Changeset 94
- Timestamp:
- 07/10/07 23:39:02
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
AuthKit/branches/0.4/authkit/authenticate/sso/api.py
r91 r94 12 12 request. 13 13 """ 14 import logging 15 14 16 from elementtree import ElementTree 15 16 17 from paste.request import construct_url 17 18 from paste.util.converters import asbool … … 21 22 from authkit.authenticate.multi import MultiHandler, status_checker 22 23 from authkit.authenticate import AuthKitConfigError 24 from authkit.authorize import NotAuthenticatedError 25 26 log = logging.getLogger(__name__) 23 27 24 28 class LoginFailure(HTTPForbidden): … … 35 39 request = WSGIRequest(environ) 36 40 url = self.redirect_url(environ) 41 log.debug("Sending redirect to %s", url) 37 42 return HTTPSeeOther(url).wsgi_application(environ, start_response) 38 43 … … 72 77 73 78 if path in self.dispatch: 79 log.debug("Found %s in dispatch path, calling method %s", 80 path, self.dispath[path]) 74 81 return getattr(self, self.path + 75 82 self.dispatch[path])(environ, start_response) … … 78 85 if path.startswith(route) and 'REMOTE_USER' not in environ \ 79 86 and 'type=' + self.type in environ['QUERY_STRING']: 87 log.debug("Found %s in protection paths. No REMOTE_USER set," 88 " running auth verify.", path) 80 89 return self.verify(environ, start_response) 90 elif path.startswith(route): 91 return NotAuthenticatedError()(environ, start_response) 81 92 93 log.debug("Path: %s not in protect list %s.", path, self.protect) 82 94 return self.app(environ, start_response) 83 95 AuthKit/branches/0.4/authkit/authenticate/sso/cas.py
r91 r94 15 15 from authkit.authenticate.sso.api import * 16 16 17 log = logging.getLogger( 'authkit.authenticate.sso.cas')17 log = logging.getLogger(__name__) 18 18 19 19 class AuthCASHandler(RedirectingAuthHandler): … … 63 63 req = WSGIRequest(environ) 64 64 if 'ticket' not in req.GET: 65 log.debug("No ticket found in request, unable to verify, returning" 66 "404 Not Found.") 65 67 return HTTPNotFound().wsgi_application(environ, start_response) 66 68 … … 78 80 # it during validation 79 81 if self._cas2: 82 log.debug("Validating using CAS 2.0") 83 80 84 # We use proxyValidate for CAS 2.0 because it will handle both 81 85 # service and proxy ticket validation 82 86 requrl = self.authority + "proxyValidate?" + args 83 87 response = urllib.urlopen(requrl).read() 88 log.debug("Raw response of auth verification: \n\t%s", response) 84 89 tree = ElementTree.fromstring(response) 85 90 valid = tree[0].tag.endswith('authenticationSuccess') 86 91 results = {} 87 if success: 92 if valid: 93 log.debug("Successfully authenticated") 88 94 user_kwargs = {} 89 95 results['user'] = tree[0][0].text … … 103 109 tree[0].attrib['code']) 104 110 else: 111 log.debug("Validating using CAS 1.0") 105 112 requrl = self.authority + "validate?" + args 106 113 result = urllib.urlopen(requrl).read().split("\n") 114 log.debug("Raw response of auth verification: \n\t%s", result) 107 115 valid = 'yes' == result[0] 108 116 results = {} … … 114 122 115 123 if not valid: 124 log.debug("Invalid response, returning login failure.") 116 125 return LoginFailure().wsgi_application(environ, start_response) 117 126 environ['AUTH_TYPE'] = self._authtype … … 119 128 120 129 set_user = req.environ.get('paste.auth_tkt.set_user') 130 user_data = self._authtype 121 131 if set_user: 122 set_user(results['user'] )132 set_user(results['user'], user_data=user_data) 123 133 124 134 # Add in optional environ data from the auth system … … 126 136 environ.update(results['extra_environ']) 127 137 138 log.debug("Authentication success, calling app.") 128 139 return self.app(environ, start_response) 129 140 … … 141 152 kwargs['protect'] = auth_conf['protect'].split(',') 142 153 154 app = AuthCASMiddleware(app, **kwargs) 143 155 multi_app, app = find_multi_app(app) 144 156 multi_app.add_method('cas', AuthCASHandler, **kwargs) 145 157 multi_app.add_checker('cas', status_checker) 146 158 147 app = AuthCASMiddleware(app, **kwargs)148 159 return app
