def create_login_page_box(referer='', ln=CFG_SITE_LANG): # List of referer regexep and message to print _ = gettext_set_language(ln) login_referrer2msg = ( (re.compile(r"/search"), "<p>" + _("This collection is restricted. If you think you have right to access it, please authenticate yourself.") + "</p>"), (re.compile(r"/%s/\d+/files/.+" % CFG_SITE_RECORD), "<p>" + _("This file is restricted. If you think you have right to access it, please authenticate yourself.") + "</p>"), ) msg = "" for regexp, txt in login_referrer2msg: if regexp.search(referer): msg = txt break internal = None for system in CFG_EXTERNAL_AUTHENTICATION.keys(): if CFG_EXTERNAL_AUTHENTICATION[system] is None: internal = system break register_available = CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1 and internal ## Let's retrieve all the login method that are not dedicated to robots methods = [method[0] for method in CFG_EXTERNAL_AUTHENTICATION.iteritems() if not method[1] or not method[1].robot_login_method_p()] methods.sort() return websession_templates.tmpl_login_form( ln = ln, referer = referer, internal = internal, register_available = register_available, methods = methods, selected_method = CFG_EXTERNAL_AUTH_DEFAULT, msg = msg, )
def create_login_page_box(referer='', ln=CFG_SITE_LANG): # List of referer regexep and message to print _ = gettext_set_language(ln) login_referrer2msg = ( (re.compile(r"/search"), "<p>" + _("This collection is restricted. If you think you have right to access it, please authenticate yourself." ) + "</p>"), (re.compile(r"/%s/\d+/files/.+" % CFG_SITE_RECORD), "<p>" + _("This file is restricted. If you think you have right to access it, please authenticate yourself." ) + "</p>"), (re.compile(r"openid-invalid"), "<p>" + _("The OpenID identifier is invalid") + "</p>"), (re.compile(r"openid-python"), "<p>%s</p><p>%s</p>" % (_("python-openid package must be installed: run make install-openid-package or download manually from https://github.com/openid/python-openid/" ), _("Please inform the <a href='mailto%s'>administator</a>" % CFG_SITE_ADMIN_EMAIL))), (re.compile(r"oauth-rauth"), "<p>%s</p><p>%s</p>" % (_("rauth package must be installed: run make install-oauth-package or download manually from https://github.com/litl/rauth/" ), _("Please inform the <a href='mailto%s'>administator</a>" % CFG_SITE_ADMIN_EMAIL))), (re.compile(r"oauth-config"), "<p>%s</p><p>%s</p>" % (_("The configuration isn't set properly"), _("Please inform the <a href='mailto%s'>administator</a>" % CFG_SITE_ADMIN_EMAIL))), (re.compile(r"connection-error"), "<p>%s</p>" % (_("Cannot connect the provider. Please try again later."))), ) msg = "" for regexp, txt in login_referrer2msg: if regexp.search(referer): msg = txt break internal = None for system in CFG_EXTERNAL_AUTHENTICATION.keys(): if CFG_EXTERNAL_AUTHENTICATION[system] is None: internal = system break register_available = CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1 and internal ## Let's retrieve all the login method that are not dedicated to robots methods = [ method[0] for method in CFG_EXTERNAL_AUTHENTICATION.iteritems() if not method[1] or not method[1].robot_login_method_p() ] methods.sort() return websession_templates.tmpl_login_form( ln=ln, referer=referer, internal=internal, register_available=register_available, methods=methods, selected_method=CFG_EXTERNAL_AUTH_DEFAULT, msg=msg, )
