def post(self, request: HttpRequest) -> HttpResponse:
"""Handle a HTTP POST request."""
self.log_id = LOG_ID_SERIES.next()
try:
self.saml_response = self.get_saml_response(
PROXY_SERVICE_SETTINGS.identity_provider.get('key_file'),
PROXY_SERVICE_SETTINGS.identity_provider.get('cert_file'))
LOGGER.debug('SAML Response: %s', self.saml_response)
# Load auxiliary data if the storage is defined. Use an empty dict as a default value.
request_id = self.saml_response.in_response_to_id
if request_id and PROXY_SERVICE_SETTINGS.auxiliary_storage:
auxiliary_storage = get_auxiliary_storage(
PROXY_SERVICE_SETTINGS.auxiliary_storage['backend'],
PROXY_SERVICE_SETTINGS.auxiliary_storage['options'])
self.auxiliary_data = auxiliary_storage.pop(request_id) or {}
else:
self.auxiliary_data = {}
self.storage = self.get_light_storage(
PROXY_SERVICE_SETTINGS.light_storage['backend'],
PROXY_SERVICE_SETTINGS.light_storage['options'])
token_settings = PROXY_SERVICE_SETTINGS.response_token
self.light_response = self.create_light_response(
PROXY_SERVICE_SETTINGS.eidas_node['response_issuer'],
PROXY_SERVICE_SETTINGS.levels_of_assurance)
LOGGER.info(
'[#%r] Created light response: id=%r, issuer=%r, in_response_to=%r, '
'citizen_country=%r, origin_country=%r, status=%s, substatus=%s.',
self.log_id, self.light_response.id,
self.light_response.issuer,
self.light_response.in_response_to_id,
self.auxiliary_data.get('citizen_country'),
self.auxiliary_data.get('origin_country'),
self.light_response.status.status_code,
self.light_response.status.sub_status_code)
self.rewrite_name_id()
LOGGER.debug('Light Response: %s', self.light_response)
self.light_token, self.encoded_token = self.create_light_token(
token_settings['issuer'],
token_settings['hash_algorithm'],
token_settings['secret'],
)
LOGGER.debug('Light Token: %s', self.light_token)
self.storage.put_light_response(self.light_token.id,
self.light_response)
except EidasNodeError as e:
LOGGER.exception('[#%r] Bad identity provider response: %s',
self.log_id, e)
self.error = _('Bad identity provider response.')
return HttpResponseBadRequest(
select_template(self.get_template_names()).render(
self.get_context_data(), self.request))
return super().get(request)
def post(self, request: HttpRequest) -> HttpResponse:
"""Handle a HTTP POST request."""
self.log_id = LOG_ID_SERIES.next()
self.auxiliary_data = {}
try:
self.saml_request = self.get_saml_request(
CONNECTOR_SETTINGS.service_provider['country_parameter'],
CONNECTOR_SETTINGS.service_provider['cert_file'])
LOGGER.debug('SAML Request: %s', self.saml_request)
self.light_request = self.create_light_request(
CONNECTOR_SETTINGS.service_provider['request_issuer'],
CONNECTOR_SETTINGS.eidas_node['request_issuer'])
if CONNECTOR_SETTINGS.track_country_code:
self.auxiliary_data[
'citizen_country'] = self.light_request.citizen_country_code
self.auxiliary_data[
'origin_country'] = self.light_request.sp_country_code
self.adjust_requested_attributes(
self.light_request.requested_attributes,
CONNECTOR_SETTINGS.allowed_attributes)
LOGGER.debug('Light Request: %s', self.light_request)
token_settings = CONNECTOR_SETTINGS.request_token
self.light_token, self.encoded_token = self.create_light_token(
token_settings['issuer'],
token_settings['hash_algorithm'],
token_settings['secret'],
)
LOGGER.debug('Light Token: %s', self.light_token)
self.storage = self.get_light_storage(
CONNECTOR_SETTINGS.light_storage['backend'],
CONNECTOR_SETTINGS.light_storage['options'])
self.storage.put_light_request(self.light_token.id,
self.light_request)
# Store auxiliary data only if there are any. No data yield an empty dict on retrieval.
if self.auxiliary_data:
auxiliary_storage = get_auxiliary_storage(
CONNECTOR_SETTINGS.auxiliary_storage['backend'],
CONNECTOR_SETTINGS.auxiliary_storage['options'])
auxiliary_storage.put(self.light_request.id,
self.auxiliary_data)
except (EidasNodeError, MultiValueDictKeyError) as e:
LOGGER.exception('[#%r] Bad service provider request: %s',
self.log_id, e)
self.error = _('Bad service provider request.')
return HttpResponseBadRequest(
select_template(self.get_template_names()).render(
self.get_context_data(), self.request))
return super().get(request)
def post(self, request: HttpRequest) -> HttpResponse:
"""Handle a HTTP POST request."""
