def create_client(self, userid="", **kwargs): """ Do an instantiation of a client instance. :param userid: An identifier of the user :param: Keyword arguments Keys are ["srv_discovery_url", "client_info", "client_registration", "provider_info"] :return: client instance """ _key_set = set(list(kwargs.keys())) try: _verify_ssl = kwargs["verify_ssl"] except KeyError: _verify_ssl = self.verify_ssl else: _key_set.discard("verify_ssl") client = self.client_cls( client_authn_method=CLIENT_AUTHN_METHOD, behaviour=kwargs["behaviour"], verify_ssl=_verify_ssl, ) try: client.userinfo_request_method = kwargs["userinfo_request_method"] except KeyError: pass else: _key_set.discard("userinfo_request_method") # The behaviour parameter is not significant for the election process _key_set.discard("behaviour") for param in ["allow"]: try: setattr(client, param, kwargs[param]) except KeyError: pass else: _key_set.discard(param) if _key_set == {"client_info"}: # Everything dynamic # There has to be a userid if not userid: raise MissingAttribute("Missing userid specification") # Find the service that provides information about the OP issuer = client.wf.discovery_query(userid) # Gather OP information client.provider_config(issuer) # register the client client.register( client.provider_info["registration_endpoint"], **kwargs["client_info"] ) self.get_path(kwargs["client_info"]["redirect_uris"], issuer) elif _key_set == set(["client_info", "srv_discovery_url"]): # Ship the webfinger part # Gather OP information client.provider_config(kwargs["srv_discovery_url"]) # register the client client.register( client.provider_info["registration_endpoint"], **kwargs["client_info"] ) self.get_path( kwargs["client_info"]["redirect_uris"], kwargs["srv_discovery_url"] ) elif _key_set == set(["provider_info", "client_info"]): client.handle_provider_config( ProviderConfigurationResponse(**kwargs["provider_info"]), kwargs["provider_info"]["issuer"], ) client.register( client.provider_info["registration_endpoint"], **kwargs["client_info"] ) self.get_path( kwargs["client_info"]["redirect_uris"], kwargs["provider_info"]["issuer"], ) elif _key_set == set(["provider_info", "client_registration"]): client.handle_provider_config( ProviderConfigurationResponse(**kwargs["provider_info"]), kwargs["provider_info"]["issuer"], ) client.store_registration_info( RegistrationResponse(**kwargs["client_registration"]) ) self.get_path( kwargs["client_info"]["redirect_uris"], kwargs["provider_info"]["issuer"], ) elif _key_set == set(["srv_discovery_url", "client_registration"]): client.provider_config(kwargs["srv_discovery_url"]) client.store_registration_info( RegistrationResponse(**kwargs["client_registration"]) ) self.get_path( kwargs["client_registration"]["redirect_uris"], kwargs["srv_discovery_url"], ) else: raise Exception("Configuration error ?") return client
def create_client(self, userid="", **kwargs): """ Do an instantiation of a client instance :param userid: An identifier of the user :param: Keyword arguments Keys are ["srv_discovery_url", "client_info", "client_registration", "provider_info"] :return: client instance """ _key_set = set(kwargs.keys()) args = {} for param in ["verify_ssl"]: try: args[param] = kwargs[param] except KeyError: pass else: _key_set.discard(param) try: verify_ssl = default_ssl_check except: verify_ssl = True client = self.client_cls(client_authn_method=CLIENT_AUTHN_METHOD, behaviour=kwargs["behaviour"], verify_ssl=verify_ssl, **args) # The behaviour parameter is not significant for the election process _key_set.discard("behaviour") for param in ["allow"]: try: setattr(client, param, kwargs[param]) except KeyError: pass else: _key_set.discard(param) if _key_set == set(["client_info"]): # Everything dynamic # There has to be a userid if not userid: raise MissingAttribute("Missing userid specification") # Find the service that provides information about the OP issuer = client.wf.discovery_query(userid) # Gather OP information client.provider_config(issuer) # register the client client.register(client.provider_info["registration_endpoint"], **kwargs["client_info"]) elif _key_set == set(["client_info", "srv_discovery_url"]): # Ship the webfinger part # Gather OP information client.provider_config(kwargs["srv_discovery_url"]) # register the client client.register(client.provider_info["registration_endpoint"], **kwargs["client_info"]) elif _key_set == set(["provider_info", "client_info"]): client.handle_provider_config( ProviderConfigurationResponse(**kwargs["provider_info"]), kwargs["provider_info"]["issuer"]) client.register(client.provider_info["registration_endpoint"], **kwargs["client_info"]) elif _key_set == set(["provider_info", "client_registration"]): client.handle_provider_config( ProviderConfigurationResponse(**kwargs["provider_info"]), kwargs["provider_info"]["issuer"]) client.store_registration_info( RegistrationResponse(**kwargs["client_registration"])) elif _key_set == set(["srv_discovery_url", "client_registration"]): try: client.provider_config(kwargs["srv_discovery_url"]) client.store_registration_info( RegistrationResponse(**kwargs["client_registration"])) except Exception as e: logger.error( "Provider info discovery failed for %s - assume backend unworkable", kwargs["srv_discovery_url"]) logger.exception(e) else: raise Exception("Configuration error ?") return client
def __call__(self, userid, client_id, user_info_claims=None, **kwargs): """ :param userid: The local user id :param user_info_claims: Possible userinfo claims (a dictionary) :return: A schema dependent userinfo instance """ logger.info("User_info about '%s'" % userid) identity = copy.copy(self.db[userid]) if user_info_claims: result = {} missing = [] optional = [] if "claims" in user_info_claims: for key, restr in user_info_claims["claims"].items(): try: result[key] = identity[key] except KeyError: if restr == {"essential": True}: missing.append(key) else: optional.append(key) # Check if anything asked for is somewhere else if (missing or optional) and "_external_" in identity: cpoints = {} remaining = missing[:] missing.extend(optional) for key in missing: for _srv, what in identity["_external_"].items(): if key in what: try: cpoints[_srv].append(key) except KeyError: cpoints[_srv] = [key] try: remaining.remove(key) except ValueError: pass if remaining: raise MissingAttribute("Missing properties '%s'" % remaining) for srv, what in cpoints.items(): cc = self.oidcsrv.claims_clients[srv] logger.debug("srv: %s, what: %s" % (sanitize(srv), sanitize(what))) _res = self._collect_distributed(srv, cc, userid, what) logger.debug("Got: %s" % sanitize(_res)) for key, val in _res.items(): if key in result: result[key].update(val) else: result[key] = val else: # default is what "openid" demands which is sub # result = identity result = {"sub": userid} return OpenIDSchema(**result)
def func_exception(): raise MissingAttribute('foo')
def create_client(**kwargs): """ kwargs = config.CLIENT.iteritems """ _key_set = set(kwargs.keys()) args = {} for param in ["verify_ssl", "client_id", "client_secret"]: try: args[param] = kwargs[param] except KeyError: try: args[param] = kwargs['client_registration'][param] except KeyError: pass else: _key_set.discard(param) client = Client(client_authn_method=CLIENT_AUTHN_METHOD, behaviour=kwargs["behaviour"], verify_ssl=conf.VERIFY_SSL, **args) # The behaviour parameter is not significant for the election process _key_set.discard("behaviour") # I do not understand how this was ever working without discarding this # Below is not a case where _key_set includes "registration_response" _key_set.discard("registration_response") for param in ["allow"]: try: setattr(client, param, kwargs[param]) except KeyError: pass else: _key_set.discard(param) if _key_set == set(["client_info"]): # Everything dynamic # There has to be a userid if not userid: raise MissingAttribute("Missing userid specification") # Find the service that provides information about the OP issuer = client.wf.discovery_query(userid) # Gather OP information _ = client.provider_config(issuer) # register the client _ = client.register(client.provider_info["registration_endpoint"], **kwargs["client_info"]) elif _key_set == set(["client_info", "srv_discovery_url"]): # Ship the webfinger part # Gather OP information _ = client.provider_config(kwargs["srv_discovery_url"]) # register the client _ = client.register(client.provider_info["registration_endpoint"], **kwargs["client_info"]) elif _key_set == set(["provider_info", "client_info"]): client.handle_provider_config( ProviderConfigurationResponse(**kwargs["provider_info"]), kwargs["provider_info"]["issuer"]) _ = client.register(client.provider_info["registration_endpoint"], **kwargs["client_info"]) elif _key_set == set(["provider_info", "client_registration"]): client.handle_provider_config( ProviderConfigurationResponse(**kwargs["provider_info"]), kwargs["provider_info"]["issuer"]) client.store_registration_info( RegistrationResponse(**kwargs["client_registration"])) elif _key_set == set(["srv_discovery_url", "client_registration"]): _ = client.provider_config(kwargs["srv_discovery_url"]) client.store_registration_info( RegistrationResponse(**kwargs["client_registration"])) else: raise Exception("Configuration error ?") return client