buttons for logout (local, slo-redirect, slo-soap)
git-svn-id: svn://localhost/lasso-conform/trunk@9 2a3a78c3-912c-0410-af21-e1fb2d1df599
This commit is contained in:
parent
94ea195174
commit
60a4f43dd9
94
lcs/root.ptl
94
lcs/root.ptl
|
@ -92,50 +92,68 @@ class RootDirectory(Directory):
|
|||
def _q_index [html] (self):
|
||||
template.html_top('Lasso Conformance SP')
|
||||
|
||||
if not get_request().user:
|
||||
form = Form(enctype='multipart/form-data')
|
||||
form.add(HtmlWidget, '<div id="sso-options">')
|
||||
form.add(CheckboxWidget, 'force_authn', value = False,
|
||||
title = _('Force Authentication (ForceAuthn)'))
|
||||
form.add(CheckboxWidget, 'is_passive',
|
||||
title = _('No interaction (IsPassive)'))
|
||||
form.add(CheckboxWidget, 'allow_create', value = True,
|
||||
title = _('Allow new federation'))
|
||||
form.add(SingleSelectWidget, 'nid_format',
|
||||
title = _('Name Identifier Format'),
|
||||
options = [('persistent', _('Persistent')),
|
||||
('transient', _('Transient')),
|
||||
('none', _('(none'))])
|
||||
# XXX: affiliation
|
||||
form.add(SingleSelectWidget, 'consent',
|
||||
title = _('Consent'),
|
||||
options = ['(empty)', 'obtained', 'prior', 'current-implicit',
|
||||
'current-explicit', 'unavailable', 'inapplicable'])
|
||||
form.add(SingleSelectWidget, 'authn_context',
|
||||
title = _('Authn Req Context'),
|
||||
options = ['(empty)', 'password', 'password on protected transport',
|
||||
'Client Certificate'])
|
||||
form.add(SingleSelectWidget, 'matching',
|
||||
title = _('Matching Rule'),
|
||||
options = ['(empty)', 'exact', 'minimum', 'maximum', 'better'])
|
||||
form.add(HtmlWidget, '</div>')
|
||||
|
||||
for kidp, idp in get_cfg('idp', {}).items():
|
||||
form.add_submit(kidp, _('Log on %s') % kidp)
|
||||
|
||||
if form.is_submitted():
|
||||
return self.do_login(form)
|
||||
|
||||
if get_request().user:
|
||||
'<p>%s</p>' % _('Logged in (%s)') % get_request().user.display_name
|
||||
'<p id="logout"><a href="logout">%s</a></p>' % _('Logout')
|
||||
self.loggedin_page()
|
||||
else:
|
||||
form.render()
|
||||
self.unlogged_page()
|
||||
|
||||
|
||||
def unlogged_page [html] (self):
|
||||
form = Form(enctype='multipart/form-data')
|
||||
form.add(HtmlWidget, '<div id="sso-options">')
|
||||
form.add(CheckboxWidget, 'force_authn', value = False,
|
||||
title = _('Force Authentication (ForceAuthn)'))
|
||||
form.add(CheckboxWidget, 'is_passive',
|
||||
title = _('No interaction (IsPassive)'))
|
||||
form.add(CheckboxWidget, 'allow_create', value = True,
|
||||
title = _('Allow new federation'))
|
||||
form.add(SingleSelectWidget, 'nid_format',
|
||||
title = _('Name Identifier Format'),
|
||||
options = [('persistent', _('Persistent')),
|
||||
('transient', _('Transient')),
|
||||
('none', _('(none'))])
|
||||
# XXX: affiliation
|
||||
form.add(SingleSelectWidget, 'consent',
|
||||
title = _('Consent'),
|
||||
options = ['(empty)', 'obtained', 'prior', 'current-implicit',
|
||||
'current-explicit', 'unavailable', 'inapplicable'])
|
||||
form.add(SingleSelectWidget, 'authn_context',
|
||||
title = _('Authn Req Context'),
|
||||
options = ['(empty)', 'password', 'password on protected transport',
|
||||
'Client Certificate'])
|
||||
form.add(SingleSelectWidget, 'matching',
|
||||
title = _('Matching Rule'),
|
||||
options = ['(empty)', 'exact', 'minimum', 'maximum', 'better'])
|
||||
form.add(HtmlWidget, '</div>')
|
||||
|
||||
for kidp, idp in get_cfg('idp', {}).items():
|
||||
form.add_submit(kidp, _('Log on %s') % kidp)
|
||||
|
||||
if form.is_submitted():
|
||||
return self.do_login(form)
|
||||
|
||||
form.render()
|
||||
|
||||
def loggedin_page [html] (self):
|
||||
form = Form(enctype='multipart/form-data')
|
||||
form.add_submit('logout', _('Local Logout'))
|
||||
form.add_submit('slo-soap', _('Single Logout (SOAP)'))
|
||||
form.add_submit('slo-redirect', _('Single Logout (Redirect)'))
|
||||
|
||||
if form.is_submitted():
|
||||
if form.get_submit() == 'logout':
|
||||
get_session_manager().expire_session()
|
||||
return redirect('/')
|
||||
if form.get_submit() == 'slo-soap':
|
||||
return self.saml.slo_sp(lasso.HTTP_METHOD_SOAP)
|
||||
if form.get_submit() == 'slo-redirect':
|
||||
return self.saml.slo_sp(lasso.HTTP_METHOD_REDIRECT)
|
||||
|
||||
'<p>%s</p>' % _('Logged in (%s)') % get_request().user.display_name
|
||||
'<pre>'
|
||||
get_session().lasso_identity_provider_id
|
||||
'</pre>'
|
||||
|
||||
form.render()
|
||||
|
||||
def do_login(self, form):
|
||||
server = misc.get_lasso_server(protocol = 'saml2')
|
||||
|
|
Reference in New Issue