def __init__(self, srv, lookup, userdb, spconf, url, return_to, verification_endpoint="verify", cache=None, bindings=None):
"""
Constructor for the class.
:param srv: Usually none, but otherwise the oic server.
:param return_to: The URL to return to after a successful
authentication.
"""
self.userdb = userdb
if cache is None:
self.cache_outstanding_queries = {}
else:
self.cache_outstanding_queries = cache
UserAuthnMethod.__init__(self, srv)
self.return_to = return_to
self.idp_query_param = "IdpQuery"
if bindings:
self.bindings = bindings
else:
self.bindings = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST,
BINDING_HTTP_ARTIFACT]
self.verification_endpoint = verification_endpoint
#Configurations for the SP handler. (pyOpSamlProxy.client.sp.conf)
self.sp_conf = importlib.import_module(spconf)
#self.sp_conf.BASE = self.sp_conf.BASE % url
ntf = NamedTemporaryFile(suffix="pyoidc.py", delete=True)
ntf.write("CONFIG = " + str(self.sp_conf.CONFIG).replace("%s", url))
ntf.seek(0)
self.sp = Saml2Client(config_file="%s" % ntf.name)
mte = lookup.get_template("unauthorized.mako")
argv = {
"message": "You are not authorized!",
}
self.not_authorized = mte.render(**argv)
def __init__(self, srv, mako_template, template_lookup, get_userData, return_to="",
templ_arg_func=None, verification_endpoints=None):
"""
:param srv: The server instance
:param mako_template: Which Mako template to use
:param pwd: Username/password dictionary like database
:param return_to: Where to send the user after authentication
:return:
"""
UserAuthnMethod.__init__(self, srv)
self.mako_template = mako_template
self.template_lookup = template_lookup
self.get_userData = get_userData
self.nerror=0
#if verification_endpoints == None:
self.return_to = return_to
#else:
# self.return_to = verification_endpoints[0]
self.verification_endpoints = verification_endpoints or ["verify"]
self.clientwsdl = Client(VVOPS+'?WSDL')
if templ_arg_func:
self.templ_arg_func = templ_arg_func
else:
self.templ_arg_func = self.template_args
class _UserAuthnMethod(UserAuthnMethod):
def __init__(self, srv, ttl=5, authn_helper=None):
UserAuthnMethod.__init__(self, srv, ttl)
self.query_param = "upm_answer"
self.authn_helper = authn_helper
self.userauthnmethod = UserAuthnMethod(srv, ttl)
def __call__(self, *args, **kwargs):
raise NotImplemented
def __setattr__(self, name, value):
if name == "srv":
try:
self.authn_helper.__setattr__(name, value)
except Exception:
pass
try:
self.userauthnmethod.__setattr__(name, value)
except Exception:
pass
super(_UserAuthnMethod, self).__setattr__(name, value)
def set_srv(self, srv):
self.srv = srv
if self.authn_helper is not None:
self.authn_helper.srv = srv
def authenticated_as(self, cookie=None, **kwargs):
if self.authn_helper is not None:
return self.authn_helper.authenticated_as(cookie, **kwargs)
return self.userauthnmethod.authenticated_as(cookie, **kwargs)
def generateReturnUrl(self, return_to, uid):
return create_return_url(return_to, uid, **{self.query_param: "true"})
def __init__(self, auth_handler_list):
"""
Constructor.
:param auth_handler_list: An ordered list of authentication classes (implementations of UserAuthnMethod).
"""
UserAuthnMethod.__init__(self, "")
self.auth_handler_list = auth_handler_list
#Amount of authentications that has to be performed.
self.steps = len(auth_handler_list) - 1
#Must be updated on the side.
self.ophandler = None
def __init__(self, srv, redirect_url, return_to):
"""
Constructor for the class.
:param srv: Provider for the oic server. If None then it is set by the baseclass. (oic.oic.provider.Provider)
:param redirect_url: URL that matches the method in the SpHandler class that performs authentication against
an IdP.
:param return_to: The URL to return to after a successful authentication. Generally the OP servers
authorization endpoint.
"""
UserAuthnMethod.__init__(self, srv)
self.redirect_url = redirect_url
self.return_to = return_to
def __init__(self, srv, cas_server, service_url, return_to, extra_validation = None):
"""
Constructor for the class.
:param srv: Usually none, but otherwise the oic server.
:param cas_server: Base URL to the cas server.
:param service_url: BASE url to the service that will use CAS. In this case the oic server's verify URL.
:param return_to: The URL to return to after a successful authentication.
"""
UserAuthnMethod.__init__(self, srv)
self.cas_server = cas_server
self.service_url = service_url
self.return_to = return_to
self.extra_validation = extra_validation
def __init__(self, srv, tmako, template_lookup, totp, pwd):
"""
:param srv: The server instance
:param tmako: Template mako
:param template_lookup: template lookup
:param totp: TOTP dictionary like database
:param pwd: Username/password dictionary like database
:return:
"""
UserAuthnMethod.__init__(self, srv)
self.totp = totp
self.passwd = pwd
self.mako_template = tmako
self.template_lookup = template_lookup
def __init__(
self,
srv,
lookup,
userdb,
spconf,
url,
return_to,
cache=None,
bindings=None,
userinfo=None,
samlcache=None,
):
"""
Construct the class.
:param srv: Usually none, but otherwise the oic server.