self.auxiliary_data = {}
self.log_id = LOG_ID_SERIES.next()
try:
token_settings = PROXY_SERVICE_SETTINGS.request_token
self.light_token = self.get_light_token(
token_settings['parameter_name'], token_settings['issuer'],
token_settings['hash_algorithm'], token_settings['secret'],
token_settings['lifetime'])
LOGGER.debug('Light Token: %s', self.light_token)
self.storage = self.get_light_storage(
PROXY_SERVICE_SETTINGS.light_storage['backend'],
PROXY_SERVICE_SETTINGS.light_storage['options'])
self.light_request = self.get_light_request()
LOGGER.debug('Light Request: %s', self.light_request)
if PROXY_SERVICE_SETTINGS.transient_name_id_fallback and self.light_request.name_id_format is not None:
self.auxiliary_data[
'name_id_format'] = self.light_request.name_id_format.value
if PROXY_SERVICE_SETTINGS.track_country_code:
self.auxiliary_data[
'citizen_country'] = self.light_request.citizen_country_code
self.auxiliary_data[
'origin_country'] = self.light_request.origin_country_code
LOGGER.info(
"Received Light Request: id=%r, citizen_country=%r, origin_country=%r.",
self.light_request.id, self.light_request.citizen_country_code,
self.light_request.origin_country_code)
self.saml_request = self.create_saml_request(
PROXY_SERVICE_SETTINGS.identity_provider['request_issuer'],
PROXY_SERVICE_SETTINGS.identity_provider['request_signature'])
LOGGER.debug('SAML Request: %s', self.saml_request)
# Store auxiliary data only if there are any. No data yield an empty dict on retrieval.
if self.auxiliary_data:
auxiliary_storage = get_auxiliary_storage(
PROXY_SERVICE_SETTINGS.auxiliary_storage['backend'],
PROXY_SERVICE_SETTINGS.auxiliary_storage['options'])
auxiliary_storage.put(self.light_request.id,
self.auxiliary_data)
except EidasNodeError as e:
LOGGER.exception('[#%r] Bad proxy service request: %s',
self.log_id, e)
self.error = _('Bad proxy service request.')
return HttpResponseBadRequest(
select_template(self.get_template_names()).render(
self.get_context_data(), self.request))
return super().get(request)
def post(self, request: HttpRequest) -> HttpResponse:
"""Handle a HTTP POST request."""
self.log_id = LOG_ID_SERIES.next()
try:
token_settings = CONNECTOR_SETTINGS.response_token
self.light_token = self.get_light_token(
token_settings['parameter_name'], token_settings['issuer'],
token_settings['hash_algorithm'], token_settings['secret'],
token_settings['lifetime'])
LOGGER.debug('Light Token: %s', self.light_token)
self.storage = self.get_light_storage(
CONNECTOR_SETTINGS.light_storage['backend'],
CONNECTOR_SETTINGS.light_storage['options'])
self.light_response = self.get_light_response()
# Load auxiliary data if the storage is defined. Use an empty dict as a default value.
request_id = self.light_response.in_response_to_id
if request_id and CONNECTOR_SETTINGS.auxiliary_storage:
auxiliary_storage = get_auxiliary_storage(
CONNECTOR_SETTINGS.auxiliary_storage['backend'],
CONNECTOR_SETTINGS.auxiliary_storage['options'])
self.auxiliary_data = auxiliary_storage.pop(request_id) or {}
else:
self.auxiliary_data = {}
LOGGER.info(
'[#%r] Got light response: id=%r, issuer=%r, in_response_to=%r, citizen_country=%r,'
' origin_country=%r, status=%s, substatus=%s.', self.log_id,
self.light_response.id, self.light_response.issuer, request_id,
self.auxiliary_data.get('citizen_country'),
self.auxiliary_data.get('origin_country'),
self.light_response.status.status_code,
self.light_response.status.sub_status_code)
LOGGER.debug('Light Response: %s', self.light_response)
self.saml_response = self.create_saml_response(
CONNECTOR_SETTINGS.service_provider['response_issuer'],
CONNECTOR_SETTINGS.service_provider['request_issuer'],
CONNECTOR_SETTINGS.service_provider['endpoint'],
CONNECTOR_SETTINGS.service_provider['response_signature'],
CONNECTOR_SETTINGS.service_provider['response_validity'],
CONNECTOR_SETTINGS.service_provider['response_encryption'])
LOGGER.debug('SAML Response: %s', self.saml_response)
except EidasNodeError as e:
LOGGER.exception('[#%r] Bad connector response: %s', self.log_id,
e)
self.error = _('Bad connector response.')
return HttpResponseBadRequest(
select_template(self.get_template_names()).render(
self.get_context_data(), self.request))
return super().get(request)
def test_ignite(self, storage_mock):
storage = get_auxiliary_storage(
'eidas_node.storage.ignite.IgniteStorage', {
'host': 'example.org',
'port': 1234,
'cache_name': 'nodeSpecificProxyserviceRequestCache',
})
self.assertIsInstance(storage, MagicMock)
self.assertSequenceEqual(storage_mock.mock_calls, [
call(host='example.org',
port=1234,
cache_name='nodeSpecificProxyserviceRequestCache')
])