def init_config(self, stype="idp"):
""" Remaining init of the server configuration
:param stype: The type of Server ("idp"/"aa")
"""
if stype == "aa":
return
# subject information is stored in a database
# default database is in memory which is OK in some setups
dbspec = self.config.getattr("subject_data", "idp")
idb = None
typ = ""
if not dbspec:
idb = {}
elif isinstance(dbspec, basestring):
idb = shelve.open(dbspec, writeback=True)
else: # database spec is a a 2-tuple (type, address)
#print >> sys.stderr, "DBSPEC: %s" % (dbspec,)
(typ, addr) = dbspec
if typ == "shelve":
idb = shelve.open(addr, writeback=True)
elif typ == "memcached":
idb = memcache.Client(addr)
elif typ == "dict": # in-memory dictionary
idb = {}
elif typ == "mongodb":
self.ident = IdentMDB(database=addr, collection="ident")
if typ == "mongodb":
pass
elif idb is not None:
self.ident = IdentDB(idb)
elif dbspec:
raise Exception("Couldn't open identity database: %s" % (dbspec, ))
self.ident.name_qualifier = self.config.entityid
dbspec = self.config.getattr("edu_person_targeted_id", "idp")
if not dbspec:
pass
else:
typ = dbspec[0]
addr = dbspec[1]
secret = dbspec[2]
if typ == "shelve":
self.eptid = EptidShelve(secret, addr)
elif typ == "mongodb":
self.eptid = EptidMDB(secret,
database=addr,
collection="eptid")
else:
self.eptid = Eptid(secret)
def test_eptid_shelve():
edb = EptidShelve("secret", "eptid.db")
e1 = edb.get("idp_entity_id", "sp_entity_id", "user_id", "some other data")
print e1
assert e1.startswith("idp_entity_id!sp_entity_id!")
e2 = edb.get("idp_entity_id", "sp_entity_id", "user_id", "some other data")
assert e1 == e2
e3 = edb.get("idp_entity_id", "sp_entity_id", "user_2", "some other data")
print e3
assert e1 != e3
e4 = edb.get("idp_entity_id", "sp_entity_id2", "user_id", "some other data")
assert e4 != e1
assert e4 != e3
def init_config(self, stype="idp"):
""" Remaining init of the server configuration
:param stype: The type of Server ("idp"/"aa")
"""
if stype == "aa":
return
# subject information is stored in a database
# default database is in memory which is OK in some setups
dbspec = self.config.getattr("subject_data", "idp")
idb = None
typ = ""
if not dbspec:
idb = {}
elif isinstance(dbspec, six.string_types):
idb = _shelve_compat(dbspec, writeback=True, protocol=2)
else: # database spec is a a 2-tuple (type, address)
# print(>> sys.stderr, "DBSPEC: %s" % (dbspec,))
(typ, addr) = dbspec
if typ == "shelve":
idb = _shelve_compat(addr, writeback=True, protocol=2)
elif typ == "memcached":
import memcache
idb = memcache.Client(addr)
elif typ == "dict": # in-memory dictionary
idb = {}
elif typ == "mongodb":
from saml2.mongo_store import IdentMDB
self.ident = IdentMDB(database=addr, collection="ident")
elif typ == "identdb":
mod, clas = addr.rsplit('.', 1)
mod = importlib.import_module(mod)
self.ident = getattr(mod, clas)()
if typ == "mongodb" or typ == "identdb":
pass
elif idb is not None:
self.ident = IdentDB(idb)
elif dbspec:
raise Exception("Couldn't open identity database: %s" %
(dbspec,))
try:
_domain = self.config.getattr("domain", "idp")
if _domain:
self.ident.domain = _domain
self.ident.name_qualifier = self.config.entityid
dbspec = self.config.getattr("edu_person_targeted_id", "idp")
if not dbspec:
pass
else:
typ = dbspec[0]
addr = dbspec[1]
secret = dbspec[2]
if typ == "shelve":
self.eptid = EptidShelve(secret, addr)
elif typ == "mongodb":
from saml2.mongo_store import EptidMDB
self.eptid = EptidMDB(secret, database=addr,
collection="eptid")
else:
self.eptid = Eptid(secret)
except Exception:
self.ident.close()
raise
def setup_server_env(proxy_conf, conf_mod, key):
"""
:param proxy_conf:
:param conf_mod:
:param key: RSA key
:return:
"""
global SERVER_ENV
global logger
#noinspection PyUnboundLocalVariable
SERVER_ENV = dict([(k, v) for k, v in proxy_conf.__dict__.items()
if not k.startswith("__")])
SERVER_ENV["sessions"] = {}
SERVER_ENV["eptid"] = EptidShelve(proxy_conf.SECRET, proxy_conf.EPTID_DB)
_idp = server.Server(conf_mod)
if key:
rsa_key = RSAKey(key=key)
rsa_key.serialize()
else:
rsa_key = None
args = {"metad": _idp.metadata, "dkeys": [rsa_key]}
SERVER_ENV["consumer_info"] = utils.ConsumerInfo(proxy_conf.CONSUMER_INFO,
**args)
SERVER_ENV["service"] = proxy_conf.SERVICE
# add the service endpoints
part = urlparse.urlparse(_idp.config.entityid)
base = "%s://%s/" % (part.scheme, part.netloc)
SERVER_ENV["SCHEME"] = part.scheme
try:
(host, port) = part.netloc.split(":")
port = int(port)
except ValueError: # no port specification
host = part.netloc
if part.scheme == "http":
port = 80
elif part.scheme == "https":
port = 443
else:
raise ValueError("Unsupported scheme")
SERVER_ENV["HOST"] = host
SERVER_ENV["PORT"] = port
endpoints = {"single_sign_on_service": [], "single_logout_service": []}
for key, _dict in proxy_conf.SERVICE.items():
_sso = _dict["saml_endpoint"]
endpoints["single_sign_on_service"].append("%s%s" % (base, _sso))
endpoints["single_logout_service"].append(
("%s%s/logout" % (base, _sso), BINDING_HTTP_REDIRECT))
_idp.config.setattr("idp", "endpoints", endpoints)
SERVER_ENV["idp"] = _idp
SERVER_ENV["template_lookup"] = LOOKUP
SERVER_ENV["sid_generator"] = session_nr()
SERVER_ENV["base_url"] = base
SERVER_ENV["STATIC_DIR"] = proxy_conf.STATIC_DIR
SERVER_ENV["METADATA_DIR"] = proxy_conf.METADATA_DIR
SERVER_ENV["SIGN"] = proxy_conf.SIGN
#print SERVER_ENV
if proxy_conf.CACHE == "memory":
SERVER_ENV["CACHE"] = cache.Cache(SERVER_ENV["SERVER_NAME"],
SERVER_ENV["SECRET"])
elif proxy_conf.CACHE.startswith("file:"):
SERVER_ENV["CACHE"] = cache.Cache(SERVER_ENV["SERVER_NAME"],
SERVER_ENV["SECRET"],
filename=proxy_conf.CACHE[5:])
logger = setup_logger(_idp.config)
if proxy_conf.DEBUG:
logger.setLevel(logging.DEBUG)
logger.debug("SERVER_ENV: %s" % SERVER_ENV)
return _idp