
||||
<script src="../../assets/js/html5shiv.js"></script>
|
||||
<script src="../../assets/js/respond.min.js"></script>
|
||||
<![endif]-->
|
||||
</head>
|
||||
<body>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<!-- Static navbar -->
|
||||
<div class="navbar navbar-default navbar-fixed-top">
|
||||
<div class="navbar-header">
|
||||
<a class="navbar-brand" href="#">pyoidc RP</a>
|
||||
</div>
|
||||
<!-- Static navbar -->
|
||||
<div class="navbar navbar-default navbar-fixed-top">
|
||||
<div class="navbar-header">
|
||||
<a class="navbar-brand" href="#">pyoidc RP</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="container">
|
||||
<!-- Main component for a primary marketing message or call to action -->
|
||||
<div class="jumbotron">
|
||||
<div class="container">
|
||||
<!-- Main component for a primary marketing message or call to action -->
|
||||
<div class="jumbotron">
|
||||
<form class="form-signin" action="rp" method="get">
|
||||
<h1>OP by UID</h1>
|
||||
<h3>Chose the OpenID Connect Provider: </h3>
|
||||
<h1>OP by UID</h1>
|
||||
|
||||
<h3>Chose the OpenID Connect Provider: </h3>
|
||||
|
||||
<p>From this list</p>
|
||||
${op_choice(op_list)}
|
||||
<p> OR by providing your unique identifier at the OP. </p>
|
||||
<input type="text" id="uid" name="uid" class="form-control" placeholder="UID" autofocus>
|
||||
<button class="btn btn-lg btn-primary btn-block" type="submit">Start</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div> <!-- /container -->
|
||||
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
|
||||
<script src="/static/jquery.min.1.9.1.js"></script>
|
||||
<!-- Include all compiled plugins (below), or include individual files as needed -->
|
||||
<script src="/static/bootstrap/js/bootstrap.min.js"></script>
|
||||
</div>
|
||||
<!-- /container -->
|
||||
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
|
||||
<script src="/static/jquery.min.1.9.1.js"></script>
|
||||
<!-- Include all compiled plugins (below), or include individual files as needed -->
|
||||
<script src="/static/bootstrap/js/bootstrap.min.js"></script>
|
||||
|
||||
</body>
|
||||
</body>
|
||||
</html>
|
|
@ -1,53 +1,57 @@
|
|||
<!DOCTYPE html>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
<head>
|
||||
<title>pyoidc RP</title>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<!-- Bootstrap -->
|
||||
<link href="static/bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">
|
||||
<link href="static/style.css" rel="stylesheet" media="all">
|
||||
<link href="static/style.css" rel="stylesheet" media="all">
|
||||
|
||||
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
||||
<!--[if lt IE 9]>
|
||||
<script src="../../assets/js/html5shiv.js"></script>
|
||||
<script src="../../assets/js/respond.min.js"></script>
|
||||
<script src="../../assets/js/html5shiv.js"></script>
|
||||
<script src="../../assets/js/respond.min.js"></script>
|
||||
<![endif]-->
|
||||
</head>
|
||||
<body>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<!-- Static navbar -->
|
||||
<div class="navbar navbar-default navbar-fixed-top">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
||||
<!-- Static navbar -->
|
||||
<div class="navbar navbar-default navbar-fixed-top">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="#">pyoidc RP</a>
|
||||
</div>
|
||||
<div class="navbar-collapse collapse">
|
||||
<ul class="nav navbar-nav">
|
||||
</ul>
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
</button>
|
||||
<a class="navbar-brand" href="#">pyoidc RP</a>
|
||||
</div>
|
||||
<div class="navbar-collapse collapse">
|
||||
<ul class="nav navbar-nav">
|
||||
</ul>
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
<li><a href="logout">Logout</a></li>
|
||||
</ul>
|
||||
</div><!--/.nav-collapse -->
|
||||
</ul>
|
||||
</div>
|
||||
<!--/.nav-collapse -->
|
||||
</div>
|
||||
|
||||
<div class="container">
|
||||
<!-- Main component for a primary marketing message or call to action -->
|
||||
<div class="jumbotron">
|
||||
<h1>OP result</h1>
|
||||
|
||||
<p>You have failed to connect to the designated OP with the message:</p>
|
||||
|
||||
<p>${error}</p>
|
||||
</div>
|
||||
|
||||
<div class="container">
|
||||
<!-- Main component for a primary marketing message or call to action -->
|
||||
<div class="jumbotron">
|
||||
<h1>OP result</h1>
|
||||
<p>You have failed to connect to the designated OP with the message:</p>
|
||||
<p>${error}</p>
|
||||
</div>
|
||||
</div>
|
||||
<!-- /container -->
|
||||
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
|
||||
<script src="/static/jquery.min.1.9.1.js"></script>
|
||||
<!-- Include all compiled plugins (below), or include individual files as needed -->
|
||||
<script src="/static/bootstrap/js/bootstrap.min.js"></script>
|
||||
|
||||
</div> <!-- /container -->
|
||||
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
|
||||
<script src="/static/jquery.min.1.9.1.js"></script>
|
||||
<!-- Include all compiled plugins (below), or include individual files as needed -->
|
||||
<script src="/static/bootstrap/js/bootstrap.min.js"></script>
|
||||
|
||||
</body>
|
||||
</body>
|
||||
</html>
|
|
@ -1,29 +1,29 @@
|
|||
<!DOCTYPE html>
|
||||
|
||||
<%!
|
||||
import htmlentitydefs
|
||||
import re, string
|
||||
<%!
|
||||
import htmlentitydefs
|
||||
import re, string
|
||||
|
||||
# this pattern matches substrings of reserved and non-ASCII characters
|
||||
pattern = re.compile(r"[&<>\"\x80-\xff]+")
|
||||
# this pattern matches substrings of reserved and non-ASCII characters
|
||||
pattern = re.compile(r"[&<>\"\x80-\xff]+")
|
||||
|
||||
# create character map
|
||||
entity_map = {}
|
||||
# create character map
|
||||
entity_map = {}
|
||||
|
||||
for i in range(256):
|
||||
for i in range(256):
|
||||
entity_map[chr(i)] = "&#%d;" % i
|
||||
|
||||
for entity, char in htmlentitydefs.entitydefs.items():
|
||||
for entity, char in htmlentitydefs.entitydefs.items():
|
||||
if entity_map.has_key(char):
|
||||
entity_map[char] = "&%s;" % entity
|
||||
|
||||
def escape_entity(m, get=entity_map.get):
|
||||
def escape_entity(m, get=entity_map.get):
|
||||
return string.join(map(get, m.group()), "")
|
||||
|
||||
def escape(string):
|
||||
def escape(string):
|
||||
return pattern.sub(escape_entity, string)
|
||||
|
||||
def create_result(userinfo):
|
||||
def create_result(userinfo):
|
||||
"""
|
||||
Creates a display of user information.
|
||||
"""
|
||||
|
@ -35,56 +35,58 @@
|
|||
element += "<div class='col-md-7'>" + escape(unicode(value).encode("utf-8")) + "</div>"
|
||||
element += "</div>"
|
||||
return element
|
||||
%>
|
||||
%>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
<head>
|
||||
<title>pyoidc RP</title>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<!-- Bootstrap -->
|
||||
<link href="static/bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">
|
||||
<link href="static/style.css" rel="stylesheet" media="all">
|
||||
<link href="static/style.css" rel="stylesheet" media="all">
|
||||
|
||||
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
||||
<!--[if lt IE 9]>
|
||||
<script src="../../assets/js/html5shiv.js"></script>
|
||||
<script src="../../assets/js/respond.min.js"></script>
|
||||
<script src="../../assets/js/html5shiv.js"></script>
|
||||
<script src="../../assets/js/respond.min.js"></script>
|
||||
<![endif]-->
|
||||
</head>
|
||||
<body>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<!-- Static navbar -->
|
||||
<div class="navbar navbar-default navbar-fixed-top">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
||||
<!-- Static navbar -->
|
||||
<div class="navbar navbar-default navbar-fixed-top">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="#">pyoidc RP</a>
|
||||
</div>
|
||||
<div class="navbar-collapse collapse">
|
||||
<ul class="nav navbar-nav">
|
||||
</ul>
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
<li><a href="logout">Logout</a></li>
|
||||
</ul>
|
||||
</div><!--/.nav-collapse -->
|
||||
</button>
|
||||
<a class="navbar-brand" href="#">pyoidc RP</a>
|
||||
</div>
|
||||
<div class="navbar-collapse collapse">
|
||||
<ul class="nav navbar-nav">
|
||||
</ul>
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
<li><a href="logout">Logout</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
<!--/.nav-collapse -->
|
||||
</div>
|
||||
|
||||
<div class="container">
|
||||
<!-- Main component for a primary marketing message or call to action -->
|
||||
<div class="jumbotron">
|
||||
<div class="container">
|
||||
<!-- Main component for a primary marketing message or call to action -->
|
||||
<div class="jumbotron">
|
||||
<h1>OP result</h1>
|
||||
${create_result(userinfo)}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div> <!-- /container -->
|
||||
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
|
||||
<script src="/static/jquery.min.1.9.1.js"></script>
|
||||
<!-- Include all compiled plugins (below), or include individual files as needed -->
|
||||
<script src="/static/bootstrap/js/bootstrap.min.js"></script>
|
||||
</div>
|
||||
<!-- /container -->
|
||||
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
|
||||
<script src="/static/jquery.min.1.9.1.js"></script>
|
||||
<!-- Include all compiled plugins (below), or include individual files as needed -->
|
||||
<script src="/static/bootstrap/js/bootstrap.min.js"></script>
|
||||
|
||||
|
||||
</body>
|
||||
</body>
|
||||
</html>
|
|
@ -1,5 +1,6 @@
|
|||
# -*- coding:utf-8 -*-
|
||||
from mako import runtime, filters, cache
|
||||
from mako import runtime
|
||||
|
||||
UNDEFINED = runtime.UNDEFINED
|
||||
__M_dict_builtin = dict
|
||||
__M_locals_builtin = locals
|
||||
|
@ -25,17 +26,19 @@ def op_choice(op_list):
|
|||
return element
|
||||
|
||||
|
||||
def render_body(context,**pageargs):
|
||||
def render_body(context, **pageargs):
|
||||
__M_caller = context.caller_stack._push_frame()
|
||||
try:
|
||||
__M_locals = __M_dict_builtin(pageargs=pageargs)
|
||||
op_list = context.get('op_list', UNDEFINED)
|
||||
__M_writer = context.writer()
|
||||
# SOURCE LINE 11
|
||||
__M_writer(u'\n\n<!DOCTYPE html>\n\n<html>\n <head>\n <title>pyoidc RP</title>\n <meta name="viewport" content="width=device-width, initial-scale=1.0">\n <!-- Bootstrap -->\n <link href="static/bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">\n <link href="static/style.css" rel="stylesheet" media="all">\n\n <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->\n <!--[if lt IE 9]>\n <script src="../../assets/js/html5shiv.js"></script>\n <script src="../../assets/js/respond.min.js"></script>\n <![endif]-->\n </head>\n <body>\n\n <!-- Static navbar -->\n <div class="navbar navbar-default navbar-fixed-top">\n <div class="navbar-header">\n <a class="navbar-brand" href="#">pyoidc RP</a>\n </div>\n </div>\n\n <div class="container">\n <!-- Main component for a primary marketing message or call to action -->\n <div class="jumbotron">\n <form class="form-signin" action="rp" method="get">\n <h1>OP by UID</h1>\n <h3>Chose the OpenID Connect Provider: </h3>\n <p>From this list</p>\n ')
|
||||
__M_writer(
|
||||
u'\n\n<!DOCTYPE html>\n\n<html>\n <head>\n <title>pyoidc RP</title>\n <meta name="viewport" content="width=device-width, initial-scale=1.0">\n <!-- Bootstrap -->\n <link href="static/bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">\n <link href="static/style.css" rel="stylesheet" media="all">\n\n <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->\n <!--[if lt IE 9]>\n <script src="../../assets/js/html5shiv.js"></script>\n <script src="../../assets/js/respond.min.js"></script>\n <![endif]-->\n </head>\n <body>\n\n <!-- Static navbar -->\n <div class="navbar navbar-default navbar-fixed-top">\n <div class="navbar-header">\n <a class="navbar-brand" href="#">pyoidc RP</a>\n </div>\n </div>\n\n <div class="container">\n <!-- Main component for a primary marketing message or call to action -->\n <div class="jumbotron">\n <form class="form-signin" action="rp" method="get">\n <h1>OP by UID</h1>\n <h3>Chose the OpenID Connect Provider: </h3>\n <p>From this list</p>\n ')
|
||||
# SOURCE LINE 45
|
||||
__M_writer(unicode(op_choice(op_list)))
|
||||
__M_writer(u'\n <p> OR by providing your unique identifier at the OP. </p>\n <input type="text" id="uid" name="uid" class="form-control" placeholder="UID" autofocus>\n <button class="btn btn-lg btn-primary btn-block" type="submit">Start</button>\n </form>\n </div>\n\n </div> <!-- /container -->\n <!-- jQuery (necessary for Bootstrap\'s JavaScript plugins) -->\n <script src="/static/jquery.min.1.9.1.js"></script>\n <!-- Include all compiled plugins (below), or include individual files as needed -->\n <script src="/static/bootstrap/js/bootstrap.min.js"></script>\n\n </body>\n</html>')
|
||||
__M_writer(
|
||||
u'\n <p> OR by providing your unique identifier at the OP. </p>\n <input type="text" id="uid" name="uid" class="form-control" placeholder="UID" autofocus>\n <button class="btn btn-lg btn-primary btn-block" type="submit">Start</button>\n </form>\n </div>\n\n </div> <!-- /container -->\n <!-- jQuery (necessary for Bootstrap\'s JavaScript plugins) -->\n <script src="/static/jquery.min.1.9.1.js"></script>\n <!-- Include all compiled plugins (below), or include individual files as needed -->\n <script src="/static/bootstrap/js/bootstrap.min.js"></script>\n\n </body>\n</html>')
|
||||
return ''
|
||||
finally:
|
||||
context.caller_stack._pop_frame()
|
||||
|
|
|
@ -22,7 +22,7 @@ class Client(oic.Client):
|
|||
def __init__(self, client_id=None, ca_certs=None,
|
||||
client_prefs=None, client_authn_method=None, keyjar=None,
|
||||
verify_ssl=True, behaviour=None):
|
||||
oic.Client.__init__(self, client_id, ca_certs, client_prefs,
|
||||
super(Client, self).__init__(self, client_id, ca_certs, client_prefs,
|
