def login_oauth2(request): try: common.authentication_required(request) logger.info('Authenticating OAuth2 for {}'.format( request.user.auth.openid_url)) auth_service, cert_service = openid.services( request.user.auth.openid_url, (URN_AUTHORIZE, URN_RESOURCE)) redirect_url, state = oauth2.get_authorization_url( auth_service.server_url, cert_service.server_url) logger.info('Retrieved authorization url for OpenID {}'.format( request.user.auth.openid_url)) request.session.update({ 'oauth_state': state, 'openid': request.user.auth.openid_url }) except WPSError as e: logger.exception('Error authenticating OAuth2') return common.failed(str(e)) else: return common.success({'redirect': redirect_url})
def login_mpc(request): try: common.authentication_required(request) form = forms.MPCForm(request.POST) data = common.validate_form(form, ('username', 'password')) logger.info('Authenticating MyProxyClient for {}'.format( data['username'])) services = openid.services(request.user.auth.openid_url, (URN_MPC, )) g = re.match('socket://(.*):(.*)', services[0].server_url) if g is None or len(g.groups()) != 2: raise MPCEndpointParseError() host, port = g.groups() from OpenSSL import SSL MyProxyClient.SSL_METHOD = SSL.TLSv1_2_METHOD try: m = MyProxyClient(hostname=host, caCertDir=settings.WPS_CA_PATH) c = m.logon(data['username'], data['password'], bootstrap=True) except Exception as e: raise common.AuthenticationError(user=data['username']) logger.info( 'Authenticated with MyProxyClient backend for user {}'.format( data['username'])) request.user.auth.update('myproxyclient', c) except WPSError as e: logger.exception('Error authenticating MyProxyClient') return common.failed(str(e)) else: metrics.track_login(metrics.WPS_MPC_LOGIN_SUCCESS, request.user.auth.openid_url) return common.success({ 'type': request.user.auth.type, 'api_key': request.user.auth.api_key }) finally: if not request.user.is_anonymous: metrics.track_login(metrics.WPS_MPC_LOGIN, request.user.auth.openid_url)
def user_logout(request): try: common.authentication_required(request) logger.info('Logging user {} out'.format(request.user.username)) logout(request) except WPSError as e: logger.exception('Error logging user out') return common.failed(str(e)) else: return common.success('Logged out')
def processes(request): try: common.authentication_required(request) data = [ dict(identifier=x.identifier, description=x.description) for x in models.Process.objects.all() if x.enabled ] except WPSError as e: logger.exception('Error retrieving processes') return common.failed(e.message) else: return common.success(data)
def user_cert(request): try: if not settings.CERT_DOWNLOAD_ENABLED: return http.HttpResponseBadRequest() metrics.WPS_CERT_DOWNLOAD.inc() common.authentication_required(request) user = request.user cert = user.auth.cert content_type = 'application/force-download' response = http.HttpResponse(cert, content_type=content_type) response['Content-Disposition'] = 'attachment; filename="cert.pem"' response['Content-Length'] = len(cert) except WPSError as e: return http.HttpResponseBadRequest() else: return response