def __activate__(self, context): self.log = context["log"] self.request = context["request"] self.sessionState = context["sessionState"] self.setting = JsonSimple(context["systemConfig"].getObject("tim.notification")) self.sessionState.set("username","admin") # read configuration and trigger processing stream sets # storing the return object on the map self.dataMap = HashMap() self.dataMap.put("indexer", context['Services'].getIndexer()) url = self.setting.getString("","url") data = self.__wget(url) json = JsonSimple(data) if json.getInteger(0,["response","numFound"]) > 0 : username = self.setting.getString("",["email","username"]) password = self.setting.getString("",["email","password"]) body = self.setting.getString("",["email","body"]) to = self.setting.getString("",["email","to"]) if self.setting.getString("",["email","testmode"]) == "true" : body = body + "<p>TESTMODE: Was sent to " + to to = self.setting.getString("",["email","redirect"]) email = HtmlEmail() email.setAuthenticator(DefaultAuthenticator(username, password)) email.setHostName(self.setting.getString("localhost",["email","host"])) email.setSmtpPort(self.setting.getInteger(25,["email","port"])) email.setSSL(self.setting.getBoolean(False,["email","ssl"])) email.setTLS(self.setting.getBoolean(False,["email","tls"])) email.setFrom(self.setting.getString("",["email","from"])) email.setSubject(self.setting.getString("Action Required in TIM",["email","subject"])) email.addTo(to) email.setHtmlMsg(body) email.send()
def __activate__(self, context): self.velocityContext = context self.log = self.vc("log") self.systemConfig = self.vc("systemConfig") self.formData = context["formData"] self.assertionText = self.formData.get("assertion") self.session = self.vc("sessionState") self.response = self.vc("response") self.request = self.vc("request") method = self.request.getMethod() #checking access method if method != "POST": self.log.error("Page not accessed by a POST, method:%s" % method) return self.sharedKey = String(self.systemConfig.getString("", "rapidAafSso", "sharedKey")) self.aud = self.systemConfig.getString("", "rapidAafSso", "aud") self.iss = self.systemConfig.getString("", "rapidAafSso", "iss") #checking signature jwsObject = JWSObject.parse(self.assertionText) verifier = MACVerifier(self.sharedKey.getBytes()) verifiedSignature = jwsObject.verify(verifier) if (verifiedSignature): self.log.debug("Verified JWS signature!") else: self.log.error("Invalid JWS signature!") return self.log.debug(jwsObject.getPayload().toString()) self.log.debug(self.session.toString()) json = JsonSimple(jwsObject.getPayload().toString()) aud = json.getString("", "aud") iss = json.getString("", "iss") nbf = json.getInteger(None, "nbf") exp = json.getInteger(None, "exp") jti = json.getString("", "jti") #checking aud if self.aud != aud: self.log.error("Invalid aud: '%s' expecting: '%s'" % (aud, self.aud)) return #checking iss if self.iss != iss: self.log.error("Invalid iss: '%s' expecting: '%s'" % (iss, self.iss)) return #checking times now = Date().getTime() / 1000 if now < nbf or now > exp: self.log.error("Invalid timings.") return #checking jti attributeDao = ApplicationContextProvider.getApplicationContext().getBean("hibernateAuthUserAttributeDao") params = HashMap() params.put("key", "jti") params.put("value", jti) attrList = attributeDao.query("getUserAttributeByKeyAndValue", params) if attrList.size() > 0: self.log.error("Possible replay attack, jti:'%s' found in DB." % jti) return self.session.put("jwt", jwsObject.getPayload().toString()) self.session.put("jwt_json", json) self.session.put("jwt_assertion", self.assertionText) self.session.put("jwt_exp", exp) self.returnAddress = self.session.get("returnAddress") if self.returnAddress is None: self.log.debug("No return address, using portalPath.") self.returnAddress = self.vc("portalPath") self.log.debug("RapidAAF SSO login complete, redirect to: %s" % self.returnAddress) self.response.sendRedirect(self.returnAddress)