||||
client_authn_method, keyjar, verify_ssl)
|
||||
if behaviour:
|
||||
self.behaviour = behaviour
|
||||
|
@ -191,7 +191,7 @@ class OIDCClients(object):
|
|||
ProviderConfigurationResponse(**kwargs["provider_info"]),
|
||||
kwargs["provider_info"]["issuer"])
|
||||
client.store_registration_info(RegistrationResponse(
|
||||
**kwargs["client_registration"]))
|
||||
**kwargs["client_registration"]))
|
||||
elif _key_set == set(["srv_discovery_url", "client_registration"]):
|
||||
_ = client.provider_config(kwargs["srv_discovery_url"])
|
||||
client.store_registration_info(RegistrationResponse(
|
||||
|
@ -232,4 +232,4 @@ class OIDCClients(object):
|
|||
return self.dynamic_client(item)
|
||||
|
||||
def keys(self):
|
||||
return self.client.keys()
|
||||
return self.client.keys()
|
||||
|
|
|
@ -5,12 +5,12 @@ import urllib
|
|||
from jwkest.jws import alg2keytype
|
||||
from mako.lookup import TemplateLookup
|
||||
from urlparse import parse_qs
|
||||
import logging
|
||||
|
||||
from oic.utils.http_util import NotFound
|
||||
from oic.utils.http_util import Response
|
||||
from oic.utils.http_util import Redirect
|
||||
|
||||
import logging
|
||||
|
||||
LOGGER = logging.getLogger("")
|
||||
LOGFILE_NAME = 'rp.log'
|
||||
|
@ -34,7 +34,7 @@ LOOKUP = TemplateLookup(directories=['templates', 'htdocs'],
|
|||
SERVER_ENV = {}
|
||||
|
||||
|
||||
#noinspection PyUnresolvedReferences
|
||||
# noinspection PyUnresolvedReferences
|
||||
def static(environ, start_response, logger, path):
|
||||
logger.info("[static]sending: %s" % (path,))
|
||||
|
||||
|
@ -168,6 +168,7 @@ def application(environ, start_response):
|
|||
|
||||
return opchoice(environ, start_response, CLIENTS)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
from oidc import OIDCClients
|
||||
from oidc import OIDCError
|
||||
|
|
|
@ -4,9 +4,9 @@
|
|||
.btn-info,
|
||||
.btn-warning,
|
||||
.btn-danger {
|
||||
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.2);
|
||||
-webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.075);
|
||||
box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.075);
|
||||
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.2);
|
||||
-webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.075);
|
||||
box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.075);
|
||||
}
|
||||
|
||||
.btn-default:active,
|
||||
|
@ -21,117 +21,117 @@
|
|||
.btn-info.active,
|
||||
.btn-warning.active,
|
||||
.btn-danger.active {
|
||||
-webkit-box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
|
||||
box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
|
||||
-webkit-box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
|
||||
box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125);
|
||||
}
|
||||
|
||||
.btn:active,
|
||||
.btn.active {
|
||||
background-image: none;
|
||||
background-image: none;
|
||||
}
|
||||
|
||||
.btn-default {
|
||||
text-shadow: 0 1px 0 #fff;
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#ffffff), to(#e6e6e6));
|
||||
background-image: -webkit-linear-gradient(top, #ffffff, 0%, #e6e6e6, 100%);
|
||||
background-image: -moz-linear-gradient(top, #ffffff 0%, #e6e6e6 100%);
|
||||
background-image: linear-gradient(to bottom, #ffffff 0%, #e6e6e6 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #e0e0e0;
|
||||
border-color: #ccc;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#ffe6e6e6', GradientType=0);
|
||||
text-shadow: 0 1px 0 #fff;
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#ffffff), to(#e6e6e6));
|
||||
background-image: -webkit-linear-gradient(top, #ffffff, 0%, #e6e6e6, 100%);
|
||||
background-image: -moz-linear-gradient(top, #ffffff 0%, #e6e6e6 100%);
|
||||
background-image: linear-gradient(to bottom, #ffffff 0%, #e6e6e6 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #e0e0e0;
|
||||
border-color: #ccc;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#ffe6e6e6', GradientType=0);
|
||||
}
|
||||
|
||||
.btn-default:active,
|
||||
.btn-default.active {
|
||||
background-color: #e6e6e6;
|
||||
border-color: #e0e0e0;
|
||||
background-color: #e6e6e6;
|
||||
border-color: #e0e0e0;
|
||||
}
|
||||
|
||||
.btn-primary {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#3071a9));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #3071a9, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #3071a9 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #3071a9 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #2d6ca2;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3071a9', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#3071a9));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #3071a9, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #3071a9 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #3071a9 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #2d6ca2;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3071a9', GradientType=0);
|
||||
}
|
||||
|
||||
.btn-primary:active,
|
||||
.btn-primary.active {
|
||||
background-color: #3071a9;
|
||||
border-color: #2d6ca2;
|
||||
background-color: #3071a9;
|
||||
border-color: #2d6ca2;
|
||||
}
|
||||
|
||||
.btn-success {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#5cb85c), to(#449d44));
|
||||
background-image: -webkit-linear-gradient(top, #5cb85c, 0%, #449d44, 100%);
|
||||
background-image: -moz-linear-gradient(top, #5cb85c 0%, #449d44 100%);
|
||||
background-image: linear-gradient(to bottom, #5cb85c 0%, #449d44 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #419641;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c', endColorstr='#ff449d44', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#5cb85c), to(#449d44));
|
||||
background-image: -webkit-linear-gradient(top, #5cb85c, 0%, #449d44, 100%);
|
||||
background-image: -moz-linear-gradient(top, #5cb85c 0%, #449d44 100%);
|
||||
background-image: linear-gradient(to bottom, #5cb85c 0%, #449d44 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #419641;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c', endColorstr='#ff449d44', GradientType=0);
|
||||
}
|
||||
|
||||
.btn-success:active,
|
||||
.btn-success.active {
|
||||
background-color: #449d44;
|
||||
border-color: #419641;
|
||||
background-color: #449d44;
|
||||
border-color: #419641;
|
||||
}
|
||||
|
||||
.btn-warning {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f0ad4e), to(#ec971f));
|
||||
background-image: -webkit-linear-gradient(top, #f0ad4e, 0%, #ec971f, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f0ad4e 0%, #ec971f 100%);
|
||||
background-image: linear-gradient(to bottom, #f0ad4e 0%, #ec971f 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #eb9316;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e', endColorstr='#ffec971f', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f0ad4e), to(#ec971f));
|
||||
background-image: -webkit-linear-gradient(top, #f0ad4e, 0%, #ec971f, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f0ad4e 0%, #ec971f 100%);
|
||||
background-image: linear-gradient(to bottom, #f0ad4e 0%, #ec971f 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #eb9316;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e', endColorstr='#ffec971f', GradientType=0);
|
||||
}
|
||||
|
||||
.btn-warning:active,
|
||||
.btn-warning.active {
|
||||
background-color: #ec971f;
|
||||
border-color: #eb9316;
|
||||
background-color: #ec971f;
|
||||
border-color: #eb9316;
|
||||
}
|
||||
|
||||
.btn-danger {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#d9534f), to(#c9302c));
|
||||
background-image: -webkit-linear-gradient(top, #d9534f, 0%, #c9302c, 100%);
|
||||
background-image: -moz-linear-gradient(top, #d9534f 0%, #c9302c 100%);
|
||||
background-image: linear-gradient(to bottom, #d9534f 0%, #c9302c 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #c12e2a;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f', endColorstr='#ffc9302c', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#d9534f), to(#c9302c));
|
||||
background-image: -webkit-linear-gradient(top, #d9534f, 0%, #c9302c, 100%);
|
||||
background-image: -moz-linear-gradient(top, #d9534f 0%, #c9302c 100%);
|
||||
background-image: linear-gradient(to bottom, #d9534f 0%, #c9302c 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #c12e2a;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f', endColorstr='#ffc9302c', GradientType=0);
|
||||
}
|
||||
|
||||
.btn-danger:active,
|
||||
.btn-danger.active {
|
||||
background-color: #c9302c;
|
||||
border-color: #c12e2a;
|
||||
background-color: #c9302c;
|
||||
border-color: #c12e2a;
|
||||
}
|
||||
|
||||
.btn-info {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#5bc0de), to(#31b0d5));
|
||||
background-image: -webkit-linear-gradient(top, #5bc0de, 0%, #31b0d5, 100%);
|
||||
background-image: -moz-linear-gradient(top, #5bc0de 0%, #31b0d5 100%);
|
||||
background-image: linear-gradient(to bottom, #5bc0de 0%, #31b0d5 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #2aabd2;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de', endColorstr='#ff31b0d5', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#5bc0de), to(#31b0d5));
|
||||
background-image: -webkit-linear-gradient(top, #5bc0de, 0%, #31b0d5, 100%);
|
||||
background-image: -moz-linear-gradient(top, #5bc0de 0%, #31b0d5 100%);
|
||||
background-image: linear-gradient(to bottom, #5bc0de 0%, #31b0d5 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #2aabd2;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de', endColorstr='#ff31b0d5', GradientType=0);
|
||||
}
|
||||
|
||||
.btn-info:active,
|
||||
.btn-info.active {
|
||||
background-color: #31b0d5;
|
||||
border-color: #2aabd2;
|
||||
background-color: #31b0d5;
|
||||
border-color: #2aabd2;
|
||||
}
|
||||
|
||||
.thumbnail,
|
||||
.img-thumbnail {
|
||||
-webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.075);
|
||||
box-shadow: 0 1px 2px rgba(0, 0, 0, 0.075);
|
||||
-webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.075);
|
||||
box-shadow: 0 1px 2px rgba(0, 0, 0, 0.075);
|
||||
}
|
||||
|
||||
.dropdown-menu > li > a:hover,
|
||||
|
@ -139,246 +139,246 @@
|
|||
.dropdown-menu > .active > a,
|
||||
.dropdown-menu > .active > a:hover,
|
||||
.dropdown-menu > .active > a:focus {
|
||||
background-color: #357ebd;
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#357ebd));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #357ebd, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #357ebd 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #357ebd 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff357ebd', GradientType=0);
|
||||
background-color: #357ebd;
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#357ebd));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #357ebd, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #357ebd 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #357ebd 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff357ebd', GradientType=0);
|
||||
}
|
||||
|
||||
.navbar {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#ffffff), to(#f8f8f8));
|
||||
background-image: -webkit-linear-gradient(top, #ffffff, 0%, #f8f8f8, 100%);
|
||||
background-image: -moz-linear-gradient(top, #ffffff 0%, #f8f8f8 100%);
|
||||
background-image: linear-gradient(to bottom, #ffffff 0%, #f8f8f8 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-radius: 4px;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#fff8f8f8', GradientType=0);
|
||||
-webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 5px rgba(0, 0, 0, 0.075);
|
||||
box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 5px rgba(0, 0, 0, 0.075);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#ffffff), to(#f8f8f8));
|
||||
background-image: -webkit-linear-gradient(top, #ffffff, 0%, #f8f8f8, 100%);
|
||||
background-image: -moz-linear-gradient(top, #ffffff 0%, #f8f8f8 100%);
|
||||
background-image: linear-gradient(to bottom, #ffffff 0%, #f8f8f8 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-radius: 4px;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#fff8f8f8', GradientType=0);
|
||||
-webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 5px rgba(0, 0, 0, 0.075);
|
||||
box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 5px rgba(0, 0, 0, 0.075);
|
||||
}
|
||||
|
||||
.navbar .navbar-nav > .active > a {
|
||||
background-color: #f8f8f8;
|
||||
background-color: #f8f8f8;
|
||||
}
|
||||
|
||||
.navbar-brand,
|
||||
.navbar-nav > li > a {
|
||||
text-shadow: 0 1px 0 rgba(255, 255, 255, 0.25);
|
||||
text-shadow: 0 1px 0 rgba(255, 255, 255, 0.25);
|
||||
}
|
||||
|
||||
.navbar-inverse {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#3c3c3c), to(#222222));
|
||||
background-image: -webkit-linear-gradient(top, #3c3c3c, 0%, #222222, 100%);
|
||||
background-image: -moz-linear-gradient(top, #3c3c3c 0%, #222222 100%);
|
||||
background-image: linear-gradient(to bottom, #3c3c3c 0%, #222222 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff3c3c3c', endColorstr='#ff222222', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#3c3c3c), to(#222222));
|
||||
background-image: -webkit-linear-gradient(top, #3c3c3c, 0%, #222222, 100%);
|
||||
background-image: -moz-linear-gradient(top, #3c3c3c 0%, #222222 100%);
|
||||
background-image: linear-gradient(to bottom, #3c3c3c 0%, #222222 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff3c3c3c', endColorstr='#ff222222', GradientType=0);
|
||||
}
|
||||
|
||||
.navbar-inverse .navbar-nav > .active > a {
|
||||
background-color: #222222;
|
||||
background-color: #222222;
|
||||
}
|
||||
|
||||
.navbar-inverse .navbar-brand,
|
||||
.navbar-inverse .navbar-nav > li > a {
|
||||
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
|
||||
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
|
||||
}
|
||||
|
||||
