def _sso_reverse(request, sso_view, sso_params=None, next=None, next_params=None): params = { 'apikey': settings.PA_API_KEY, } if sso_params: params.update(sso_params) if next: next_url = request.build_absolute_uri(next) if next_params: next_url = append_query(next_url, **next_params) params['next'] = next_url absolute_url = "%s%s/" % (settings.PA_SSO_SERVER, sso_view) absolute_url = append_query(absolute_url, **params) return sign_url(absolute_url, settings.PA_API_SECRET)
def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME): apikey = None if request.method == 'POST': params = request.session.get('login_params', dict()) form = PasswordAuthenticationForm(data=request.POST) if form.is_valid(): # Login! user = form.get_user() sso_session = GlobalSession(user=user, expire_date=datetime.utcnow() + timedelta(hours=12)) sso_session.save() # TODO: Setting Cookies? # Authenticate Locally pa.sso.login(request, sso_session) # Clear the cached login params if 'login_params' in request.session: del request.session['login_params'] apikey = pa.api.get_apikey(params) redirect_to = params.get(redirect_field_name, None) else: # Error! # TODO: Strip password pass elif request.method == 'GET': apikey = pa.api.get_apikey(request.GET) if apikey and verify_url(request, apikey.secret_bytes): if request.sso_session: # Initial Request, already logged in... redirect_to = request.GET.get(redirect_field_name, None) else: # Initial Request, store next link and redirect to this view (cleaning up the URL params) request.session['login_params'] = request.GET return HttpResponseRedirect(request.path) elif apikey: return HttpResponseBadRequest('URL Signature Failed!') form = PasswordAuthenticationForm(request) else: # Weird HTTP Method raise NotImplemented if request.sso_session: if not redirect_to or not apikey: # Internal redirects do not need the sso token redirect_to = settings.LOGIN_REDIRECT_URL else: redirect_to = append_query(redirect_to, apikey=apikey.key, sso_token=request.sso_session.key) redirect_to = sign_url(redirect_to, apikey.secret_bytes) # Redirect to callback return HttpResponseRedirect(redirect_to) else: # Display Form request.session.set_test_cookie() return render_to_response(template_name, { 'form': form, }, context_instance=RequestContext(request))