def test(self): ac = AuthnBroker() issuer = "https://example.com/op" CAS_SERVER = "" SERVICE_URL = "" LDAP = { "uri": "ldaps://ldap.umu.se", "base": "dc=umu, dc=se", "filter_pattern": "(uid=%s)", "user": "", "passwd": "", "attr": ["eduPersonScopedAffiliation", "eduPersonAffiliation"], } LDAP_EXTRAVALIDATION = { "verify_attr": "eduPersonAffiliation", "verify_attr_valid": ["employee", "staff", "student"], } LDAP_EXTRAVALIDATION.update(LDAP) ac.add( PASSWORD, UsernamePasswordMako(None, "login.mako", LOOKUP, PASSWD, "%s/authorization" % issuer), 10, "http://%s" % socket.gethostname(), ) try: ac.add( PASSWORD, CasAuthnMethod( None, CAS_SERVER, SERVICE_URL, "%s/authorization" % issuer, UserLDAPMemberValidation(**LDAP_EXTRAVALIDATION), ), 20, "http://%s" % socket.gethostname(), ) except Exception: assert len(ac) == 1 else: assert len(ac) == 2 res = ac.pick(PASSWORD) assert res # list of two 2-tuples assert len(res) == 2 assert res[0][0].__class__.__name__ == "CasAuthnMethod" assert res[1][0].__class__.__name__ == "UsernamePasswordMako"
def ldap_validation(config): from oic.utils.authn.ldap_member import UserLDAPMemberValidation config["args"].update(config["conf"]) return UserLDAPMemberValidation(**config["args"])
config = importlib.import_module(args.config) config.issuer = config.issuer % args.port config.SERVICE_URL = config.SERVICE_URL % args.port ac = AuthnBroker() for authkey, value in config.AUTHORIZATION.items(): authn = None if "CAS" == authkey: from oic.utils.authn.user_cas import CasAuthnMethod from oic.utils.authn.ldap_member import UserLDAPMemberValidation config.LDAP_EXTRAVALIDATION.update(config.LDAP) authn = CasAuthnMethod( None, config.CAS_SERVER, config.SERVICE_URL, "%s/authorization" % config.issuer, UserLDAPMemberValidation(**config.LDAP_EXTRAVALIDATION)) if "UserPassword" == authkey: from oic.utils.authn.user import UsernamePasswordMako authn = UsernamePasswordMako(None, "login.mako", LOOKUP, PASSWD, "%s/authorization" % config.issuer) if authn is not None: ac.add(config.AUTHORIZATION[authkey]["ACR"], authn, config.AUTHORIZATION[authkey]["WEIGHT"], config.AUTHORIZATION[authkey]["URL"]) # dealing with authorization authz = AuthzHandling() # authz = UserInfoConsent() # User info database if args.insecure: kwargs = {"verify_ssl": False}