.navbar-static-top,
|
||||
.navbar-fixed-top,
|
||||
.navbar-fixed-bottom {
|
||||
border-radius: 0;
|
||||
border-radius: 0;
|
||||
}
|
||||
|
||||
.alert {
|
||||
text-shadow: 0 1px 0 rgba(255, 255, 255, 0.2);
|
||||
-webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.25), 0 1px 2px rgba(0, 0, 0, 0.05);
|
||||
box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.25), 0 1px 2px rgba(0, 0, 0, 0.05);
|
||||
text-shadow: 0 1px 0 rgba(255, 255, 255, 0.2);
|
||||
-webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.25), 0 1px 2px rgba(0, 0, 0, 0.05);
|
||||
box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.25), 0 1px 2px rgba(0, 0, 0, 0.05);
|
||||
}
|
||||
|
||||
.alert-success {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#dff0d8), to(#c8e5bc));
|
||||
background-image: -webkit-linear-gradient(top, #dff0d8, 0%, #c8e5bc, 100%);
|
||||
background-image: -moz-linear-gradient(top, #dff0d8 0%, #c8e5bc 100%);
|
||||
background-image: linear-gradient(to bottom, #dff0d8 0%, #c8e5bc 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #b2dba1;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8', endColorstr='#ffc8e5bc', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#dff0d8), to(#c8e5bc));
|
||||
background-image: -webkit-linear-gradient(top, #dff0d8, 0%, #c8e5bc, 100%);
|
||||
background-image: -moz-linear-gradient(top, #dff0d8 0%, #c8e5bc 100%);
|
||||
background-image: linear-gradient(to bottom, #dff0d8 0%, #c8e5bc 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #b2dba1;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8', endColorstr='#ffc8e5bc', GradientType=0);
|
||||
}
|
||||
|
||||
.alert-info {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#d9edf7), to(#b9def0));
|
||||
background-image: -webkit-linear-gradient(top, #d9edf7, 0%, #b9def0, 100%);
|
||||
background-image: -moz-linear-gradient(top, #d9edf7 0%, #b9def0 100%);
|
||||
background-image: linear-gradient(to bottom, #d9edf7 0%, #b9def0 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #9acfea;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7', endColorstr='#ffb9def0', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#d9edf7), to(#b9def0));
|
||||
background-image: -webkit-linear-gradient(top, #d9edf7, 0%, #b9def0, 100%);
|
||||
background-image: -moz-linear-gradient(top, #d9edf7 0%, #b9def0 100%);
|
||||
background-image: linear-gradient(to bottom, #d9edf7 0%, #b9def0 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #9acfea;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7', endColorstr='#ffb9def0', GradientType=0);
|
||||
}
|
||||
|
||||
.alert-warning {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#fcf8e3), to(#f8efc0));
|
||||
background-image: -webkit-linear-gradient(top, #fcf8e3, 0%, #f8efc0, 100%);
|
||||
background-image: -moz-linear-gradient(top, #fcf8e3 0%, #f8efc0 100%);
|
||||
background-image: linear-gradient(to bottom, #fcf8e3 0%, #f8efc0 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #f5e79e;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3', endColorstr='#fff8efc0', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#fcf8e3), to(#f8efc0));
|
||||
background-image: -webkit-linear-gradient(top, #fcf8e3, 0%, #f8efc0, 100%);
|
||||
background-image: -moz-linear-gradient(top, #fcf8e3 0%, #f8efc0 100%);
|
||||
background-image: linear-gradient(to bottom, #fcf8e3 0%, #f8efc0 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #f5e79e;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3', endColorstr='#fff8efc0', GradientType=0);
|
||||
}
|
||||
|
||||
.alert-danger {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f2dede), to(#e7c3c3));
|
||||
background-image: -webkit-linear-gradient(top, #f2dede, 0%, #e7c3c3, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f2dede 0%, #e7c3c3 100%);
|
||||
background-image: linear-gradient(to bottom, #f2dede 0%, #e7c3c3 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #dca7a7;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede', endColorstr='#ffe7c3c3', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f2dede), to(#e7c3c3));
|
||||
background-image: -webkit-linear-gradient(top, #f2dede, 0%, #e7c3c3, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f2dede 0%, #e7c3c3 100%);
|
||||
background-image: linear-gradient(to bottom, #f2dede 0%, #e7c3c3 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #dca7a7;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede', endColorstr='#ffe7c3c3', GradientType=0);
|
||||
}
|
||||
|
||||
.progress {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#ebebeb), to(#f5f5f5));
|
||||
background-image: -webkit-linear-gradient(top, #ebebeb, 0%, #f5f5f5, 100%);
|
||||
background-image: -moz-linear-gradient(top, #ebebeb 0%, #f5f5f5 100%);
|
||||
background-image: linear-gradient(to bottom, #ebebeb 0%, #f5f5f5 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffebebeb', endColorstr='#fff5f5f5', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#ebebeb), to(#f5f5f5));
|
||||
background-image: -webkit-linear-gradient(top, #ebebeb, 0%, #f5f5f5, 100%);
|
||||
background-image: -moz-linear-gradient(top, #ebebeb 0%, #f5f5f5 100%);
|
||||
background-image: linear-gradient(to bottom, #ebebeb 0%, #f5f5f5 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffebebeb', endColorstr='#fff5f5f5', GradientType=0);
|
||||
}
|
||||
|
||||
.progress-bar {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#3071a9));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #3071a9, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #3071a9 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #3071a9 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3071a9', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#3071a9));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #3071a9, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #3071a9 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #3071a9 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3071a9', GradientType=0);
|
||||
}
|
||||
|
||||
.progress-bar-success {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#5cb85c), to(#449d44));
|
||||
background-image: -webkit-linear-gradient(top, #5cb85c, 0%, #449d44, 100%);
|
||||
background-image: -moz-linear-gradient(top, #5cb85c 0%, #449d44 100%);
|
||||
background-image: linear-gradient(to bottom, #5cb85c 0%, #449d44 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c', endColorstr='#ff449d44', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#5cb85c), to(#449d44));
|
||||
background-image: -webkit-linear-gradient(top, #5cb85c, 0%, #449d44, 100%);
|
||||
background-image: -moz-linear-gradient(top, #5cb85c 0%, #449d44 100%);
|
||||
background-image: linear-gradient(to bottom, #5cb85c 0%, #449d44 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c', endColorstr='#ff449d44', GradientType=0);
|
||||
}
|
||||
|
||||
.progress-bar-info {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#5bc0de), to(#31b0d5));
|
||||
background-image: -webkit-linear-gradient(top, #5bc0de, 0%, #31b0d5, 100%);
|
||||
background-image: -moz-linear-gradient(top, #5bc0de 0%, #31b0d5 100%);
|
||||
background-image: linear-gradient(to bottom, #5bc0de 0%, #31b0d5 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de', endColorstr='#ff31b0d5', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#5bc0de), to(#31b0d5));
|
||||
background-image: -webkit-linear-gradient(top, #5bc0de, 0%, #31b0d5, 100%);
|
||||
background-image: -moz-linear-gradient(top, #5bc0de 0%, #31b0d5 100%);
|
||||
background-image: linear-gradient(to bottom, #5bc0de 0%, #31b0d5 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de', endColorstr='#ff31b0d5', GradientType=0);
|
||||
}
|
||||
|
||||
.progress-bar-warning {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f0ad4e), to(#ec971f));
|
||||
background-image: -webkit-linear-gradient(top, #f0ad4e, 0%, #ec971f, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f0ad4e 0%, #ec971f 100%);
|
||||
background-image: linear-gradient(to bottom, #f0ad4e 0%, #ec971f 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e', endColorstr='#ffec971f', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f0ad4e), to(#ec971f));
|
||||
background-image: -webkit-linear-gradient(top, #f0ad4e, 0%, #ec971f, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f0ad4e 0%, #ec971f 100%);
|
||||
background-image: linear-gradient(to bottom, #f0ad4e 0%, #ec971f 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e', endColorstr='#ffec971f', GradientType=0);
|
||||
}
|
||||
|
||||
.progress-bar-danger {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#d9534f), to(#c9302c));
|
||||
background-image: -webkit-linear-gradient(top, #d9534f, 0%, #c9302c, 100%);
|
||||
background-image: -moz-linear-gradient(top, #d9534f 0%, #c9302c 100%);
|
||||
background-image: linear-gradient(to bottom, #d9534f 0%, #c9302c 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f', endColorstr='#ffc9302c', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#d9534f), to(#c9302c));
|
||||
background-image: -webkit-linear-gradient(top, #d9534f, 0%, #c9302c, 100%);
|
||||
background-image: -moz-linear-gradient(top, #d9534f 0%, #c9302c 100%);
|
||||
background-image: linear-gradient(to bottom, #d9534f 0%, #c9302c 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f', endColorstr='#ffc9302c', GradientType=0);
|
||||
}
|
||||
|
||||
.list-group {
|
||||
border-radius: 4px;
|
||||
-webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.075);
|
||||
box-shadow: 0 1px 2px rgba(0, 0, 0, 0.075);
|
||||
border-radius: 4px;
|
||||
-webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.075);
|
||||
box-shadow: 0 1px 2px rgba(0, 0, 0, 0.075);
|
||||
}
|
||||
|
||||
.list-group-item.active,
|
||||
.list-group-item.active:hover,
|
||||
.list-group-item.active:focus {
|
||||
text-shadow: 0 -1px 0 #3071a9;
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#3278b3));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #3278b3, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #3278b3 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #3278b3 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #3278b3;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3278b3', GradientType=0);
|
||||
text-shadow: 0 -1px 0 #3071a9;
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#3278b3));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #3278b3, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #3278b3 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #3278b3 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #3278b3;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff3278b3', GradientType=0);
|
||||
}
|
||||
|
||||
.panel {
|
||||
-webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.05);
|
||||
box-shadow: 0 1px 2px rgba(0, 0, 0, 0.05);
|
||||
-webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, 0.05);
|
||||
box-shadow: 0 1px 2px rgba(0, 0, 0, 0.05);
|
||||
}
|
||||
|
||||
.panel-default > .panel-heading {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f5f5f5), to(#e8e8e8));
|
||||
background-image: -webkit-linear-gradient(top, #f5f5f5, 0%, #e8e8e8, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f5f5f5 0%, #e8e8e8 100%);
|
||||
background-image: linear-gradient(to bottom, #f5f5f5 0%, #e8e8e8 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff5f5f5', endColorstr='#ffe8e8e8', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f5f5f5), to(#e8e8e8));
|
||||
background-image: -webkit-linear-gradient(top, #f5f5f5, 0%, #e8e8e8, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f5f5f5 0%, #e8e8e8 100%);
|
||||
background-image: linear-gradient(to bottom, #f5f5f5 0%, #e8e8e8 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff5f5f5', endColorstr='#ffe8e8e8', GradientType=0);
|
||||
}
|
||||
|
||||
.panel-primary > .panel-heading {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#357ebd));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #357ebd, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #357ebd 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #357ebd 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff357ebd', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#428bca), to(#357ebd));
|
||||
background-image: -webkit-linear-gradient(top, #428bca, 0%, #357ebd, 100%);
|
||||
background-image: -moz-linear-gradient(top, #428bca 0%, #357ebd 100%);
|
||||
background-image: linear-gradient(to bottom, #428bca 0%, #357ebd 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca', endColorstr='#ff357ebd', GradientType=0);
|
||||
}
|
||||
|
||||
.panel-success > .panel-heading {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#dff0d8), to(#d0e9c6));
|
||||
background-image: -webkit-linear-gradient(top, #dff0d8, 0%, #d0e9c6, 100%);
|
||||
background-image: -moz-linear-gradient(top, #dff0d8 0%, #d0e9c6 100%);
|
||||
background-image: linear-gradient(to bottom, #dff0d8 0%, #d0e9c6 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8', endColorstr='#ffd0e9c6', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#dff0d8), to(#d0e9c6));
|
||||
background-image: -webkit-linear-gradient(top, #dff0d8, 0%, #d0e9c6, 100%);
|
||||
background-image: -moz-linear-gradient(top, #dff0d8 0%, #d0e9c6 100%);
|
||||
background-image: linear-gradient(to bottom, #dff0d8 0%, #d0e9c6 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8', endColorstr='#ffd0e9c6', GradientType=0);
|
||||
}
|
||||
|
||||
.panel-info > .panel-heading {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#d9edf7), to(#c4e3f3));
|
||||
background-image: -webkit-linear-gradient(top, #d9edf7, 0%, #c4e3f3, 100%);
|
||||
background-image: -moz-linear-gradient(top, #d9edf7 0%, #c4e3f3 100%);
|
||||
