from saml2 import BINDING_HTTP_POST, BINDING_HTTP_REDIRECT from saml2.client import Saml2Client from saml2.response import StatusRequestDenied from saml2.xmldsig import SIG_RSA_SHA1, DIGEST_SHA1 from waldur_core.core.views import ( login_failed, login_completed, logout_failed, logout_completed, RefreshTokenMixin, validate_authentication_method) from . import filters, models, serializers, utils from .log import event_logger logger = logging.getLogger(__name__) validate_saml2 = validate_authentication_method('SAML2') class BaseSaml2View(APIView): throttle_classes = () permission_classes = () authentication_classes = () class Saml2LoginView(BaseSaml2View): """ SAML Authorization endpoint This view receives authorization requests from users and redirects them to corresponding IdP authorization page. The "metadata" has to be set in SAML_CONFIG in settings.py
from django.http import Http404 from rest_framework import decorators, mixins, response, viewsets from waldur_core.core import mixins as core_mixins from waldur_core.core.views import validate_authentication_method from . import executors, models, serializers validate_valimo = validate_authentication_method('VALIMO') class AuthResultViewSet(core_mixins.CreateExecutorMixin, mixins.CreateModelMixin, viewsets.GenericViewSet): queryset = models.AuthResult.objects.all().order_by('user') serializer_class = serializers.AuthResultSerializer permission_classes = () lookup_field = 'uuid' create_executor = executors.AuthExecutor @validate_valimo def create(self, request, *args, **kwargs): """ To start PKI login process - issue post request with users phone. Example of a valid request: .. code-block:: http POST /api/auth-valimo/ HTTP/1.1 Content-Type: application/json Accept: application/json Host: example.com
from . import tasks from .log import event_logger, provider_event_type_mapping from .models import AuthProfile from .serializers import ActivationSerializer, AuthSerializer, RegistrationSerializer logger = logging.getLogger(__name__) auth_social_settings = getattr(settings, 'WALDUR_AUTH_SOCIAL', {}) GOOGLE_SECRET = auth_social_settings.get('GOOGLE_SECRET') FACEBOOK_SECRET = auth_social_settings.get('FACEBOOK_SECRET') SMARTIDEE_SECRET = auth_social_settings.get('SMARTIDEE_SECRET') TARA_CLIENT_ID = auth_social_settings.get('TARA_CLIENT_ID') TARA_SECRET = auth_social_settings.get('TARA_SECRET') TARA_SANDBOX = auth_social_settings.get('TARA_SANDBOX') validate_social_signup = validate_authentication_method('SOCIAL_SIGNUP') validate_local_signup = validate_authentication_method('LOCAL_SIGNUP') User = get_user_model() class AuthException(APIException): status_code = status.HTTP_401_UNAUTHORIZED class FacebookException(AuthException): def __init__(self, facebook_error): self.message_text = facebook_error.get('message', 'Undefined') self.message_type = facebook_error.get('type', 'Undefined') self.message_code = facebook_error.get('code', 'Undefined') self.message = 'Facebook error {} (code:{}): {}'.format(
from django.conf.urls import url from django.views.decorators.csrf import csrf_exempt from django_openid_auth import views as auth_view from waldur_core.core.views import validate_authentication_method from . import views validate_openid = validate_authentication_method('ESTONIAN_ID') login_begin = validate_openid(csrf_exempt(auth_view.login_begin)) login_complete = validate_openid(auth_view.login_complete) urlpatterns = [ url(r'^api-auth/openid/login/$', login_begin, name='openid-login'), url(r'^api-auth/openid/complete/$', login_complete, name='openid-complete'), url(r'^api-auth/openid/logo.gif$', auth_view.logo, name='openid-logo'), url(r'^api-auth/openid/login_completed/', views.login_completed), ]