Exemplo n.º 1
0
def logged_in():
    print "USER LOGGED IN VIA IDPORTEN"
    print request.values
    SAMLResponse = request.values['SAMLResponse']

    res = Response(SAMLResponse, "TODO: remove signature parameter")
    valid = res.is_valid(settings["idp_cert_file"],
                         settings["private_key_file"])

    uid = res.get_decrypted_assertion_attribute_value("uid")
    name_id = res.name_id
    print "UID", uid
    print "NAME ID: ", name_id
    print "Session index: ", res.get_session_index()
    user_info["uid"] = uid
    user_info["name_id"] = name_id
    user_info["session_index"] = res.get_session_index()

    return render_template('home.html', decrypted=res.decrypted, uid=uid)
def logged_in():
    print "USER LOGGED IN VIA IDPORTEN"
    print request.values
    SAMLResponse = request.values['SAMLResponse']

    res = Response(
        SAMLResponse,
        "TODO: remove signature parameter"
        )
    valid = res.is_valid(settings["idp_cert_file"], settings["private_key_file"])

    uid = res.get_decrypted_assertion_attribute_value("uid")
    name_id = res.name_id
    print "UID", uid
    print "NAME ID: ", name_id
    print "Session index: ", res.get_session_index()
    user_info["uid"] = uid
    user_info["name_id"] = name_id
    user_info["session_index"] = res.get_session_index()

    return render_template('home.html', decrypted = res.decrypted, uid = uid)
Exemplo n.º 3
0
def logged_in():
    # IDPorten redirects to this URL if all ok with login
    app.logger.info("User logged in via ID-porten: request.values=%s",
                    request.values)
    SAMLResponse = request.values['SAMLResponse']

    res = IdpResponse(
        SAMLResponse,
        "TODO: remove signature parameter"
    )

    # Decrypt response from IDPorten with our private key, and make sure that the response is valid
    # (it was encrypted with same key)
    valid = res.is_valid(app.idporten_settings["idp_cert_file"], app.idporten_settings["private_key_file"])
    if valid:
        national_id_number = res.get_decrypted_assertion_attribute_value("uid")[0]
        idporten_parameters = {
            "session_index": res.get_session_index(),
            "name_id": res.name_id
        }

        auth_user = authentication.login_idporten_user_by_private_id(national_id_number,
                                                                     idporten_parameters)
        login_user(auth_user, remember=True)

        # Force the user to fill in the profile if unregistered
        if not auth_user.is_registered():
            app.logger.info("Logged in: %s Uregistrert bruker (%s)",
                            datetime.now().isoformat(),
                            national_id_number[:6])
            response = make_response(redirect("/profile"))
        else:
            app.logger.info("Logged in: %s %s %s (%s)",
                            datetime.now().isoformat(),
                            auth_user.first_name,
                            auth_user.last_name,
                            national_id_number[:6])

            # Check if the user wants to redirect to a specific page
            redirect_target = get_redirect_target_from_cookie(request)
            response = make_response(redirect(redirect_target or request.args.get('next') or '/'))
            invalidate_redirect_target_cookie(response)

        set_cookie(response, 'auth_token', make_auth_token(auth_user.user_id))
        return response
    else:
        abort(404, 'Ugyldig innlogging.')
Exemplo n.º 4
0
def logged_in():
    app.logger.info("User logged in via ID-porten: request.values=%s",
                    request.values)
    SAMLResponse = request.values['SAMLResponse']

    res = IdpResponse(
        SAMLResponse,
        "TODO: remove signature parameter"
    )
    valid = res.is_valid(settings["idp_cert_file"], settings["private_key_file"])
    if valid:
        national_id_number = res.get_decrypted_assertion_attribute_value("uid")[0]
        idporten_parameters = {
            "session_index": res.get_session_index(),
            "name_id": res.name_id
        }

        auth_user = authentication.login_user_by_private_id(national_id_number,
                                                            idporten_parameters)

        # Force the user to fill in the profile if unregistered
        if not auth_user.is_registered():
            app.logger.info("Logged in: %s Uregistrert bruker (%s)",
                            datetime.now().isoformat(),
                            national_id_number[:6])
            response = make_response(redirect("/profile"))
        else:
            app.logger.info("Logged in: %s %s %s (%s)",
                            datetime.now().isoformat(),
                            auth_user.first_name,
                            auth_user.last_name,
                            national_id_number[:6])

            # Check if the user wants to redirect to a specific page
            redirect_target = request.cookies.get("redirect_target", None)
            if not redirect_target or not is_safe_url(redirect_target):
                redirect_target = None
            response = make_response(
                redirect(redirect_target or request.args.get('next') or '/'))
            # Invalidate the redirect cookie by giving it a past expiry date
            response.set_cookie("redirect_target", "", expires=0)

        set_cookie(response, 'auth_token', make_auth_token(auth_user.user_id))
        return response
    else:
        abort(404, 'Ugyldig innlogging.')