background-image: linear-gradient(to bottom, #d9edf7 0%, #c4e3f3 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7', endColorstr='#ffc4e3f3', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#d9edf7), to(#c4e3f3));
|
||||
background-image: -webkit-linear-gradient(top, #d9edf7, 0%, #c4e3f3, 100%);
|
||||
background-image: -moz-linear-gradient(top, #d9edf7 0%, #c4e3f3 100%);
|
||||
background-image: linear-gradient(to bottom, #d9edf7 0%, #c4e3f3 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7', endColorstr='#ffc4e3f3', GradientType=0);
|
||||
}
|
||||
|
||||
.panel-warning > .panel-heading {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#fcf8e3), to(#faf2cc));
|
||||
background-image: -webkit-linear-gradient(top, #fcf8e3, 0%, #faf2cc, 100%);
|
||||
background-image: -moz-linear-gradient(top, #fcf8e3 0%, #faf2cc 100%);
|
||||
background-image: linear-gradient(to bottom, #fcf8e3 0%, #faf2cc 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3', endColorstr='#fffaf2cc', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#fcf8e3), to(#faf2cc));
|
||||
background-image: -webkit-linear-gradient(top, #fcf8e3, 0%, #faf2cc, 100%);
|
||||
background-image: -moz-linear-gradient(top, #fcf8e3 0%, #faf2cc 100%);
|
||||
background-image: linear-gradient(to bottom, #fcf8e3 0%, #faf2cc 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3', endColorstr='#fffaf2cc', GradientType=0);
|
||||
}
|
||||
|
||||
.panel-danger > .panel-heading {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f2dede), to(#ebcccc));
|
||||
background-image: -webkit-linear-gradient(top, #f2dede, 0%, #ebcccc, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f2dede 0%, #ebcccc 100%);
|
||||
background-image: linear-gradient(to bottom, #f2dede 0%, #ebcccc 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede', endColorstr='#ffebcccc', GradientType=0);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#f2dede), to(#ebcccc));
|
||||
background-image: -webkit-linear-gradient(top, #f2dede, 0%, #ebcccc, 100%);
|
||||
background-image: -moz-linear-gradient(top, #f2dede 0%, #ebcccc 100%);
|
||||
background-image: linear-gradient(to bottom, #f2dede 0%, #ebcccc 100%);
|
||||
background-repeat: repeat-x;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede', endColorstr='#ffebcccc', GradientType=0);
|
||||
}
|
||||
|
||||
.well {
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#e8e8e8), to(#f5f5f5));
|
||||
background-image: -webkit-linear-gradient(top, #e8e8e8, 0%, #f5f5f5, 100%);
|
||||
background-image: -moz-linear-gradient(top, #e8e8e8 0%, #f5f5f5 100%);
|
||||
background-image: linear-gradient(to bottom, #e8e8e8 0%, #f5f5f5 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #dcdcdc;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffe8e8e8', endColorstr='#fff5f5f5', GradientType=0);
|
||||
-webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.05), 0 1px 0 rgba(255, 255, 255, 0.1);
|
||||
box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.05), 0 1px 0 rgba(255, 255, 255, 0.1);
|
||||
background-image: -webkit-gradient(linear, left 0%, left 100%, from(#e8e8e8), to(#f5f5f5));
|
||||
background-image: -webkit-linear-gradient(top, #e8e8e8, 0%, #f5f5f5, 100%);
|
||||
background-image: -moz-linear-gradient(top, #e8e8e8 0%, #f5f5f5 100%);
|
||||
background-image: linear-gradient(to bottom, #e8e8e8 0%, #f5f5f5 100%);
|
||||
background-repeat: repeat-x;
|
||||
border-color: #dcdcdc;
|
||||
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffe8e8e8', endColorstr='#fff5f5f5', GradientType=0);
|
||||
-webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.05), 0 1px 0 rgba(255, 255, 255, 0.1);
|
||||
box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.05), 0 1px 0 rgba(255, 255, 255, 0.1);
|
||||
}
|
File diff suppressed because one or more lines are too long
File diff suppressed because it is too large
Load Diff
File diff suppressed because one or more lines are too long
File diff suppressed because it is too large
Load Diff
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -1,4 +1,4 @@
|
|||
body {
|
||||
min-height: 2000px;
|
||||
padding-top: 70px;
|
||||
min-height: 2000px;
|
||||
padding-top: 70px;
|
||||
}
|
|
@ -6,14 +6,12 @@ __author__ = 'rohe0002'
|
|||
import requests
|
||||
import random
|
||||
import string
|
||||
import copy
|
||||
import cookielib
|
||||
import logging
|
||||
from Cookie import SimpleCookie
|
||||
|
||||
from oic.utils.keyio import KeyJar
|
||||
from oic.utils.time_util import utc_time_sans_frac
|
||||
from oic.utils.time_util import utc_now
|
||||
from oic.exception import UnSupported
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
@ -33,7 +31,7 @@ DEFAULT_POST_CONTENT_TYPE = URL_ENCODED
|
|||
REQUEST2ENDPOINT = {
|
||||
"AuthorizationRequest": "authorization_endpoint",
|
||||
"AccessTokenRequest": "token_endpoint",
|
||||
# ROPCAccessTokenRequest: "authorization_endpoint",
|
||||
# ROPCAccessTokenRequest: "authorization_endpoint",
|
||||
# CCAccessTokenRequest: "authorization_endpoint",
|
||||
"RefreshAccessTokenRequest": "token_endpoint",
|
||||
"TokenRevocationRequest": "token_endpoint"}
|
||||
|
@ -88,6 +86,7 @@ def rndstr(size=16):
|
|||
class ExpiredToken(PyoidcError):
|
||||
pass
|
||||
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
@ -274,7 +273,7 @@ class PBase(object):
|
|||
self.keyjar = KeyJar(verify_ssl=verify_ssl)
|
||||
|
||||
self.request_args = {"allow_redirects": False}
|
||||
#self.cookies = {}
|
||||
# self.cookies = {}
|
||||
self.cookiejar = cookielib.FileCookieJar()
|
||||
self.ca_certs = ca_certs
|
||||
if ca_certs:
|
||||
|
@ -352,12 +351,12 @@ class PBase(object):
|
|||
std_attr["version"] = std_attr["version"].split(",")[0]
|
||||
except (TypeError, AttributeError):
|
||||
pass
|
||||
|
||||
|
||||
new_cookie = cookielib.Cookie(**std_attr)
|
||||
|
||||
self.cookiejar.set_cookie(new_cookie)
|
||||
|
||||
#return cookiejar
|
||||
# return cookiejar
|
||||
|
||||
def http_request(self, url, method="GET", **kwargs):
|
||||
_kwargs = copy.copy(self.request_args)
|
||||
|
@ -371,15 +370,16 @@ class PBase(object):
|
|||
try:
|
||||
r = requests.request(method, url, **_kwargs)
|
||||
except Exception as err:
|
||||
logger.error("http_request failed: %s, url: %s, htargs: %s" % (
|
||||
err, url, _kwargs))
|
||||
logger.error(
|
||||
"http_request failed: %s, url: %s, htargs: %s, method: %s" % (
|
||||
err, url, _kwargs, method))
|
||||
raise
|
||||
|
||||
try:
|
||||
set_cookie = r.headers["set-cookie"]
|
||||
# Telekom fix
|
||||
# set_cookie = set_cookie.replace(
|
||||
# "=;Path=/;Expires=Thu, 01-Jan-1970 00:00:01 GMT;HttpOnly,", "")
|
||||
# "=;Path=/;Expires=Thu, 01-Jan-1970 00:00:01 GMT;HttpOnly,", "")
|
||||
logger.debug("RECEIVED COOKIEs: %s" % set_cookie)
|
||||
self.set_cookie(SimpleCookie(set_cookie))
|
||||
except (AttributeError, KeyError), err:
|
||||
|
@ -422,7 +422,7 @@ class Client(PBase):
|
|||
self.client_authn_method = client_authn_method
|
||||
self.keyjar = keyjar or KeyJar(verify_ssl=verify_ssl)
|
||||
self.verify_ssl = verify_ssl
|
||||
#self.secret_type = "basic "
|
||||
# self.secret_type = "basic "
|
||||
|
||||
#self.state = None
|
||||
self.nonce = None
|
||||
|
@ -464,7 +464,7 @@ class Client(PBase):
|
|||
client_secret = property(get_client_secret, set_client_secret)
|
||||
|
||||
def reset(self):
|
||||
#self.state = None
|
||||
# self.state = None
|
||||
self.nonce = None
|
||||
|
||||
self.grant = {}
|
||||
|
@ -519,7 +519,7 @@ class Client(PBase):
|
|||
|
||||
def get_grant(self, state, **kwargs):
|
||||
# try:
|
||||
# _state = kwargs["state"]
|
||||
# _state = kwargs["state"]
|
||||
# if not _state:
|
||||
# _state = self.state
|
||||
# except KeyError:
|
||||
|
@ -560,7 +560,7 @@ class Client(PBase):
|
|||
if request_args is None:
|
||||
request_args = {}
|
||||
|
||||
#logger.debug("request_args: %s" % request_args)
|
||||
# logger.debug("request_args: %s" % request_args)
|
||||
kwargs = self._parse_args(request, **request_args)
|
||||
|
||||
if extra_args:
|
||||
|
@ -574,7 +574,7 @@ class Client(PBase):
|
|||
|
||||
return self.construct_request(request, request_args, extra_args)
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def construct_AuthorizationRequest(self, request=AuthorizationRequest,
|
||||
request_args=None, extra_args=None,
|
||||
**kwargs):
|
||||
|
@ -689,7 +689,7 @@ class Client(PBase):
|
|||
header_ext = {"Content-type": content_type}
|
||||
if (accept):
|
||||
header_ext = {"Accept": accept}
|
||||
|
||||
|
||||
if "headers" in kwargs.keys():
|
||||
kwargs["headers"].update(header_ext)
|
||||
else:
|
||||
|
@ -804,7 +804,7 @@ class Client(PBase):
|
|||
if not verf:
|
||||
raise PyoidcError("Verification of the response failed")
|
||||
if resp.type() == "AuthorizationResponse" and \
|
||||
"scope" not in resp:
|
||||
"scope" not in resp:
|
||||
try:
|
||||
resp["scope"] = kwargs["scope"]
|
||||
except KeyError:
|
||||
|
@ -1111,14 +1111,14 @@ class Server(PBase):
|
|||
if not keyjar:
|
||||
keyjar = self.keyjar
|
||||
|
||||
#areq = message().from_(txt, keys, verify)
|
||||
# areq = message().from_(txt, keys, verify)
|
||||
areq = request().deserialize(txt, "jwt", keyjar=keyjar,
|
||||
verify=verify)
|
||||
areq.verify()
|
||||
return areq
|
||||
|
||||
def parse_body_request(self, request=AccessTokenRequest, body=None):
|
||||
#req = message(reqmsg).from_urlencoded(body)
|
||||
# req = message(reqmsg).from_urlencoded(body)
|
||||
req = request().deserialize(body, "urlencoded")
|
||||
req.verify()
|
||||
return req
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
__author__ = 'rohe0002'
|
||||
|
||||
import time
|
||||
|
||||
from hashlib import md5
|
||||
|
||||
from oic.utils import http_util
|
||||
|
@ -77,7 +76,7 @@ class Consumer(Client):
|
|||
""" An OAuth2 consumer implementation
|
||||
|
||||
"""
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def __init__(self, session_db, client_config=None,
|
||||
server_info=None, authz_page="", response_type="",
|
||||
scope="", flow_type="", password=None):
|
||||
|
|
|
@ -1,15 +1,15 @@
|
|||
import logging
|
||||
import urllib
|
||||
import urlparse
|
||||
import requests
|
||||
|
||||
from oic.oic import OIDCONF_PATTERN
|
||||
from oic.oic.message import ProviderConfigurationResponse, AuthorizationResponse
|
||||
import requests
|
||||
from oic.utils.keyio import KeyJar
|
||||
from oic.utils.time_util import utc_time_sans_frac
|
||||
from oic.oic.provider import secret
|
||||
from oic.oic.provider import RegistrationEndpoint
|
||||
from oic.oic.provider import Endpoint
|
||||
|
||||
from oic import oauth2
|
||||
from oic.oauth2 import provider
|
||||
from oic.oauth2 import VerificationError
|
||||
|
@ -27,13 +27,13 @@ from oic.oauth2 import SINGLE_OPTIONAL_INT
|
|||
from oic.exception import UnknownAssertionType
|
||||
from oic.exception import PyoidcError
|
||||
from oic.exception import AuthzError
|
||||
|
||||
from oic.utils.authn.client import AuthnFailure
|
||||
from oic.utils.http_util import Unauthorized, NoContent
|
||||
from oic.utils.http_util import Response
|
||||
from oic.utils.http_util import BadRequest
|
||||
from oic.utils.http_util import Forbidden
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
__author__ = 'roland'
|
||||
|
@ -180,7 +180,7 @@ class Provider(provider.Provider):
|
|||
|
||||
# @staticmethod
|
||||
# def _uris_to_dict(uris):
|
||||
# ruri = {}
|
||||
# ruri = {}
|
||||
# for uri in uris:
|
||||
# base, query = urllib.splitquery(uri)
|
||||
# if query:
|
||||
|
@ -211,7 +211,7 @@ class Provider(provider.Provider):
|
|||
if query:
|
||||
tup.append((base, query))
|
||||
else:
|
||||
tup.append((base,""))
|
||||
tup.append((base, ""))
|
||||
return tup
|
||||
|
||||
@staticmethod
|
||||
|
@ -242,7 +242,7 @@ class Provider(provider.Provider):
|
|||
_cinfo["client_secret"] = secret(self.seed, _id)
|
||||
_cinfo["client_id_issued_at"] = utc_time_sans_frac()
|
||||
_cinfo["client_secret_expires_at"] = utc_time_sans_frac() + \
|
||||
self.secret_lifetime
|
||||
self.secret_lifetime
|
||||
|
||||
# If I support client info endpoint
|
||||
if ClientInfoEndpoint in self.endp:
|
||||
|
@ -289,7 +289,7 @@ class Provider(provider.Provider):
|
|||
|
||||
for key in _cinfo.keys():
|
||||
if key in ["client_id_issued_at", "client_secret_expires_at",
|
||||
"registration_access_token","registration_client_uri"]:
|
||||
"registration_access_token", "registration_client_uri"]:
|
||||
continue
|
||||
if key not in request:
|
||||
del _cinfo[key]
|
||||
|
@ -352,7 +352,7 @@ class Provider(provider.Provider):
|
|||
return self.client_info(client_id)
|
||||
|
||||
def client_info_endpoint(self, request, environ,
|
||||
method="GET", query="", **kwargs):
|
||||
method="GET", query="", **kwargs):
|
||||
"""
|
||||
Operations on this endpoint are switched through the use of different
|
||||
HTTP methods
|
||||
|
|
|
@ -3,15 +3,16 @@ import logging
|
|||
import urllib
|
||||
import urlparse
|
||||
import json
|
||||
|
||||
from jwkest import b64d
|
||||
import jwkest
|
||||
from jwkest.jwe import JWE
|
||||
from jwkest.jwk import keyitems2keyreps
|
||||
from jwkest.jws import JWS
|
||||
|
||||
from oic.exception import PyoidcError
|
||||
from oic.exception import MessageException
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
|
@ -149,7 +150,7 @@ class Message(object):
|
|||
elif isinstance(val, Message):
|
||||
try:
|
||||
params.append((key, str(_ser(val, sformat="urlencoded",
|
||||
lev=lev))))
|
||||
lev=lev))))
|
||||
except TypeError:
|
||||
params.append((key, val))
|
||||
elif val is None:
|
||||
|
@ -191,7 +192,7 @@ class Message(object):
|
|||
:return: An instance of the cls class
|
||||
"""
|
||||
|
||||
#parse_qs returns a dictionary with keys and values. The values are
|
||||
# parse_qs returns a dictionary with keys and values. The values are
|
||||
#always lists even if there is only one value in the list.
