def saml_pass_login(self, info):
from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
if self.saml_authn is None:
self.init_mako()
self.saml_authn = SAMLAuthnMethod(None,
self.lookup,
self.config.SAML,
self.config.SP_CONFIG,
self.issuer,
"{}authorization".format(
self.issuer),
userinfo=self.config.USERINFO)
PASSWORD_END_POINT_INDEX = 1
SAML_END_POINT_INDEX = 1
password_end_point = self.config.AUTHENTICATION['UserPassword'][
"END_POINTS"][PASSWORD_END_POINT_INDEX]
saml_endpoint = info["END_POINTS"][SAML_END_POINT_INDEX]
end_point_indexes = {
BINDING_HTTP_REDIRECT: 1,
BINDING_HTTP_POST: 1,
"disco_end_point_index": 1
}
multi_saml = AuthnIndexedEndpointWrapper(self.saml_authn,
end_point_indexes)
multi_password = AuthnIndexedEndpointWrapper(
self.username_password_authn, PASSWORD_END_POINT_INDEX)
auth_modules = [(multi_saml, r'^' + saml_endpoint),
(multi_password, r'^' + password_end_point)]
return setup_multi_auth(self.ac, self.urls, auth_modules)
def saml_login(self, info):
from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
if self.saml_authn is None:
self.init_mako()
self.saml_authn = SAMLAuthnMethod(None,
self.lookup,
self.config.SAML,
self.config.SP_CONFIG,
self.issuer,
"{}authorization".format(
self.issuer),
userinfo=self.config.USERINFO)
self.ac.add("", self.saml_authn, "", "")
SAML_END_POINT_INDEX = 0
end_point = info["END_POINTS"][SAML_END_POINT_INDEX]
end_point_indexes = {
BINDING_HTTP_REDIRECT: 0,
BINDING_HTTP_POST: 0,
"disco_end_point_index": 0
}
authn = AuthnIndexedEndpointWrapper(self.saml_authn, end_point_indexes)
self.urls.append((r'^' + end_point, make_auth_verify(authn.verify)))
return authn
config = importlib.import_module(args.config)
config.issuer = config.issuer % args.port
config.SERVICE_URL = config.SERVICE_URL % args.port
ac = AuthnBroker()
for authkey, value in config.AUTHENTICATION.items():
authn = None
if "UserPassword" == authkey:
from oic.utils.authn.user import UsernamePasswordMako
authn = UsernamePasswordMako(None, "login.mako", LOOKUP, PASSWD,
"%s/authorization" % config.issuer)
if "SAML" == authkey:
from oic.utils.authn.saml import SAMLAuthnMethod
authn = SAMLAuthnMethod(None, LOOKUP, config.SAML,
config.SP_CONFIG, config.issuer,
"%s/authorization" % config.issuer,
config.SERVICE_URL)
if authn is not None:
ac.add(config.AUTHENTICATION[authkey]["ACR"], authn,
config.AUTHENTICATION[authkey]["WEIGHT"],
config.AUTHENTICATION[authkey]["URL"])
# dealing with authorization
authz = AuthzHandling()
kwargs = {
"template_lookup": LOOKUP,
"template": {
"form_post": "form_response.mako"
},
#"template_args": {"form_post": {"action": "form_post"}}
ac.add("", javascript_login_authn, "", "")
JAVASCRIPT_END_POINT_INDEX = 0
end_point = config.AUTHENTICATION[authkey]["END_POINTS"][
JAVASCRIPT_END_POINT_INDEX]
authn = AuthnIndexedEndpointWrapper(javascript_login_authn,
JAVASCRIPT_END_POINT_INDEX)
URLS.append((r'^' + end_point, make_auth_verify(authn.verify)))
if "SAML" == authkey:
from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
if not saml_authn:
saml_authn = SAMLAuthnMethod(None,
LOOKUP,
config.SAML,
config.SP_CONFIG,
config.issuer,
"%s/authorization" %
config.issuer,
userinfo=config.USERINFO)
ac.add("", saml_authn, "", "")
SAML_END_POINT_INDEX = 0
end_point = config.AUTHENTICATION[authkey]["END_POINTS"][
SAML_END_POINT_INDEX]
end_point_indexes = {
BINDING_HTTP_REDIRECT: 0,
BINDING_HTTP_POST: 0,
"disco_end_point_index": 0
}
authn = AuthnIndexedEndpointWrapper(saml_authn, end_point_indexes)
URLS.append((r'^' + end_point, make_auth_verify(authn.verify)))
ac.add("", javascript_login_authn, "", "")
JAVASCRIPT_END_POINT_INDEX = 0
end_point = config.AUTHENTICATION[authkey]["END_POINTS"][
JAVASCRIPT_END_POINT_INDEX]
authn = AuthnIndexedEndpointWrapper(javascript_login_authn,
JAVASCRIPT_END_POINT_INDEX)
_urls.append((r'^' + end_point, make_auth_verify(authn.verify)))
if "SAML" == authkey:
from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
if not saml_authn:
saml_authn = SAMLAuthnMethod(None,
LOOKUP,
config.SAML,
config.SP_CONFIG,
_issuer,
"{}authorization".format(_issuer),
userinfo=config.USERINFO)
ac.add("", saml_authn, "", "")
SAML_END_POINT_INDEX = 0
end_point = config.AUTHENTICATION[authkey]["END_POINTS"][
SAML_END_POINT_INDEX]
end_point_indexes = {
BINDING_HTTP_REDIRECT: 0,
BINDING_HTTP_POST: 0,
"disco_end_point_index": 0
}
authn = AuthnIndexedEndpointWrapper(saml_authn, end_point_indexes)
_urls.append((r'^' + end_point, make_auth_verify(authn.verify)))