Exemplo n.º 1
0
    def init_config(self, stype="idp"):
        """ Remaining init of the server configuration 
        
        :param stype: The type of Server ("idp"/"aa")
        """
        if stype == "aa":
            return

        # subject information is stored in a database
        # default database is in memory which is OK in some setups
        dbspec = self.config.getattr("subject_data", "idp")
        idb = None
        typ = ""
        if not dbspec:
            idb = {}
        elif isinstance(dbspec, basestring):
            idb = shelve.open(dbspec, writeback=True)
        else:  # database spec is a a 2-tuple (type, address)
            #print >> sys.stderr, "DBSPEC: %s" % (dbspec,)
            (typ, addr) = dbspec
            if typ == "shelve":
                idb = shelve.open(addr, writeback=True)
            elif typ == "memcached":
                idb = memcache.Client(addr)
            elif typ == "dict":  # in-memory dictionary
                idb = {}
            elif typ == "mongodb":
                self.ident = IdentMDB(database=addr, collection="ident")

        if typ == "mongodb":
            pass
        elif idb is not None:
            self.ident = IdentDB(idb)
        elif dbspec:
            raise Exception("Couldn't open identity database: %s" % (dbspec, ))

        self.ident.name_qualifier = self.config.entityid

        dbspec = self.config.getattr("edu_person_targeted_id", "idp")
        if not dbspec:
            pass
        else:
            typ = dbspec[0]
            addr = dbspec[1]
            secret = dbspec[2]
            if typ == "shelve":
                self.eptid = EptidShelve(secret, addr)
            elif typ == "mongodb":
                self.eptid = EptidMDB(secret,
                                      database=addr,
                                      collection="eptid")
            else:
                self.eptid = Eptid(secret)
Exemplo n.º 2
0
def test_eptid_shelve():
    edb = EptidShelve("secret", "eptid.db")
    e1 = edb.get("idp_entity_id", "sp_entity_id", "user_id", "some other data")
    print e1
    assert e1.startswith("idp_entity_id!sp_entity_id!")
    e2 = edb.get("idp_entity_id", "sp_entity_id", "user_id", "some other data")
    assert e1 == e2

    e3 = edb.get("idp_entity_id", "sp_entity_id", "user_2", "some other data")
    print e3
    assert e1 != e3

    e4 = edb.get("idp_entity_id", "sp_entity_id2", "user_id", "some other data")
    assert e4 != e1
    assert e4 != e3
Exemplo n.º 3
0
    def init_config(self, stype="idp"):
        """ Remaining init of the server configuration

        :param stype: The type of Server ("idp"/"aa")
        """
        if stype == "aa":
            return

        # subject information is stored in a database
        # default database is in memory which is OK in some setups
        dbspec = self.config.getattr("subject_data", "idp")
        idb = None
        typ = ""
        if not dbspec:
            idb = {}
        elif isinstance(dbspec, six.string_types):
            idb = _shelve_compat(dbspec, writeback=True, protocol=2)
        else:  # database spec is a a 2-tuple (type, address)
            # print(>> sys.stderr, "DBSPEC: %s" % (dbspec,))
            (typ, addr) = dbspec
            if typ == "shelve":
                idb = _shelve_compat(addr, writeback=True, protocol=2)
            elif typ == "memcached":
                import memcache

                idb = memcache.Client(addr)
            elif typ == "dict":  # in-memory dictionary
                idb = {}
            elif typ == "mongodb":
                from saml2.mongo_store import IdentMDB

                self.ident = IdentMDB(database=addr, collection="ident")

            elif typ == "identdb":
                mod, clas = addr.rsplit('.', 1)
                mod = importlib.import_module(mod)
                self.ident = getattr(mod, clas)()

        if typ == "mongodb" or typ == "identdb":
            pass
        elif idb is not None:
            self.ident = IdentDB(idb)
        elif dbspec:
            raise Exception("Couldn't open identity database: %s" %
                            (dbspec,))