|
||||
#keys only appears once.
|
||||
|
||||
|
@ -327,8 +328,8 @@ class Message(object):
|
|||
return self
|
||||
|
||||
def _add_value(self, skey, vtyp, key, val, _deser, null_allowed):
|
||||
# if not val:
|
||||
# return
|
||||
# if not val:
|
||||
# return
|
||||
|
||||
if isinstance(val, list):
|
||||
if (len(val) == 0 or val[0] is None) and null_allowed is False:
|
||||
|
@ -528,14 +529,14 @@ class Message(object):
|
|||
raise ValueError("Not allowed value '%s'" % val)
|
||||
elif isinstance(typ, list):
|
||||
if isinstance(val, list):
|
||||
#_typ = typ[0]
|
||||
# _typ = typ[0]
|
||||
for item in val:
|
||||
if item not in _allowed:
|
||||
raise ValueError("Not allowed value '%s'" % val)
|
||||
elif val is None and na is False:
|
||||
raise ValueError("Not allowed value '%s'" % val)
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def verify(self, **kwargs):
|
||||
"""
|
||||
Make sure all the required values are there and that the values are
|
||||
|
@ -622,8 +623,8 @@ class Message(object):
|
|||
|
||||
return True
|
||||
|
||||
# def __getattr__(self, item):
|
||||
# return self._dict[item]
|
||||
# def __getattr__(self, item):
|
||||
# return self._dict[item]
|
||||
|
||||
def __delitem__(self, key):
|
||||
del self._dict[key]
|
||||
|
@ -668,7 +669,8 @@ class Message(object):
|
|||
return self.from_json(_res[0])
|
||||
|
||||
def copy(self):
|
||||
return copy.deepcopy(self)
|
||||
return copy.deepcopy(self)
|
||||
|
||||
|
||||
# =============================================================================
|
||||
|
||||
|
@ -682,10 +684,11 @@ def add_non_standard(msg1, msg2):
|
|||
if key not in msg1.c_param:
|
||||
msg1[key] = val
|
||||
|
||||
|
||||
# =============================================================================
|
||||
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def list_serializer(vals, sformat="urlencoded", lev=0):
|
||||
if isinstance(vals, basestring) or not isinstance(vals, list):
|
||||
raise ValueError("Expected list: %s" % vals)
|
||||
|
@ -733,6 +736,7 @@ def json_serializer(obj, sformat="urlencoded", lev=0):
|
|||
def json_deserializer(txt, sformat="urlencoded"):
|
||||
return json.loads(txt)
|
||||
|
||||
|
||||
VTYPE = 0
|
||||
VREQUIRED = 1
|
||||
VSER = 2
|
||||
|
@ -867,6 +871,7 @@ class TokenRevocationRequest(Message):
|
|||
class ResourceRequest(Message):
|
||||
c_param = {"access_token": SINGLE_OPTIONAL_STRING}
|
||||
|
||||
|
||||
MSG = {
|
||||
"Message": Message,
|
||||
"ErrorResponse": ErrorResponse,
|
||||
|
@ -891,6 +896,7 @@ def factory(msgtype):
|
|||
except KeyError:
|
||||
raise Exception("Unknown message type: %s" % msgtype)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
foo = AccessTokenRequest(grant_type="authorization_code",
|
||||
code="foo",
|
||||
|
|
|
@ -3,8 +3,10 @@ import traceback
|
|||
import sys
|
||||
import urllib
|
||||
import urlparse
|
||||
|
||||
from oic.utils.sdb import AccessCodeUsed
|
||||
|
||||
|
||||
__author__ = 'rohe0002'
|
||||
|
||||
import base64
|
||||
|
@ -94,7 +96,7 @@ def token_response(**kwargs):
|
|||
return aresp
|
||||
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def none_response(**kwargs):
|
||||
_areq = kwargs["areq"]
|
||||
aresp = NoneResponse()
|
||||
|
@ -372,7 +374,7 @@ class Provider(object):
|
|||
|
||||
try:
|
||||
if len(self.authn_broker) == 1:
|
||||
return self.authn_broker[0]
|
||||
return self.authn_broker[0]
|
||||
else:
|
||||
try:
|
||||
_values = areq["acr_values"]
|
||||
|
@ -533,8 +535,8 @@ class Provider(object):
|
|||
pass
|
||||
|
||||
if "response_type" in areq and \
|
||||
len(areq["response_type"]) == 1 and \
|
||||
"none" in areq["response_type"]:
|
||||
len(areq["response_type"]) == 1 and \
|
||||
"none" in areq["response_type"]:
|
||||
pass
|
||||
else:
|
||||
#if self.sdb.is_revoked(sinfo):
|
||||
|
@ -648,9 +650,8 @@ class Provider(object):
|
|||
return Response(err.to_json(), content="application/json",
|
||||
status="401 Unauthorized")
|
||||
|
||||
|
||||
LOG_DEBUG("_tinfo: %s" % _tinfo)
|
||||
|
||||
|
||||
atr = AccessTokenResponse(**by_schema(AccessTokenResponse, **_tinfo))
|
||||
|
||||
LOG_DEBUG("AccessTokenResponse: %s" % atr)
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
from jwkest.jwe import JWE
|
||||
from oic.utils.keyio import KeyJar
|
||||
|
||||
__author__ = 'rohe0002'
|
||||
|
@ -163,7 +164,7 @@ def make_openid_request(arq, keys=None, userinfo_claims=None,
|
|||
c_args["userinfo"] = Claims(**userinfo_claims)
|
||||
|
||||
if idtoken_claims is not None:
|
||||
#IdTokenClaims
|
||||
# IdTokenClaims
|
||||
c_args["id_token"] = Claims(**idtoken_claims)
|
||||
|
||||
if c_args:
|
||||
|
@ -194,7 +195,7 @@ class Grant(oauth2.Grant):
|
|||
|
||||
|
||||
PREFERENCE2PROVIDER = {
|
||||
#"require_signed_request_object": "request_object_algs_supported",
|
||||
# "require_signed_request_object": "request_object_algs_supported",
|
||||
"request_object_signing_alg": "request_object_signing_alg_values_supported",
|
||||
"request_object_encryption_alg":
|
||||
"request_object_encryption_alg_values_supported",
|
||||
|
@ -220,7 +221,7 @@ PREFERENCE2PROVIDER = {
|
|||
#"request_object_signing_alg": "request_object_signing_alg_values_supported
|
||||
}
|
||||
|
||||
PROVIDER2PREFERENCE = dict([(v,k) for k,v in PREFERENCE2PROVIDER.items()])
|
||||
PROVIDER2PREFERENCE = dict([(v, k) for k, v in PREFERENCE2PROVIDER.items()])
|
||||
|
||||
PROVIDER_DEFAULT = {
|
||||
"token_endpoint_auth_method": "client_secret_basic",
|
||||
|
@ -228,7 +229,7 @@ PROVIDER_DEFAULT = {
|
|||
}
|
||||
|
||||
|
||||
#noinspection PyMethodOverriding
|
||||
# noinspection PyMethodOverriding
|
||||
class Client(oauth2.Client):
|
||||
_endpoints = ENDPOINTS
|
||||
|
||||
|
@ -261,7 +262,7 @@ class Client(oauth2.Client):
|
|||
|
||||
self.behaviour = {
|
||||
"request_object_signing_alg":
|
||||
DEF_SIGN_ALG["openid_request_object"]}
|
||||
DEF_SIGN_ALG["openid_request_object"]}
|
||||
|
||||
self.wf = WebFinger(OIC_ISSUER)
|
||||
self.wf.httpd = self
|
||||
|
@ -1129,7 +1130,7 @@ class Server(oauth2.Server):
|
|||
|
||||
"""
|
||||
param = self._parse_urlencoded(url, query)
|
||||
assert "access_token" in param # ignore the rest
|
||||
assert "access_token" in param # ignore the rest
|
||||
return deser_id_token(self, param["access_token"][0])
|
||||
|
||||
def _parse_request(self, request, data, sformat, client_id=None):
|
||||
|
|
|
@ -25,7 +25,7 @@ from oic.utils.http_util import Response
|
|||
from oic.utils.authn.client import bearer_auth
|
||||
|
||||
# Used in claims.py
|
||||
#from oic.oic.message import RegistrationRequest
|
||||
# from oic.oic.message import RegistrationRequest
|
||||
#from oic.oic.message import RegistrationResponse
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
@ -44,6 +44,7 @@ class UserClaimsResponse(Message):
|
|||
"endpoint": SINGLE_OPTIONAL_STRING,
|
||||
"access_token": SINGLE_OPTIONAL_STRING}
|
||||
|
||||
|
||||
# def verify(self, **kwargs):
|
||||
# if "jwt" in self:
|
||||
# # Try to decode the JWT, checks the signature
|
||||
|
@ -65,7 +66,6 @@ class UserInfoClaimsRequest(Message):
|
|||
|
||||
|
||||
class OICCServer(OicServer):
|
||||
|
||||
def parse_user_claims_request(self, info, sformat="urlencoded"):
|
||||
return self._parse_request(UserClaimsRequest, info, sformat)
|
||||
|
||||
|
@ -74,7 +74,6 @@ class OICCServer(OicServer):
|
|||
|
||||
|
||||
class ClaimsServer(Provider):
|
||||
|
||||
def __init__(self, name, sdb, cdb, userinfo, client_authn, urlmap=None,
|
||||
ca_certs="", keyjar=None, hostname="", dist_claims_mode=None):
|
||||
Provider.__init__(self, name, sdb, cdb, None, userinfo, None,
|
||||
|
@ -176,7 +175,6 @@ class ClaimsServer(Provider):
|
|||
|
||||
|
||||
class ClaimsClient(Client):
|
||||
|
||||
def __init__(self, client_id=None, ca_certs=""):
|
||||
|
||||
Client.__init__(self, client_id, ca_certs)
|
||||
|
@ -208,8 +206,8 @@ class ClaimsClient(Client):
|
|||
else:
|
||||
http_args.update(http_args)
|
||||
|
||||
# http_args = self.init_authentication_method(csi, "bearer_header",
|
||||
# request_args)
|
||||
# http_args = self.init_authentication_method(csi, "bearer_header",
|
||||
# request_args)
|
||||
|
||||
return self.request_and_return(url, request_resp, method, body,
|
||||
body_type, extended=False,
|
||||
|
|
|
@ -95,6 +95,7 @@ def clean_response(aresp):
|
|||
|
||||
return atr
|
||||
|
||||
|
||||
IGNORE = ["request2endpoint", "response2error", "grant_class", "token_class"]
|
||||
|
||||
CONSUMER_PREF_ARGS = [
|
||||
|
@ -122,7 +123,7 @@ class Consumer(Client):
|
|||
""" An OpenID Connect consumer implementation
|
||||
|
||||
"""
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def __init__(self, session_db, config, client_config=None,
|
||||
server_info=None, debug=False, client_prefs=None):
|
||||
""" Initializes a Consumer instance.
