def saml_pass_login(self, info): from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST if self.saml_authn is None: self.init_mako() self.saml_authn = SAMLAuthnMethod(None, self.lookup, self.config.SAML, self.config.SP_CONFIG, self.issuer, "{}authorization".format( self.issuer), userinfo=self.config.USERINFO) PASSWORD_END_POINT_INDEX = 1 SAML_END_POINT_INDEX = 1 password_end_point = self.config.AUTHENTICATION['UserPassword'][ "END_POINTS"][PASSWORD_END_POINT_INDEX] saml_endpoint = info["END_POINTS"][SAML_END_POINT_INDEX] end_point_indexes = { BINDING_HTTP_REDIRECT: 1, BINDING_HTTP_POST: 1, "disco_end_point_index": 1 } multi_saml = AuthnIndexedEndpointWrapper(self.saml_authn, end_point_indexes) multi_password = AuthnIndexedEndpointWrapper( self.username_password_authn, PASSWORD_END_POINT_INDEX) auth_modules = [(multi_saml, r'^' + saml_endpoint), (multi_password, r'^' + password_end_point)] return setup_multi_auth(self.ac, self.urls, auth_modules)
def saml_login(self, info): from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST if self.saml_authn is None: self.init_mako() self.saml_authn = SAMLAuthnMethod(None, self.lookup, self.config.SAML, self.config.SP_CONFIG, self.issuer, "{}authorization".format( self.issuer), userinfo=self.config.USERINFO) self.ac.add("", self.saml_authn, "", "") SAML_END_POINT_INDEX = 0 end_point = info["END_POINTS"][SAML_END_POINT_INDEX] end_point_indexes = { BINDING_HTTP_REDIRECT: 0, BINDING_HTTP_POST: 0, "disco_end_point_index": 0 } authn = AuthnIndexedEndpointWrapper(self.saml_authn, end_point_indexes) self.urls.append((r'^' + end_point, make_auth_verify(authn.verify))) return authn
config = importlib.import_module(args.config) config.issuer = config.issuer % args.port config.SERVICE_URL = config.SERVICE_URL % args.port ac = AuthnBroker() for authkey, value in config.AUTHENTICATION.items(): authn = None if "UserPassword" == authkey: from oic.utils.authn.user import UsernamePasswordMako authn = UsernamePasswordMako(None, "login.mako", LOOKUP, PASSWD, "%s/authorization" % config.issuer) if "SAML" == authkey: from oic.utils.authn.saml import SAMLAuthnMethod authn = SAMLAuthnMethod(None, LOOKUP, config.SAML, config.SP_CONFIG, config.issuer, "%s/authorization" % config.issuer, config.SERVICE_URL) if authn is not None: ac.add(config.AUTHENTICATION[authkey]["ACR"], authn, config.AUTHENTICATION[authkey]["WEIGHT"], config.AUTHENTICATION[authkey]["URL"]) # dealing with authorization authz = AuthzHandling() kwargs = { "template_lookup": LOOKUP, "template": { "form_post": "form_response.mako" }, #"template_args": {"form_post": {"action": "form_post"}}
ac.add("", javascript_login_authn, "", "") JAVASCRIPT_END_POINT_INDEX = 0 end_point = config.AUTHENTICATION[authkey]["END_POINTS"][ JAVASCRIPT_END_POINT_INDEX] authn = AuthnIndexedEndpointWrapper(javascript_login_authn, JAVASCRIPT_END_POINT_INDEX) URLS.append((r'^' + end_point, make_auth_verify(authn.verify))) if "SAML" == authkey: from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST if not saml_authn: saml_authn = SAMLAuthnMethod(None, LOOKUP, config.SAML, config.SP_CONFIG, config.issuer, "%s/authorization" % config.issuer, userinfo=config.USERINFO) ac.add("", saml_authn, "", "") SAML_END_POINT_INDEX = 0 end_point = config.AUTHENTICATION[authkey]["END_POINTS"][ SAML_END_POINT_INDEX] end_point_indexes = { BINDING_HTTP_REDIRECT: 0, BINDING_HTTP_POST: 0, "disco_end_point_index": 0 } authn = AuthnIndexedEndpointWrapper(saml_authn, end_point_indexes) URLS.append((r'^' + end_point, make_auth_verify(authn.verify)))
ac.add("", javascript_login_authn, "", "") JAVASCRIPT_END_POINT_INDEX = 0 end_point = config.AUTHENTICATION[authkey]["END_POINTS"][ JAVASCRIPT_END_POINT_INDEX] authn = AuthnIndexedEndpointWrapper(javascript_login_authn, JAVASCRIPT_END_POINT_INDEX) _urls.append((r'^' + end_point, make_auth_verify(authn.verify))) if "SAML" == authkey: from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST if not saml_authn: saml_authn = SAMLAuthnMethod(None, LOOKUP, config.SAML, config.SP_CONFIG, _issuer, "{}authorization".format(_issuer), userinfo=config.USERINFO) ac.add("", saml_authn, "", "") SAML_END_POINT_INDEX = 0 end_point = config.AUTHENTICATION[authkey]["END_POINTS"][ SAML_END_POINT_INDEX] end_point_indexes = { BINDING_HTTP_REDIRECT: 0, BINDING_HTTP_POST: 0, "disco_end_point_index": 0 } authn = AuthnIndexedEndpointWrapper(saml_authn, end_point_indexes) _urls.append((r'^' + end_point, make_auth_verify(authn.verify)))