def authenticatedService(request, **kwargs):
operation = kwargs['operation']
isHtmlView = kwargs['isHtmlView']
redirectResponse = getUserInfo(request, kwargs)
if redirectResponse != None:
return redirectResponse
userId = kwargs['userId']
tenantKey = kwargs['tenant']
tenant = Tenant.objects.get(tenantKey=tenantKey)
if tenant == None:
return emitErrorResponse(kwargs, UNIDENTIFIED_TENANT_ERROR, isHtmlView)
try:
tenantUser = SiteUser.objects.get(userId=userId, tenant=tenant)
except SiteUser.DoesNotExist:
tenantUser = None
# see adapter in security package for custom behavior
user = auth.authenticate(**kwargs)
if user != None and user.is_authenticated:
auth.login(request, user)
try:
service = Service(user, tenant, tenantUser)
result = service.doOperation(operation, request, kwargs)
except:
auth.logout(request)
raise
auth.logout(request)
else:
return emitErrorResponse(kwargs, USER_CANT_BE_AUTHENTICATED % (kwargs), isHtmlView)
return result
def getUserInfo(request, kwargs):
redirectResponse = None
ssoSource = kwargs['sso']
attributeDict = dict()
userId = None
authMemCookieKey = request.COOKIES.get('AuthMemCookie')
if authMemCookieKey != None:
attrBuf = cache.get(authMemCookieKey)
if attrBuf != None:
attributes = attrBuf.split('\r\n')
for attributePair in attributes:
tokens = attributePair.split('=')
if len(tokens) == 2:
name = tokens[0]
value = tokens[1]
log(name + '=' + value)
attributeDict[name] = value
userId = attributeDict.get('ATTR_UserId')
if userId != None:
kwargs['userId'] = userId
kwargs['firstname'] = attributeDict.get('ATTR_FirstName')
kwargs['lastname'] = attributeDict.get('ATTR_LastName')
kwargs['emailAddress'] = attributeDict.get('ATTR_EmailAddress')
kwargs['role'] = 'student'
log('OpenSSO authenticated ' + userId)
elif ssoSource == None or ssoSource.endswith('andDB'):
getUserInfoTest(request, kwargs)
log('TestAuthenticator authenticated ' + kwargs['userId'])
else:
redirectResponse = emitErrorResponse(kwargs, UNIDENTIFIED_USER_ERROR, kwargs['isHtmlView'])
return redirectResponse