|
||||
|
@ -326,7 +327,7 @@ class Consumer(Client):
|
|||
return http_util.BadRequest("Missing query")
|
||||
|
||||
_log_info("response: %s" % query)
|
||||
|
||||
|
||||
if "code" in self.config["response_type"]:
|
||||
# Might be an error response
|
||||
_log_info("Expect Authorization Response")
|
||||
|
@ -410,7 +411,7 @@ class Consumer(Client):
|
|||
|
||||
def refresh_token(self):
|
||||
pass
|
||||
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
def get_user_info(self, state):
|
||||
uinfo = self.do_user_info_request(state=state, schema="openid")
|
||||
|
|
|
@ -29,7 +29,7 @@ from jwkest import jws
|
|||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def json_ser(val, sformat=None, lev=0):
|
||||
return json.dumps(val)
|
||||
|
||||
|
@ -247,7 +247,6 @@ class UserInfoRequest(Message):
|
|||
|
||||
class AuthorizationResponse(message.AuthorizationResponse,
|
||||
message.AccessTokenResponse):
|
||||
|
||||
c_param = message.AuthorizationResponse.c_param.copy()
|
||||
c_param.update(message.AccessTokenResponse.c_param)
|
||||
c_param.update({
|
||||
|
@ -557,12 +556,12 @@ class RegistrationResponse(Message):
|
|||
if "registration_client_uri" in self:
|
||||
if not "registration_access_token":
|
||||
raise VerificationError((
|
||||
"Only one of registration_client_uri"
|
||||
" and registration_access_token present"), self)
|
||||
"Only one of registration_client_uri"
|
||||
" and registration_access_token present"), self)
|
||||
elif "registration_access_token" in self:
|
||||
raise VerificationError((
|
||||
"Only one of registration_client_uri"
|
||||
" and registration_access_token present"), self)
|
||||
"Only one of registration_client_uri"
|
||||
" and registration_access_token present"), self)
|
||||
|
||||
return super(RegistrationResponse, self).verify(**kwargs)
|
||||
|
||||
|
@ -599,7 +598,7 @@ class IdToken(OpenIDSchema):
|
|||
raise NotForMe("", self)
|
||||
|
||||
if len(self["aud"]) > 1: # Then azr has to be present and be one of
|
||||
# the values
|
||||
# the values
|
||||
try:
|
||||
assert "azr" in self
|
||||
except AssertionError:
|
||||
|
@ -696,12 +695,12 @@ class ProviderConfigurationResponse(Message):
|
|||
"userinfo_encryption_enc_values_supported": OPTIONAL_LIST_OF_STRINGS,
|
||||
"request_object_signing_alg_values_supported": OPTIONAL_LIST_OF_STRINGS,
|
||||
"request_object_encryption_alg_values_supported":
|
||||
OPTIONAL_LIST_OF_STRINGS,
|
||||
OPTIONAL_LIST_OF_STRINGS,
|
||||
"request_object_encryption_enc_values_supported":
|
||||
OPTIONAL_LIST_OF_STRINGS,
|
||||
OPTIONAL_LIST_OF_STRINGS,
|
||||
"token_endpoint_auth_methods_supported": OPTIONAL_LIST_OF_STRINGS,
|
||||
"token_endpoint_auth_signing_alg_values_supported":
|
||||
OPTIONAL_LIST_OF_STRINGS,
|
||||
OPTIONAL_LIST_OF_STRINGS,
|
||||
"display_values_supported": OPTIONAL_LIST_OF_STRINGS,
|
||||
"claim_types_supported": OPTIONAL_LIST_OF_STRINGS,
|
||||
"claims_supported": OPTIONAL_LIST_OF_STRINGS,
|
||||
|
@ -773,6 +772,7 @@ class DiscoveryResponse(Message):
|
|||
class ResourceRequest(Message):
|
||||
c_param = {"access_token": SINGLE_OPTIONAL_STRING}
|
||||
|
||||
|
||||
SCOPE2CLAIMS = {
|
||||
"openid": ["sub"],
|
||||
"profile": ["name", "given_name", "family_name", "middle_name",
|
||||
|
@ -830,6 +830,7 @@ def factory(msgtype):
|
|||
else:
|
||||
raise PyoidcError("Unknown message type: %s" % msgtype)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
atr = AccessTokenResponse(access_token="access_token",
|
||||
token_type="token_type")
|
||||
|
|
|
@ -1,10 +1,13 @@
|
|||
#!/usr/bin/env python
|
||||
import copy
|
||||
import json
|
||||
import traceback
|
||||
import urllib
|
||||
import sys
|
||||
from jwkest.jwe import JWE
|
||||
from requests import ConnectionError
|
||||
from jwkest import jws, jwe
|
||||
from jwkest.jws import alg2keytype
|
||||
|
||||
from oic.utils import time_util
|
||||
from oic.utils.authn.user import NoSuchAuthentication
|
||||
from oic.utils.authn.user import ToOld
|
||||
|
@ -12,9 +15,6 @@ from oic.utils.authn.user import TamperAllert
|
|||
from oic.utils.time_util import utc_time_sans_frac
|
||||
from oic.utils.keyio import KeyBundle
|
||||
from oic.utils.keyio import key_export
|
||||
|
||||
from requests import ConnectionError
|
||||
|
||||
from oic.oauth2.message import by_schema
|
||||
from oic.oic.message import RefreshAccessTokenRequest
|
||||
from oic.oic.message import EndSessionRequest
|
||||
|
@ -35,8 +35,6 @@ from oic.oic.message import DiscoveryRequest
|
|||
from oic.oic.message import ProviderConfigurationResponse
|
||||
from oic.oic.message import DiscoveryResponse
|
||||
|
||||
from jwkest import jws, jwe
|
||||
from jwkest.jws import alg2keytype
|
||||
|
||||
__author__ = 'rohe0002'
|
||||
|
||||
|
@ -70,7 +68,7 @@ SWD_ISSUER = "http://openid.net/specs/connect/1.0/issuer"
|
|||
STR = 5 * "_"
|
||||
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def devnull(txt):
|
||||
pass
|
||||
|
||||
|
@ -87,6 +85,7 @@ def secret(seed, sid):
|
|||
csum.update(sid)
|
||||
return csum.hexdigest()
|
||||
|
||||
|
||||
#def update_info(aresp, sdict):
|
||||
# for prop in aresp._schema["param"].keys():
|
||||
# try:
|
||||
|
@ -138,6 +137,7 @@ def construct_uri(item):
|
|||
class AuthorizationEndpoint(Endpoint):
|
||||
etype = "authorization"
|
||||
|
||||
|
||||
class TokenEndpoint(Endpoint):
|
||||
etype = "token"
|
||||
|
||||
|
@ -146,11 +146,11 @@ class UserinfoEndpoint(Endpoint):
|
|||
etype = "userinfo"
|
||||
|
||||
|
||||
class RegistrationEndpoint(Endpoint) :
|
||||
class RegistrationEndpoint(Endpoint):
|
||||
etype = "registration"
|
||||
|
||||
|
||||
class EndSessionEndpoint(Endpoint) :
|
||||
class EndSessionEndpoint(Endpoint):
|
||||
etype = "endsession"
|
||||
|
||||
|
||||
|
@ -226,8 +226,8 @@ class Provider(AProvider):
|
|||
except KeyError:
|
||||
pass
|
||||
else:
|
||||
# make sure id_token_signed_response_alg is set in client register
|
||||
# response. This will make it happen in match_preferences()
|
||||
# make sure id_token_signed_response_alg is set in client register
|
||||
# response. This will make it happen in match_preferences()
|
||||
for val in PREFERENCE2PROVIDER.values():
|
||||
if val.endswith("signing_alg_values_supported"):
|
||||
self.capabilities[val] = [mode["sign"]]
|
||||
|
@ -238,8 +238,8 @@ class Provider(AProvider):
|
|||
except KeyError:
|
||||
pass
|
||||
else:
|
||||
# make sure id_token_signed_response_alg is set in client register
|
||||
# response. This will make it happen in match_preferences()
|
||||
# make sure id_token_signed_response_alg is set in client register
|
||||
# response. This will make it happen in match_preferences()
|
||||
for val in PREFERENCE2PROVIDER.values():
|
||||
if val.endswith("encryption_alg_values_supported"):
|
||||
self.capabilities[val] = [_enc_alg]
|
||||
|
@ -250,8 +250,8 @@ class Provider(AProvider):
|
|||
except KeyError:
|
||||
pass
|
||||
else:
|
||||
# make sure id_token_signed_response_alg is set in client register
|
||||
# response. This will make it happen in match_preferences()
|
||||
# make sure id_token_signed_response_alg is set in client register
|
||||
# response. This will make it happen in match_preferences()
|
||||
for val in PREFERENCE2PROVIDER.values():
|
||||
if val.endswith("encryption_enc_values_supported"):
|
||||
self.capabilities[val] = [_enc_enc]
|
||||
|
@ -397,7 +397,7 @@ class Provider(AProvider):
|
|||
|
||||
try:
|
||||
if len(self.authn_broker) == 1:
|
||||
return self.authn_broker[0]
|
||||
return self.authn_broker[0]
|
||||
else:
|
||||
if "acr_values" in areq:
|
||||
if not comparision_type:
|
||||
|
@ -452,7 +452,7 @@ class Provider(AProvider):
|
|||
"post_logout_redirect_uri": esr["post_logout_redirect_uri"],
|
||||
"key": self.sdb.get_verify_logout(uid),
|
||||
"redirect": redirect,
|
||||
"action": "/"+EndSessionEndpoint("").etype
|
||||
"action": "/" + EndSessionEndpoint("").etype
|
||||
}
|
||||
return Response(mte.render(**argv), headers=[])
|
||||
|
||||
|
@ -467,7 +467,7 @@ class Provider(AProvider):
|
|||
if "id_token_hint" in esr:
|
||||
id_token_hint = OpenIDRequest().from_jwt(esr["id_token_hint"],
|
||||
keyjar=self.keyjar,
|
||||
verify=True)
|
||||
verify=True)
|
||||
uid = id_token_hint["sub"]
|
||||
else:
|
||||
identity = authn.authenticated_as(cookie)
|
||||
|
@ -676,7 +676,7 @@ class Provider(AProvider):
|
|||
|
||||
keys = self.keyjar.get_encrypt_key(owner=cid)
|
||||
logger.debug("keys for %s: %s" % (
|
||||
cid, "["+", ".join([str(x) for x in self.keyjar[cid]]))+"]")
|
||||
cid, "[" + ", ".join([str(x) for x in self.keyjar[cid]])) + "]")
|
||||
logger.debug("alg=%s, enc=%s, val_type=%s" % (alg, enc, val_type))
|
||||
logger.debug("Encryption keys for %s: %s" % (cid, keys))
|
||||
|
||||
|
@ -999,7 +999,7 @@ class Provider(AProvider):
|
|||
for reg, qp in urlset:
|
||||
_part = urlparse.urlparse(reg)
|
||||
if part.scheme == _part.scheme and part.netloc == _part.netloc:
|
||||
return True
|
||||
return True
|
||||
|
||||
return False
|
||||
|
||||
|
@ -1178,7 +1178,7 @@ class Provider(AProvider):
|
|||
request.verify()
|
||||
except MessageException, err:
|
||||
if "type" not in request:
|
||||
return self._error(error="invalid_type",
|
||||
return self._error(error="invalid_type",
|
||||
descr="%s" % err)
|
||||
else:
|
||||
return self._error(error="invalid_configuration_parameter",
|
||||
|
@ -1486,8 +1486,8 @@ class Provider(AProvider):
|
|||
pass
|
||||
|
||||
if "response_type" in areq and \
|
||||
len(areq["response_type"]) == 1 and \
|
||||
"none" in areq["response_type"]:
|
||||
len(areq["response_type"]) == 1 and \
|
||||
"none" in areq["response_type"]:
|
||||
fragment_enc = False
|
||||
else:
|
||||
if self.sdb.is_revoked(sid):
|
||||
|
@ -1625,6 +1625,7 @@ class Provider(AProvider):
|
|||
"""
|
||||
return self.end_session_endpoint(request, **kwargs)
|
||||
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
|
|
@ -64,7 +64,7 @@ def encrypt(key, msg, iv=None, alg="aes_128_cbc", padding="PKCS#7",
|
|||
if _block_size:
|
||||
plen = _block_size - (len(msg) % _block_size)
|
||||
c = chr(plen)
|
||||
msg += c*plen
|
||||
msg += c * plen
|
||||
|
||||
cipher, iv = build_cipher(key, iv, alg)
|
||||
cmsg = iv + cipher.encrypt(msg)
|
||||
|
@ -95,6 +95,7 @@ def decrypt(key, msg, iv=None, padding="PKCS#7", b64dec=True):
|
|||
res = res[:-ord(res[-1])]
|
||||
return res
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
key_ = "1234523451234545" # 16 byte key
|
||||
# Iff padded the message doesn't have to be multiple of 16 in length
|
||||
|
|
|
@ -77,7 +77,7 @@ class AuthnBroker(object):
|
|||
if level and level != item["level"]:
|
||||
_remain.append(_ref)
|
||||
if authn_authority and \
|
||||
authn_authority != item["authn_authority"]:
|
||||
authn_authority != item["authn_authority"]:
|
||||
_remain.append(_ref)
|
||||
if _remain:
|
||||
self.db[acr] = _remain
|
||||
|
@ -204,6 +204,7 @@ def make_auth_verify(callback, next_module_instance=None):
|
|||
setup_multi_auth (in multi_auth.py)
|
||||
:return: function encapsulating the specified callback which properly handles a multi auth chain.
|
||||
"""
|
||||
|
||||
def auth_verify(environ, start_response, logger):
|
||||
kwargs = extract_from_request(environ)
|
||||
|
||||
|
|
|
@ -3,6 +3,7 @@ import base64
|
|||
from jwkest import Invalid
|
||||
from jwkest import MissingKey
|
||||
from jwkest.jws import alg2keytype
|
||||
|
||||
from oic.exception import UnknownAssertionType
|
||||
from oic.exception import NotForMe
|
||||
from oic.oauth2 import rndstr, VREQUIRED
|
||||
|
@ -65,6 +66,7 @@ class ClientSecretBasic(ClientAuthnMethod):
|
|||
Server, authenticate with the Authorization Server in accordance with
|
||||
Section 3.2.1 of OAuth 2.0 [RFC6749] using HTTP Basic authentication scheme.
|
||||
"""
|
||||
|
||||
def construct(self, cis, request_args=None, http_args=None, **kwargs):
|
||||
"""
|
||||
:param cis: Request class instance
|
||||
|
@ -125,6 +127,7 @@ class ClientSecretPost(ClientSecretBasic):
|
|||
Section 3.2.1 of OAuth 2.0 [RFC6749] by including the Client Credentials in
|
||||
the request body.
|
||||
"""
|
||||
|
||||
def construct(self, cis, request_args=None, http_args=None, **kwargs):
|
||||
if "client_secret" not in cis:
|
||||
try:
|
||||
|
@ -177,7 +180,7 @@ class BearerHeader(ClientAuthnMethod):
|
|||
_acc_token = request_args["access_token"]
|
||||
|
||||
# Do I need to base64 encode the access token ? Probably !
|
||||
#_bearer = "Bearer %s" % base64.b64encode(_acc_token)
|
||||
# _bearer = "Bearer %s" % base64.b64encode(_acc_token)
|
||||
_bearer = "Bearer %s" % _acc_token
|
||||
if http_args is None:
|
||||
http_args = {"headers": {}}
|
||||
|
@ -246,7 +249,6 @@ def bearer_auth(req, authn):
|
|||
|
||||
|
||||
class JWSAuthnMethod(ClientAuthnMethod):
|
||||
|
||||
def choose_algorithm(self, entity, **kwargs):
|
||||
try:
|
||||
algorithm = kwargs["algorithm"]
|
||||
|
@ -324,7 +326,7 @@ class JWSAuthnMethod(ClientAuthnMethod):
|
|||
return False
|
||||
|
||||
logger.debug("authntoken: %s" % bjwt.to_dict())
|
||||
#logger.debug("known clients: %s" % self.cli.cdb.keys())
|
||||
# logger.debug("known clients: %s" % self.cli.cdb.keys())
|
||||
try:
|
||||
# There might not be a client_id in the request
|
||||
assert str(bjwt["iss"]) in self.cli.cdb # It's a client I know
|
||||
|
@ -355,6 +357,7 @@ class ClientSecretJWT(JWSAuthnMethod):
|
|||
The HMAC (Hash-based Message Authentication Code) is calculated using the
|
||||
bytes of the UTF-8 representation of the client_secret as the shared key.
