def __init__(self, app, global_conf, prefix='', **app_conf):
'''
:type app: callable following WSGI interface
:param app: next middleware application in the chain
:type global_conf: dict
:param global_conf: PasteDeploy global configuration dictionary
:type prefix: basestring
:param prefix: prefix for configuration items
:type app_conf: dict
:param app_conf: PasteDeploy application specific configuration
dictionary
'''
# Set logout URI parameter from AuthKit settings if not otherwise set
sessionHandlerPrefix = prefix + SessionHandlerMiddleware.PARAM_PREFIX
app = SessionHandlerMiddleware(app,
global_conf,
prefix=sessionHandlerPrefix,
**app_conf)
# Remove session handler middleware specific parameters
for k in app_conf.keys():
if k.startswith(sessionHandlerPrefix):
del app_conf[k]
# Override AuthKit cookie handling to use version compatible with
# CEDA site services dj_security
app_conf['authkit.cookie.ticket_class'] = SecureCookie
# Hack to force authkit to use SecureCookie's parse_ticket function
import authkit.authenticate.cookie
authkit.authenticate.cookie.parse_ticket = SecureCookie.parse_ticket
# This also requires special handling of cookie secret - the secret is
# include in the ini file base 64 encoded but for actual use, needs to
# be in decoded form
encoded_cookie_secret = app_conf.get('authkit.cookie.secret')
if not encoded_cookie_secret:
raise AuthnConfigError('Error, "authkit.cookie.secret" setting '
'is missing. It must be set as a base 64 '
'encoded string')
app_conf['authkit.cookie.secret'] = encoded_cookie_secret.decode(
'base64')
app = authkit.authenticate.middleware(app, app_conf)
MultiHandler.__init__(self, app)
# Redirection middleware is invoked based on a check method which
# catches HTTP 401 responses.
self.add_method(AuthnRedirectInitiatorMiddleware.MIDDLEWARE_ID,
AuthnRedirectInitiatorMiddleware.filter_app_factory,
global_conf,
prefix=prefix,
**app_conf)
self.add_checker(AuthnRedirectInitiatorMiddleware.MIDDLEWARE_ID,
AuthnRedirectInitiatorMiddleware.checker)
def __init__(self, app, global_conf, prefix='', **app_conf):
'''
:type app: callable following WSGI interface
:param app: next middleware application in the chain
:type global_conf: dict
:param global_conf: PasteDeploy global configuration dictionary
:type prefix: basestring
:param prefix: prefix for configuration items
:type app_conf: dict
:param app_conf: PasteDeploy application specific configuration
dictionary
'''
# Set logout URI parameter from AuthKit settings if not otherwise set
sessionHandlerPrefix = prefix + SessionHandlerMiddleware.PARAM_PREFIX
app = SessionHandlerMiddleware(app,
global_conf,
prefix=sessionHandlerPrefix,
**app_conf)
# Remove session handler middleware specific parameters
for k in app_conf.keys():
if k.startswith(sessionHandlerPrefix):
del app_conf[k]
# Override AuthKit cookie handling to use version compatible with
# CEDA site services dj_security
app_conf['authkit.cookie.ticket_class'] = SecureCookie
# Hack to force authkit to use SecureCookie's parse_ticket function
import authkit.authenticate.cookie
authkit.authenticate.cookie.parse_ticket = SecureCookie.parse_ticket
# This also requires special handling of cookie secret - the secret is
# include in the ini file base 64 encoded but for actual use, needs to
# be in decoded form
encoded_cookie_secret = app_conf.get('authkit.cookie.secret')
if not encoded_cookie_secret:
raise AuthnConfigError('Error, "authkit.cookie.secret" setting '
'is missing. It must be set as a base 64 '
'encoded string')
app_conf['authkit.cookie.secret'] = encoded_cookie_secret.decode(
'base64')
app = authkit.authenticate.middleware(app, app_conf)
MultiHandler.__init__(self, app)
# Redirection middleware is invoked based on a check method which
# catches HTTP 401 responses.
self.add_method(AuthnRedirectInitiatorMiddleware.MIDDLEWARE_ID,
AuthnRedirectInitiatorMiddleware.filter_app_factory,
global_conf,
prefix=prefix,
**app_conf)
self.add_checker(AuthnRedirectInitiatorMiddleware.MIDDLEWARE_ID,
AuthnRedirectInitiatorMiddleware.checker)