        try:
            _domain = self.config.getattr("domain", "idp")
            if _domain:
                self.ident.domain = _domain

            self.ident.name_qualifier = self.config.entityid

            dbspec = self.config.getattr("edu_person_targeted_id", "idp")
            if not dbspec:
                pass
            else:
                typ = dbspec[0]
                addr = dbspec[1]
                secret = dbspec[2]
                if typ == "shelve":
                    self.eptid = EptidShelve(secret, addr)
                elif typ == "mongodb":
                    from saml2.mongo_store import EptidMDB

                    self.eptid = EptidMDB(secret, database=addr,
                                          collection="eptid")
                else:
                    self.eptid = Eptid(secret)
        except Exception:
            self.ident.close()
            raise
Exemplo n.º 4
0
def setup_server_env(proxy_conf, conf_mod, key):
    """

    :param proxy_conf:
    :param conf_mod:
    :param key: RSA key
    :return:
    """
    global SERVER_ENV
    global logger
    #noinspection PyUnboundLocalVariable
    SERVER_ENV = dict([(k, v) for k, v in proxy_conf.__dict__.items()
                       if not k.startswith("__")])

    SERVER_ENV["sessions"] = {}

    SERVER_ENV["eptid"] = EptidShelve(proxy_conf.SECRET, proxy_conf.EPTID_DB)

    _idp = server.Server(conf_mod)

    if key:
        rsa_key = RSAKey(key=key)
        rsa_key.serialize()
    else:
        rsa_key = None

    args = {"metad": _idp.metadata, "dkeys": [rsa_key]}

    SERVER_ENV["consumer_info"] = utils.ConsumerInfo(proxy_conf.CONSUMER_INFO,
                                                     **args)
    SERVER_ENV["service"] = proxy_conf.SERVICE

    # add the service endpoints
    part = urlparse.urlparse(_idp.config.entityid)
    base = "%s://%s/" % (part.scheme, part.netloc)
    SERVER_ENV["SCHEME"] = part.scheme
    try:
        (host, port) = part.netloc.split(":")
        port = int(port)
    except ValueError:  # no port specification
        host = part.netloc
        if part.scheme == "http":
            port = 80
        elif part.scheme == "https":
            port = 443
        else:
            raise ValueError("Unsupported scheme")

    SERVER_ENV["HOST"] = host
    SERVER_ENV["PORT"] = port

    endpoints = {"single_sign_on_service": [], "single_logout_service": []}
    for key, _dict in proxy_conf.SERVICE.items():
        _sso = _dict["saml_endpoint"]
        endpoints["single_sign_on_service"].append("%s%s" % (base, _sso))
        endpoints["single_logout_service"].append(
            ("%s%s/logout" % (base, _sso), BINDING_HTTP_REDIRECT))

    _idp.config.setattr("idp", "endpoints", endpoints)

    SERVER_ENV["idp"] = _idp
    SERVER_ENV["template_lookup"] = LOOKUP
    SERVER_ENV["sid_generator"] = session_nr()
    SERVER_ENV["base_url"] = base
    SERVER_ENV["STATIC_DIR"] = proxy_conf.STATIC_DIR
    SERVER_ENV["METADATA_DIR"] = proxy_conf.METADATA_DIR
    SERVER_ENV["SIGN"] = proxy_conf.SIGN

    #print SERVER_ENV
    if proxy_conf.CACHE == "memory":
        SERVER_ENV["CACHE"] = cache.Cache(SERVER_ENV["SERVER_NAME"],
                                          SERVER_ENV["SECRET"])
    elif proxy_conf.CACHE.startswith("file:"):
        SERVER_ENV["CACHE"] = cache.Cache(SERVER_ENV["SERVER_NAME"],
                                          SERVER_ENV["SECRET"],
                                          filename=proxy_conf.CACHE[5:])

    logger = setup_logger(_idp.config)
    if proxy_conf.DEBUG:
        logger.setLevel(logging.DEBUG)

    logger.debug("SERVER_ENV: %s" % SERVER_ENV)
    return _idp