|
||||
"""
|
||||
|
||||
def choose_algorithm(self, entity="client_secret_jwt", **kwargs):
|
||||
return JWSAuthnMethod.choose_algorithm(self, entity, **kwargs)
|
||||
|
||||
|
@ -366,6 +369,7 @@ class PrivateKeyJWT(JWSAuthnMethod):
|
|||
"""
|
||||
Clients that have registered a public key sign a JWT using that key.
|
||||
"""
|
||||
|
||||
def choose_algorithm(self, entity="private_key_jwt", **kwargs):
|
||||
return JWSAuthnMethod.choose_algorithm(self, entity, **kwargs)
|
||||
|
||||
|
@ -373,7 +377,7 @@ class PrivateKeyJWT(JWSAuthnMethod):
|
|||
return self.cli.keyjar.get_signing_key(alg2keytype(algorithm), "")
|
||||
|
||||
|
||||
#from oic.utils.authn.client_saml import SAML2_BEARER_ASSERTION_TYPE
|
||||
# from oic.utils.authn.client_saml import SAML2_BEARER_ASSERTION_TYPE
|
||||
|
||||
|
||||
CLIENT_AUTHN_METHOD = {
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
import base64
|
||||
|
||||
from oic.utils.authn.client import ClientAuthnMethod
|
||||
from oic.utils.authn.client import CLIENT_AUTHN_METHOD
|
||||
|
||||
|
||||
__author__ = 'rolandh'
|
||||
|
||||
SAML2_BEARER_ASSERTION_TYPE = \
|
||||
|
@ -16,6 +18,7 @@ else:
|
|||
"""
|
||||
Authenticating clients using the SAML2 assertion profile
|
||||
"""
|
||||
|
||||
def construct(self, cis, assertion=None, **kwargs):
|
||||
"""
|
||||
|
||||
|
@ -38,7 +41,7 @@ else:
|
|||
|
||||
def _verify_saml2_assertion(self, assertion):
|
||||
subject = assertion.subject
|
||||
#client_id = subject.name_id.text
|
||||
# client_id = subject.name_id.text
|
||||
#who_ever_issued_it = assertion.issuer.text
|
||||
|
||||
audience = []
|
||||
|
|
|
@ -1,10 +1,12 @@
|
|||
import urlparse
|
||||
from urlparse import parse_qs
|
||||
from oic.utils.authn.user import UserAuthnMethod, logger, UsernamePasswordMako
|
||||
from oic.utils.http_util import Response, Unauthorized, Redirect
|
||||
|
||||
from oic.utils.authn.user import logger, UsernamePasswordMako
|
||||
from oic.utils.http_util import Unauthorized, Redirect
|
||||
|
||||
|
||||
__author__ = 'danielevertsson'
|
||||
|
||||
|
||||
class JavascriptFormMako(UsernamePasswordMako):
|
||||
"""Do user authentication using the normal username password form in a
|
||||
WSGI environment using Mako as template system"""
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
import logging
|
||||
|
||||
from oic.utils.userinfo.ldap_info import UserInfoLDAP
|
||||
|
||||
|
||||
__author__ = 'haho0032'
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class UserLDAPMemberValidation(UserInfoLDAP):
|
||||
|
||||
def __init__(self, verify_attr=None, verify_attr_valid=None, **kwargs):
|
||||
UserInfoLDAP.__init__(self, **kwargs)
|
||||
self.verify_attr = verify_attr
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
import ldap
|
||||
|
||||
from oic.utils.authn.user import UsernamePasswordMako
|
||||
|
||||
|
||||
SCOPE_MAP = {
|
||||
"base": ldap.SCOPE_BASE,
|
||||
"onelevel": ldap.SCOPE_ONELEVEL,
|
||||
|
|
|
@ -9,6 +9,7 @@ class MultiAuthnMethod(UserAuthnMethod):
|
|||
Small auth module just to kick off multi auth chains (it must be the first module in the chain).
|
||||
Do no instantiate this object, use setup_multi_auth instead!
|
||||
"""
|
||||
|
||||
def __init__(self, auth_module):
|
||||
UserAuthnMethod.__init__(self, None)
|
||||
self.auth_module = auth_module
|
||||
|
@ -49,6 +50,7 @@ class AuthnIndexedEndpointWrapper(UserAuthnMethod):
|
|||
Wrapper class for using an authn module with multiple endpoints.
|
||||
Encapsulates the desired index of the endpoint.
|
||||
"""
|
||||
|
||||
def __init__(self, authn_instance, end_point_index):
|
||||
UserAuthnMethod.__init__(self, None)
|
||||
|
||||
|
|
|
@ -4,21 +4,24 @@ from tempfile import NamedTemporaryFile
|
|||
from urllib import urlencode
|
||||
import logging
|
||||
import base64
|
||||
from urlparse import parse_qs
|
||||
|
||||
from oic.oauth2 import VerificationError
|
||||
from oic.utils.authn.user import UserAuthnMethod
|
||||
from oic.utils.authn.user import create_return_url
|
||||
from urlparse import parse_qs
|
||||
from oic.utils.http_util import Redirect
|
||||
from oic.utils.http_util import SeeOther
|
||||
from oic.utils.http_util import Response
|
||||
from oic.utils.http_util import Unauthorized
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class ServiceErrorException(Exception):
|
||||
pass
|
||||
|
||||
|
||||
try:
|
||||
import saml2
|
||||
except ImportError:
|
||||
|
@ -36,7 +39,7 @@ else:
|
|||
from saml2.s_utils import UnknownPrincipal
|
||||
from saml2.s_utils import UnsupportedBinding
|
||||
|
||||
#This class handles user authentication with CAS.
|
||||
# This class handles user authentication with CAS.
|
||||
class SAMLAuthnMethod(UserAuthnMethod):
|
||||
CONST_QUERY = "query"
|
||||
CONST_SAML_COOKIE = "samlauthc"
|
||||
|
@ -348,22 +351,22 @@ else:
|
|||
return self.response(binding, ht_args, query)
|
||||
|
||||
def response(self, binding, http_args, query):
|
||||
cookie = self.create_cookie(
|
||||
'{"' + self.CONST_QUERY + '": "' + base64.b64encode(query) +
|
||||
'" , "' + self.CONST_HASIDP + '": "True" }',
|
||||
self.CONST_SAML_COOKIE, self.CONST_SAML_COOKIE)
|
||||
if binding == BINDING_HTTP_ARTIFACT:
|
||||
resp = Redirect()
|
||||
elif binding == BINDING_HTTP_REDIRECT:
|
||||
for param, value in http_args["headers"]:
|
||||
if param == "Location":
|
||||
resp = SeeOther(str(value), headers=[cookie])
|
||||
break
|
||||
else:
|
||||
raise ServiceErrorException("Parameter error")
|
||||
cookie = self.create_cookie(
|
||||
'{"' + self.CONST_QUERY + '": "' + base64.b64encode(query) +
|
||||
'" , "' + self.CONST_HASIDP + '": "True" }',
|
||||
self.CONST_SAML_COOKIE, self.CONST_SAML_COOKIE)
|
||||
if binding == BINDING_HTTP_ARTIFACT:
|
||||
resp = Redirect()
|
||||
elif binding == BINDING_HTTP_REDIRECT:
|
||||
for param, value in http_args["headers"]:
|
||||
if param == "Location":
|
||||
resp = SeeOther(str(value), headers=[cookie])
|
||||
break
|
||||
else:
|
||||
http_args["headers"].append(cookie)
|
||||
resp = Response(http_args["data"],
|
||||
headers=http_args["headers"])
|
||||
raise ServiceErrorException("Parameter error")
|
||||
else:
|
||||
http_args["headers"].append(cookie)
|
||||
resp = Response(http_args["data"],
|
||||
headers=http_args["headers"])
|
||||
|
||||
return resp
|
||||
return resp
|
||||
|
|
|
@ -7,7 +7,7 @@ from urlparse import parse_qs
|
|||
from urlparse import urlsplit
|
||||
import urlparse
|
||||
|
||||
#from oic.utils.aes_m2c import AES_decrypt
|
||||
# from oic.utils.aes_m2c import AES_decrypt
|
||||
from oic.utils import aes
|
||||
from oic.utils.http_util import Response
|
||||
from oic.utils.http_util import CookieDealer
|
||||
|
@ -91,6 +91,7 @@ class UserAuthnMethod(CookieDealer):
|
|||
return rp_query_cookie[0]
|
||||
return ""
|
||||
|
||||
|
||||
def url_encode_params(params=None):
|
||||
if not isinstance(params, dict):
|
||||
raise Exception("You must pass in a dictionary!")
|
||||
|
@ -280,7 +281,6 @@ class UsernamePasswordMako(UserAuthnMethod):
|
|||
|
||||
|
||||
class BasicAuthn(UserAuthnMethod):
|
||||
|
||||
def __init__(self, srv, pwd, ttl=5):
|
||||
UserAuthnMethod.__init__(self, srv, ttl)
|
||||
self.passwd = pwd
|
||||
|
@ -310,7 +310,6 @@ class BasicAuthn(UserAuthnMethod):
|
|||
|
||||
|
||||
class SymKeyAuthn(UserAuthnMethod):
|
||||
|
||||
def __init__(self, srv, ttl, symkey):
|
||||
UserAuthnMethod.__init__(self, srv, ttl)
|
||||
self.symkey = symkey
|
||||
|
|
|
@ -6,15 +6,17 @@ import logging
|
|||
import requests
|
||||
import base64
|
||||
import xml.etree.ElementTree as ET
|
||||
from oic.utils.authn.user import UserAuthnMethod
|
||||
from urlparse import parse_qs
|
||||
|
||||
from oic.utils.authn.user import UserAuthnMethod
|
||||
from oic.utils.http_util import Redirect
|
||||
from oic.utils.http_util import Unauthorized
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
#This class handles user authentication with CAS.
|
||||
# This class handles user authentication with CAS.
|
||||
class CasAuthnMethod(UserAuthnMethod):
|
||||
#Standard login url for a CAS server.
|
||||
CONST_CASLOGIN = "/cas/login?"