:param return_to: The URL to return to after a successful
authentication.
"""
self.userdb = userdb
self.userinfo = userinfo
if cache is None:
self.cache_outstanding_queries = {} # type: Mapping[str, str]
else:
self.cache_outstanding_queries = cache
UserAuthnMethod.__init__(self, srv)
self.return_to = return_to
self.idp_query_param = "IdpQuery"
if bindings:
self.bindings = bindings
else:
self.bindings = [
BINDING_HTTP_REDIRECT,
BINDING_HTTP_POST,
BINDING_HTTP_ARTIFACT,
]
# TODO Why does this exist?
self.verification_endpoint = ""
# Configurations for the SP handler.
self.sp_conf = importlib.import_module(spconf)
config = SPConfig().load(self.sp_conf.CONFIG)
self.sp = Saml2Client(config=config)
mte = lookup.get_template("unauthorized.mako")
argv = {"message": "You are not authorized!"}
self.not_authorized = mte.render(**argv)
self.samlcache = self.sp_conf.SAML_CACHE
def __init__(self, srv, cas_server, service_url, return_to,
extra_validation=None):
"""
Constructor for the class.
:param srv: Usually none, but otherwise the oic server.
:param cas_server: Base URL to the cas server.
:param service_url: BASE url to the service that will use CAS. In
this case the oic server's verify URL.
:param return_to: The URL to return to after a successful
authentication.
"""
UserAuthnMethod.__init__(self, srv)
self.cas_server = cas_server
self.service_url = service_url
self.return_to = return_to
self.extra_validation = extra_validation
def __init__(self, srv, mako_template, template_lookup, get_totp_secret_key, return_to="",
templ_arg_func=None, verification_endpoints=None, nerror=0):
"""
:param srv: The server instance
:param mako_template: Which Mako template to use
:param pwd: Username/password dictionary like database
:param return_to: Where to send the user after authentication
:return:
"""
UserAuthnMethod.__init__(self, srv)
self.nerrors = nerror
self.mako_template = mako_template
self.template_lookup = template_lookup
self.get_totp_secret_key = get_totp_secret_key
self.return_to = return_to
# if verification_endpoints != None:
# self.return_to = verification_endpoints[0]
self.verification_endpoints = verification_endpoints or ["verify"]
if templ_arg_func:
self.templ_arg_func = templ_arg_func
else:
self.templ_arg_func = self.template_args
def __init__(self, srv, lookup, userdb, spconf, url, return_to,
cache=None,
bindings=None, userinfo=None, samlcache=None):
"""
Constructor for the class.
:param srv: Usually none, but otherwise the oic server.
:param return_to: The URL to return to after a successful
authentication.
"""
self.userdb = userdb
self.userinfo = userinfo
if cache is None:
self.cache_outstanding_queries = {}
else:
self.cache_outstanding_queries = cache
UserAuthnMethod.__init__(self, srv)
self.return_to = return_to
self.idp_query_param = "IdpQuery"
if bindings:
self.bindings = bindings
else:
self.bindings = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST,
BINDING_HTTP_ARTIFACT]
# TODO Why does this exist?
self.verification_endpoint = ""
# Configurations for the SP handler.
self.sp_conf = importlib.import_module(spconf)
config = SPConfig().load(self.sp_conf.CONFIG)
self.sp = Saml2Client(config=config)
mte = lookup.get_template("unauthorized.mako")
argv = {
"message": "You are not authorized!",
}
self.not_authorized = mte.render(**argv)
self.samlcache = self.sp_conf.SAML_CACHE
def __init__(self, authn_instance, end_point_index):
# Must be initiated before super constructor is called
self.authn_instance = authn_instance
UserAuthnMethod.__init__(self, None)
self.end_point_index = end_point_index
def __init__(self, srv, user, password=None):
UserAuthnMethod.__init__(self, srv)
self.user = user
self.password = password
def __init__(self, srv, uid="Linda"):
UserAuthnMethod.__init__(self, srv)
self.user = uid
def __init__(self, auth_module):
UserAuthnMethod.__init__(self, None)
self.auth_module = auth_module
def __init__(self, srv, ttl=5, authn_helper=None):
UserAuthnMethod.__init__(self, srv, ttl)
self.query_param = "upm_answer"
self.authn_helper = authn_helper
self.userauthnmethod = UserAuthnMethod(srv, ttl)
def __init__(self, srv, uid="Linda"):
UserAuthnMethod.__init__(self, srv)
self.user = uid
def __init__(self, authn_instance, end_point_index):
UserAuthnMethod.__init__(self, None)
self.authn_instance = authn_instance
self.end_point_index = end_point_index
def __init__(self, auth_module):
UserAuthnMethod.__init__(self, None)
self.auth_module = auth_module
def __init__(self, srv, user):
UserAuthnMethod.__init__(self, srv)
self.user = user
def __init__(self, authn_instance, end_point_index):
# Must be initiated before super constructor is called
self.authn_instance = authn_instance
UserAuthnMethod.__init__(self, None)
self.end_point_index = end_point_index
def __init__(self, srv, user):
UserAuthnMethod.__init__(self, srv)
self.user = user
def __init__(self, authn_instance, end_point_index):
UserAuthnMethod.__init__(self, None)
self.authn_instance = authn_instance
self.end_point_index = end_point_index
