Changeset 91
- Timestamp:
- 07/10/07 00:24:46
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
AuthKit/branches/0.4/authkit/authenticate/sso/api.py
r88 r91 25 25 """ The exception raised if the verification fails """ 26 26 27 27 28 class RedirectingAuthHandler(object): 28 29 """Handles generating redirect to SSO system … … 35 36 url = self.redirect_url(environ) 36 37 return HTTPSeeOther(url).wsgi_application(environ, start_response) 38 37 39 38 40 class RedirectingAuthMiddleware(object): … … 49 51 def __init__(self, app, path, use_options=False): 50 52 self.app = app 53 self.protect = [] 51 54 self.dispatch = { 52 55 '/verify':'verify', … … 67 70 def __call__(self, environ, start_response): 68 71 path = environ['PATH_INFO'] 72 69 73 if path in self.dispatch: 70 74 return getattr(self, self.path + 71 75 self.dispatch[path])(environ, start_response) 72 else: 73 return self.app(environ, start_response) 76 77 for route in self.protect: 78 if path.startswith(route) and 'REMOTE_USER' not in environ \ 79 and 'type=' + self.type in environ['QUERY_STRING']: 80 return self.verify(environ, start_response) 81 82 return self.app(environ, start_response) 74 83 75 84 def verify(self): … … 80 89 """Construct the redirect URL""" 81 90 raise NotImplemented() 91 82 92 83 93 def find_multi_app(app): AuthKit/branches/0.4/authkit/authenticate/sso/cas.py
r89 r91 23 23 CAS 24 24 """ 25 def __init__(self, app, authority, path=' casauth', use_cas2=False):25 def __init__(self, app, authority, path='', use_cas2=False, protect=None): 26 26 self.app = app 27 27 self.authority = authority … … 30 30 31 31 def redirect_url(self, environ): 32 kwargs = {'service': construct_url(environ, script_name='', 33 path_info='/' + self.path + '/verify')} 32 kwargs = {'service': construct_url(environ, querystring='type=cas')} 34 33 35 34 # XXX TODO: Store this for the middleware below, also look for a proxy … … 49 48 class AuthCASMiddleware(RedirectingAuthMiddleware): 50 49 """CAS 1.0 and 2.0 Capable Authentication Handler""" 51 def __init__(self, app, authority, use_cas2=False ):50 def __init__(self, app, authority, use_cas2=False, path='', protect=None): 52 51 self.app = app 53 52 self.authority = authority 53 self.type = 'cas' 54 54 self._cas2 = use_cas2 55 55 if use_cas2: … … 57 57 else: 58 58 self._authtype = 'CAS 1.0' 59 self.dispatch = {'/verify':'verify'} 59 self.protect = protect or [] 60 self.dispatch = {path + '/verify':'verify'} 60 61 61 62 def verify(self, environ, start_response): … … 66 67 ticket = req.GET['ticket'] 67 68 68 service = construct_url(environ )69 service = construct_url(environ, querystring='type=cas') 69 70 kwargs = {'service': service, 'ticket':ticket} 70 71 if req.environ.get('authkit.sso.cas.renew'): 71 72 kwargs['renew'] = 'true' 72 73 args = urllib.urlencode(kwargs) 73 74 74 75 # XXX TODO: Store whether renew was used for this request to ensure 75 76 # that the validation asks for it as well … … 85 86 results = {} 86 87 if success: 88 user_kwargs = {} 87 89 results['user'] = tree[0][0].text 88 90 results['extra_environ'] = {} … … 95 97 if len(tree[0] > 2): 96 98 proxies = [x.text.strip() for x in tree[0][2]] 97 results['authkit.cas.proxies'] = proxies 99 results['authkit.cas.proxies'] = proxies 98 100 else: 99 101 log.info('Authentication failed for auth: %s, ticket %s, ' … … 116 118 environ['REMOTE_USER'] = results['user'] 117 119 120 set_user = req.environ.get('paste.auth_tkt.set_user') 121 if set_user: 122 set_user(results['user']) 123 118 124 # Add in optional environ data from the auth system 119 125 if 'extra_environ' in results: … … 129 135 if 'use_cas2' in auth_conf: 130 136 kwargs['use_cas2'] = True 137 kwargs['path'] = auth_conf.get('path', '') 131 138 if 'path' in auth_conf: 132 139 kwargs['path'] = auth_conf['path'] 140 if 'protect' in auth_conf: 141 kwargs['protect'] = auth_conf['protect'].split(',') 133 142 134 143 multi_app, app = find_multi_app(app)