|
||||
|
@ -122,7 +124,7 @@ class CasAuthnMethod(UserAuthnMethod):
|
|||
if acr is None:
|
||||
acr = ""
|
||||
return self.service_url + "?" + self.CONST_NONCE + "=" + nonce + \
|
||||
"&acr_values=" + acr
|
||||
"&acr_values=" + acr
|
||||
|
||||
def verify(self, request, cookie, **kwargs):
|
||||
"""
|
||||
|
|
|
@ -1,8 +1,10 @@
|
|||
import logging
|
||||
import time
|
||||
|
||||
from oic.utils.http_util import CookieDealer
|
||||
from oic.utils.authn.user import ToOld
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
__author__ = 'rolandh'
|
||||
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
class ClaimsMode(object):
|
||||
def __init__(self, user2mode):
|
||||
self.user2mode = user2mode
|
||||
|
|
|
@ -4,8 +4,8 @@ import cgi
|
|||
import time
|
||||
import hashlib
|
||||
import hmac
|
||||
|
||||
from urllib import quote
|
||||
from Cookie import SimpleCookie
|
||||
|
||||
from oic.oauth2 import rndstr
|
||||
from oic.exception import UnsupportedMethod
|
||||
|
@ -13,8 +13,6 @@ from oic.utils import time_util
|
|||
from oic.utils.aes import encrypt
|
||||
from oic.utils.aes import decrypt
|
||||
|
||||
from Cookie import SimpleCookie
|
||||
|
||||
|
||||
class Response(object):
|
||||
_template = None
|
||||
|
@ -73,8 +71,8 @@ class NoContent(Response):
|
|||
|
||||
class Redirect(Response):
|
||||
_template = '<html>\n<head><title>Redirecting to %s</title></head>\n' \
|
||||
'<body>\nYou are being redirected to <a href="%s">%s</a>\n' \
|
||||
'</body>\n</html>'
|
||||
'<body>\nYou are being redirected to <a href="%s">%s</a>\n' \
|
||||
'</body>\n</html>'
|
||||
_status = '302 Found'
|
||||
|
||||
def __call__(self, environ, start_response, **kwargs):
|
||||
|
@ -86,8 +84,8 @@ class Redirect(Response):
|
|||
|
||||
class SeeOther(Response):
|
||||
_template = '<html>\n<head><title>Redirecting to %s</title></head>\n' \
|
||||
'<body>\nYou are being redirected to <a href="%s">%s</a>\n' \
|
||||
'</body>\n</html>'
|
||||
'<body>\nYou are being redirected to <a href="%s">%s</a>\n' \
|
||||
'</body>\n</html>'
|
||||
_status = '303 See Other'
|
||||
|
||||
def __call__(self, environ, start_response, **kwargs):
|
||||
|
@ -216,7 +214,7 @@ def cookie_signature(seed, *parts):
|
|||
return sha1.hexdigest()
|
||||
|
||||
|
||||
def make_cookie(name, load, seed, expire=0, domain="", path="", timestamp=""):
|
||||
def make_cookie(name, load, seed, expire=0, domain="", path="", timestamp=""):
|
||||
"""
|
||||
Create and return a cookie
|
||||
|
||||
|
@ -351,12 +349,11 @@ def wsgi_wrapper(environ, start_response, func, **kwargs):
|
|||
resp = args
|
||||
return resp(environ, start_response)
|
||||
except Exception as err:
|
||||
#logger.error("%s" % err)
|
||||
# logger.error("%s" % err)
|
||||
raise
|
||||
|
||||
|
||||
class CookieDealer(object):
|
||||
|
||||
def getServer(self):
|
||||
return self._srv
|
||||
|
||||
|
|
|
@ -1,8 +1,10 @@
|
|||
import json
|
||||
import time
|
||||
from Crypto.PublicKey import RSA
|
||||
|
||||
from oic.exception import MessageException
|
||||
|
||||
|
||||
__author__ = 'rohe0002'
|
||||
|
||||
import logging
|
||||
|
@ -37,7 +39,7 @@ K2C = {
|
|||
"RSA": RSAKey,
|
||||
"EC": ECKey,
|
||||
"oct": SYMKey,
|
||||
# "pkix": PKIX_key
|
||||
# "pkix": PKIX_key
|
||||
}
|
||||
|
||||
|
||||
|
@ -546,7 +548,7 @@ class KeyJar(object):
|
|||
try:
|
||||
self.add(issuer, pcr["jwks_uri"])
|
||||
except KeyError:
|
||||
# jwks should only be considered if no jwks_uri is present
|
||||
# jwks should only be considered if no jwks_uri is present
|
||||
try:
|
||||
_keys = pcr["jwks"]["keys"]
|
||||
self.issuer_keys[issuer].append(KeyBundle(_keys))
|
||||
|
@ -586,6 +588,7 @@ class KeyJar(object):
|
|||
for issuer, keys in info.items():
|
||||
self.issuer_keys[issuer] = [KeyBundle(keys)]
|
||||
|
||||
|
||||
# =============================================================================
|
||||
|
||||
|
||||
|
@ -596,12 +599,14 @@ class RedirectStdStreams(object):
|
|||
|
||||
def __enter__(self):
|
||||
self.old_stdout, self.old_stderr = sys.stdout, sys.stderr
|
||||
self.old_stdout.flush(); self.old_stderr.flush()
|
||||
self.old_stdout.flush();
|
||||
self.old_stderr.flush()
|
||||
sys.stdout, sys.stderr = self._stdout, self._stderr
|
||||
|
||||
#noinspection PyUnusedLocal
|
||||
# noinspection PyUnusedLocal
|
||||
def __exit__(self, exc_type, exc_value, traceback):
|
||||
self._stdout.flush(); self._stderr.flush()
|
||||
self._stdout.flush();
|
||||
self._stderr.flush()
|
||||
sys.stdout = self.old_stdout
|
||||
sys.stderr = self.old_stderr
|
||||
|
||||
|
@ -684,6 +689,7 @@ def key_export(baseurl, local_path, vault, keyjar, **kwargs):
|
|||
|
||||
return _url
|
||||
|
||||
|
||||
# ================= create RSA key ======================
|
||||
|
||||
|
||||
|
@ -741,7 +747,7 @@ def proper_path(path):
|
|||
#
|
||||
#
|
||||
# def make_req(bits, fqdn="example.com", rsa=None):
|
||||
# pk = EVP.PKey()
|
||||
# pk = EVP.PKey()
|
||||
# x = X509.Request()
|
||||
# if not rsa:
|
||||
# rsa = RSA.gen_key(bits, 65537, lambda: None)
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
import copy
|
||||
import uuid
|
||||
|
||||
from oic.oic import AuthorizationRequest
|
||||
|
||||
|
||||
__author__ = 'rohe0002'
|
||||
|
||||
import hmac
|
||||
|
@ -168,7 +170,7 @@ class SessionDB(object):
|
|||
sid = self.token.get_key(key)
|
||||
except Exception:
|
||||
raise KeyError
|
||||
|
||||
|
||||
if sid not in self._db:
|
||||
raise KeyError
|
||||
else:
|
||||
|
@ -321,7 +323,7 @@ class SessionDB(object):
|
|||
access_token = self.token("T", prev=rtoken)
|
||||
|
||||
dic["token_expires_at"] = utc_time_sans_frac() + self.token_expires_in
|
||||
#dic["client_id_issued_at"] = utc_time_sans_frac()
|
||||
# dic["client_id_issued_at"] = utc_time_sans_frac()
|
||||
dic["access_token"] = access_token
|
||||
self._db[sid] = dic
|
||||
#self._db[dic["xxxx"]] = dic
|
||||
|
@ -362,17 +364,17 @@ class SessionDB(object):
|
|||
return True
|
||||
|
||||
def is_revoked(self, sid):
|
||||
#typ, sid = self.token.type_and_key(token)
|
||||
# typ, sid = self.token.type_and_key(token)
|
||||
try:
|
||||
return self[sid]["revoked"]
|
||||
except KeyError:
|
||||
return False
|
||||
|
||||
# def set_oir(self, key, oir):
|
||||
# self._db[key] = oir.dictionary()
|
||||
#
|
||||
# def get_oir(self, key):
|
||||
# return OpenIDRequest(**self._db[key])
|
||||
# def set_oir(self, key, oir):
|
||||
# self._db[key] = oir.dictionary()
|
||||
#
|
||||
# def get_oir(self, key):
|
||||
# return OpenIDRequest(**self._db[key])
|
||||
|
||||
def revoke_token(self, token):
|
||||
# revokes either the refresh token or the access token
|
||||
|
|
|
@ -1,10 +1,12 @@
|
|||
import time
|
||||
|
||||
from oic.oic.message import SINGLE_REQUIRED_INT
|
||||
from oic.oauth2 import Message
|
||||
from oic.oauth2 import SINGLE_REQUIRED_STRING
|
||||
from oic.oauth2 import SINGLE_OPTIONAL_STRING
|
||||
from oic.utils.time_util import epoch_in_a_while
|
||||
|
||||
|
||||
__author__ = 'roland'
|
||||
|
||||
|
||||
|
@ -14,8 +16,8 @@ class Content(Message):
|
|||
"sub": SINGLE_REQUIRED_STRING, # Which subject that authenticated
|
||||
"auz": SINGLE_OPTIONAL_STRING, # Authorization information
|
||||
"aud": SINGLE_OPTIONAL_STRING, # The intended receiver
|
||||
"val": SINGLE_REQUIRED_INT, # Valid until
|
||||
"ref": SINGLE_OPTIONAL_STRING # Refresh token
|
||||
"val": SINGLE_REQUIRED_INT, # Valid until
|
||||
"ref": SINGLE_OPTIONAL_STRING # Refresh token
|
||||
}
|
||||
c_allowed_values = {"type": ["code", "access", "refresh"]}
|
||||
|
||||
|
@ -51,7 +53,7 @@ class StateLess(object):
|
|||
_cont = Content(typ="code", sub=sub, aud=areq["redirect_uri"],
|
||||
val=epoch_in_a_while(self.validity["grant"]))
|
||||
|
||||
#return _cont.to_jwe(self.keys, self.enc, self.alg)
|
||||
# return _cont.to_jwe(self.keys, self.enc, self.alg)
|
||||
return _cont
|
||||
|
||||
def upgrade_to_token(self, cont, issue_refresh=False):
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
|
@ -119,7 +119,6 @@ def parse_duration(duration):
|
|||
|
||||
|
||||
def add_duration(tid, duration):
|
||||
|
||||
(sign, dur) = parse_duration(duration)
|
||||
|
||||
if sign == '+':
|
||||
|
@ -166,6 +165,7 @@ def add_duration(tid, duration):
|
|||
else:
|
||||
pass
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
@ -214,6 +214,7 @@ def a_while_ago(days=0, seconds=0, microseconds=0, milliseconds=0,
|
|||
return time_a_while_ago(days, seconds, microseconds, milliseconds,
|
||||
minutes, hours, weeks).strftime(time_format)
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
@ -226,6 +227,7 @@ def shift_time(dtime, shift):
|
|||
"""
|
||||
return dtime + timedelta(seconds=shift)
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
@ -254,12 +256,14 @@ def str_to_time(timestr, time_format=TIME_FORMAT):
|
|||
def instant(time_format=TIME_FORMAT):
|
||||
return time.strftime(time_format, time.gmtime())
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
|
||||
def utc_now():
|
||||
return calendar.timegm(time.gmtime())
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
@ -316,6 +320,7 @@ def utc_time_sans_frac():
|
|||
def time_sans_frac():
|
||||
return int("%d" % time.time())
|
||||
|
||||
|
||||
def epoch_in_a_while(days=0, seconds=0, microseconds=0, milliseconds=0,
|
||||
minutes=0, hours=0, weeks=0):
|
||||
"""
|
||||
|
|
|
@ -1,19 +1,19 @@
|
|||
import importlib
|
||||
from tempfile import NamedTemporaryFile
|
||||
from oic.utils.userinfo import UserInfo
|
||||
from saml2 import saml, samlp
|
||||
from saml2.client import Saml2Client
|
||||
from saml2 import config
|
||||
|
||||
from oic.utils.userinfo import UserInfo
|
||||
|
||||
|
||||
__author__ = 'danielevertsson'
|
||||
|
||||
class AaUserInfo(UserInfo):
|
||||
|
||||
class AaUserInfo(UserInfo):
|
||||
def __init__(self, spconf, url, db=None):
|
||||
UserInfo.__init__(self, db)
|
||||
|
||||
|
||||
#Configurations for the SP handler. (pyOpSamlProxy.client.sp.conf)
|
||||
# Configurations for the SP handler. (pyOpSamlProxy.client.sp.conf)
|
||||
self.sp_conf = importlib.import_module(spconf)
|
||||
ntf = NamedTemporaryFile(suffix="pyoidc.py", delete=True)
|
||||
ntf.write("CONFIG = " + str(self.sp_conf.CONFIG).replace("%s", url))
|
||||
|
@ -27,7 +27,7 @@ class AaUserInfo(UserInfo):
|
|||
entity_id = self.sp_conf.AA_ENTITY_ID
|
||||
if entity_id is None:
|
||||
entity_id = self.samlcache["AA_ENTITYID"]
|
||||
response = self.sp.do_attribute_query(entity_id ,
|
||||
response = self.sp.do_attribute_query(entity_id,
|
||||
ava[self.sp_conf.AA_NAMEID_ATTRIBUTE][0],
|
||||
nameid_format=self.sp_conf.AA_NAMEID_FORMAT,
|
||||
attribute=self.sp_conf.AA_REQUEST_ATTRIBUTES)
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
import copy
|
||||
import logging
|
||||
|
||||
from oic.oic import OpenIDSchema
|
||||
from oic.oic.claims_provider import ClaimsClient
|
||||
from oic.utils.userinfo import UserInfo
|
||||
|
||||
|
||||
__author__ = 'rolandh'
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class DistributedAggregatedUserInfo(UserInfo):
|
||||
|
||||
def __init__(self, db, oidcsrv, client_info=None):
|
||||
UserInfo.__init__(self, db)
|
||||
self.oidcsrv = oidcsrv
|
||||
|
@ -130,7 +131,7 @@ class DistributedAggregatedUserInfo(UserInfo):
|
|||
|
||||
else:
|
||||
# default is what "openid" demands which is sub
|
||||
#result = identity
|
||||
# result = identity
|
||||
result = {"sub": userid}
|
||||
|
||||
return OpenIDSchema(**result)
|
||||
|
|
|
@ -1,32 +1,31 @@
|
|||
import logging
|
||||
import ldap
|
||||
from ldap import SCOPE_SUBTREE
|
||||
|
||||
from oic.utils.userinfo import UserInfo
|
||||
|
||||
|
||||
__author__ = 'rolandh'
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
OPENID2LDAP = {
|
||||
"sub": "uid",
|
||||
"name": "displayName",
|
||||
"given_name": "givenname",
|
||||
"family_name": "sn",
|
||||
"middle_name": "",
|
||||
"nickname": "eduPersonNickname",
|
||||
"nickname": "eduPersonNickname",
|
||||
"preferred_username": "uid",
|
||||
"profile": "labeledURI",
|
||||
"picture": "jpegPhoto",
|
||||
"website": "labeledURI",
|
||||
"email": "mail",
|
||||
#"email_verified":
|
||||
# "email_verified":
|
||||
"gender": "schacGender",
|
||||
"birthdate": "schacDateOfBirth",
|
||||
#zoneinfo
|
||||
"locale": "preferredLanguage",
|
||||
"phone_number": "telephoneNumber",
|
||||
"phone_number": "telephoneNumber",
|
||||
#phone_number_verified
|
||||
"address": "postalAddress",
|
||||
"updated_at": "" # Nothing equivalent
|
||||
|
@ -36,9 +35,9 @@ LDAP2USERINFO = dict([(v, k) for k, v in OPENID2LDAP.items()])
|
|||
|
||||
|
||||
class UserInfoLDAP(UserInfo):
|
||||
def __init__(self, uri, base, filter_pattern, scope=SCOPE_SUBTREE,
|
||||
def __init__(self, uri, base, filter_pattern, scope=ldap.SCOPE_SUBTREE,
|
||||
tls=False, user="", passwd="", attr=None, attrsonly=False):
|
||||
UserInfo.__init__(self, None)
|
||||
super(UserInfoLDAP, self).__init__(self, None)
|
||||
self.ldapuri = uri
|
||||
self.base = base
|
||||
self.filter_pattern = filter_pattern
|
||||
|
@ -104,4 +103,4 @@ class UserInfoLDAP(UserInfo):
|
|||
newres[key] = val
|
||||
return newres
|
||||
else:
|
||||
return {}
|
||||
return {}
|
||||
|
|
|
@ -5,8 +5,10 @@ import re
|
|||
from urllib import urlencode
|
||||
import urlparse
|
||||
import requests
|
||||
|
||||
from oic.utils.time_util import in_a_while
|
||||
|
||||
|
||||
__author__ = 'rolandh'
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
|
Reference in New Issue