def init_oidc_op_endpoints(config, folder):
_server_info_config = config.op['server_info']
_server_info_config['issuer'] = _server_info_config.get('issuer').format(
domain=config.domain, port=config.port)
_fed_conf = _server_info_config.get('federation')
_fed_conf["entity_id"] = config.base_url
if 'httpc_params' not in _fed_conf:
_fed_conf['httpc_params'] = get_http_params(
_server_info_config.get("httpc_params"))
federation_entity = create_federation_entity(cwd=folder, **_fed_conf)
endpoint_context = EndpointContext(_server_info_config,
cwd=folder,
federation_entity=federation_entity)
for endp in endpoint_context.endpoint.values():
p = urlparse(endp.endpoint_path)
_vpath = p.path.split('/')
if _vpath[0] == '':
endp.vpath = _vpath[1:]
else:
endp.vpath = _vpath
return endpoint_context
def __init__(self, conf, keyjar=None, cwd='', cookie_dealer=None):
endpoint_context.EndpointContext.__init__(self,
conf,
keyjar=keyjar,
cwd=cwd,
cookie_dealer=cookie_dealer)
_fed_conf = conf.get('federation')
_fed_conf["entity_id"] = self.issuer
federation_entity = create_federation_entity(cwd=cwd, **_fed_conf)
federation_entity.keyjar.httpc_params = self.httpc_params
self.federation_entity = federation_entity
def init_federation_entity(self, issuer):
args = {k: v for k, v in self.federation_entity_config.items()}
_entity_id = ''
_cnf = self.client_configs.get(issuer)
if _cnf:
_entity_id = _cnf.get('entity_id')
if not _entity_id:
_entity_id = self.federation_entity_config['entity_id']
if '{}' in _entity_id:
_entity_id = _entity_id.format(issuer)
args['entity_id'] = _entity_id
logger.debug('Entity ID: %s', _entity_id)
_federation_entity = create_federation_entity(
httpc_params=self.httpc_params, issuer=issuer, **args)
_federation_entity.keyjar.httpc_params = self.httpc_params
_federation_entity.collector.web_cert_path = self.federation_entity_config.get(
'web_cert_path')
return _federation_entity
if __name__ == '__main__':
import argparse
parser = argparse.ArgumentParser()
parser.add_argument('-k', dest='insecure', action='store_true')
parser.add_argument('-t', dest='trusted_roots')
parser.add_argument('-e', dest='entity_type')
parser.add_argument('-o', dest='opponent_entity_type')
parser.add_argument('-f', dest="msg", help="The message")
args = parser.parse_args()
federation_entity = create_federation_entity(
'issuer',
trusted_roots=args.trusted_roots,
entity_type=args.entity_type,
opponent_entity_type=args.opponent_entity_type)
if not args.msg: # If nothing specified assume stdin
message = sys.stdin.read()
elif args.msg == "-":
message = sys.stdin.read()
else:
if os.path.isfile(args.msg):
message = open(args.msg).read().strip("\n")
else:
message = args.msg
_msg = message.strip()
_msg = _msg.strip('"')
}
}
_provider_config = config.CONFIG['provider']
_server_info_config = config.CONFIG['server_info']
_kj = init_key_jar(**_server_info_config['jwks'])
cookie_dealer = CookieDealer(**_server_info_config['cookie_dealer'])
iss = _server_info_config['issuer']
# make sure I have a set of keys under my 'real' name
_kj.import_jwks_as_json(_kj.export_jwks_as_json(True, ''), iss)
federation_entity = create_federation_entity(**_server_info_config[
'federation'])
endpoint_context = EndpointContext(_server_info_config, keyjar=_kj,
cwd=folder, cookie_dealer=cookie_dealer,
federation_entity=federation_entity)
for endp in endpoint_context.endpoint.values():
p = urlparse(endp.endpoint_path)
_vpath = p.path.split('/')
if _vpath[0] == '':
endp.vpath = _vpath[1:]
else:
endp.vpath = _vpath
cherrypy.tree.mount(
OpenIDProvider(config, endpoint_context),
_base_url = config.BASEURL
_fed_conf = config.client_config['federation']
if args.insecure:
verify_ssl = False
else:
verify_ssl = True
_kj = init_key_jar(private_path=config.PRIVATE_JWKS_PATH,
key_defs=config.KEYDEFS,
public_path=config.PUBLIC_JWKS_PATH)
_kj.import_jwks_as_json(_kj.export_jwks_as_json(True, ''),
_fed_conf['entity_id'])
_kj.verify_ssl = verify_ssl
federation_entity = create_federation_entity(**_fed_conf)
federation_entity.key_jar.verify_ssl = verify_ssl
rph = RPHandler(base_url=_base_url,
hash_seed="BabyDriver",
keyjar=_kj,
jwks_path=config.PUBLIC_JWKS_PATH,
client_configs=config.CLIENTS,
service_factory=factory,
services=config.SERVICES,
client_cls=RP,
verify_ssl=verify_ssl,
federation_entity=federation_entity)
cherrypy.tree.mount(cprp.Consumer(rph, 'html'), '/', provider_config)