def test_create_example_url(self, email, login_method, robot, ip, assertion=None, timeout=None, referer=None, groups=None, nickname=None): """ Create a test URL to test the robot login. @param email: email of the user we want to login as. @type email: string @param login_method: the login_method name as specified in CFG_EXTERNAL_AUTHENTICATION. @type login_method: string @param robot: the identifier of this robot. @type robot: string @param assertion: any further data we want to send to. @type: json serializable mapping @param ip: the IP of the user. @type: string @param timeout: timeout when the URL will expire (in seconds from the Epoch) @type timeout: float @param referer: the URL where to land after successful login. @type referer: string @param groups: the list of optional group of the user. @type groups: list of string @param nickname: the optional nickname of the user. @type nickname: string @return: the URL to login as the user. @rtype: string """ from invenio.access_control_config import CFG_EXTERNAL_AUTHENTICATION from invenio.urlutils import create_url if assertion is None: assertion = {} assertion[self.email_attribute_name] = email if nickname: assertion[self.nickname_attribute_name] = nickname if groups: assertion[self.groups_attribute_name] = self.groups_separator.join(groups) if timeout is None: timeout = time.time() + CFG_ROBOT_URL_TIMEOUT assertion[self.timeout_attribute_name] = timeout if referer is None: referer = CFG_SITE_URL if login_method is None: for a_login_method, details in CFG_EXTERNAL_AUTHENTICATION.iteritems(): if details[2]: login_method = a_login_method break robot_keys = load_robot_keys() assertion[self.userip_attribute_name] = ip assertion = json.dumps(assertion) if self.use_zlib: assertion = base64.urlsafe_b64encode(compress(assertion)) shared_key = robot_keys[login_method][robot] digest = self.sign(shared_key, assertion) return create_url("%s%s" % (CFG_SITE_SECURE_URL, "/youraccount/robotlogin"), { 'assertion': assertion, 'robot': robot, 'login_method': login_method, 'digest': digest, 'referer': referer})
def create_login_page_box(referer='', ln=CFG_SITE_LANG): # List of referer regexep and message to print _ = gettext_set_language(ln) login_referrer2msg = ( (re.compile(r"/search"), "<p>" + _("This collection is restricted. If you think you have right to access it, please authenticate yourself.") + "</p>"), (re.compile(r"/%s/\d+/files/.+" % CFG_SITE_RECORD), "<p>" + _("This file is restricted. If you think you have right to access it, please authenticate yourself.") + "</p>"), (re.compile(r"openid-invalid"), "<p>" + _("The OpenID identifier is invalid") + "</p>"), (re.compile(r"openid-python"), "<p>%s</p><p>%s</p>" % (_("python-openid package must be installed: run make install-openid-package or download manually from https://github.com/openid/python-openid/"), _("Please inform the <a href='mailto%s'>administator</a>" % CFG_SITE_ADMIN_EMAIL))), (re.compile(r"oauth-rauth"), "<p>%s</p><p>%s</p>" % (_("rauth package must be installed: run make install-oauth-package or download manually from https://github.com/litl/rauth/"), _("Please inform the <a href='mailto%s'>administator</a>" % CFG_SITE_ADMIN_EMAIL))), (re.compile(r"oauth-config"), "<p>%s</p><p>%s</p>" % (_("The configuration isn't set properly"), _("Please inform the <a href='mailto%s'>administator</a>" % CFG_SITE_ADMIN_EMAIL))), (re.compile(r"connection-error"), "<p>%s</p>" % (_("Cannot connect the provider. Please try again later."))), ) msg = "" for regexp, txt in login_referrer2msg: if regexp.search(referer): msg = txt break internal = None for system in CFG_EXTERNAL_AUTHENTICATION.keys(): if CFG_EXTERNAL_AUTHENTICATION[system] is None: internal = system break register_available = CFG_ACCESS_CONTROL_LEVEL_ACCOUNTS <= 1 and internal ## Let's retrieve all the login method that are not dedicated to robots methods = [method[0] for method in CFG_EXTERNAL_AUTHENTICATION.iteritems() if not method[1] or not method[1].robot_login_method_p()] methods.sort() return websession_templates.tmpl_login_form( ln = ln, referer = referer, internal = internal, register_available = register_available, methods = methods, selected_method = CFG_EXTERNAL_AUTH_DEFAULT, msg = msg, )