def set_ssoparam(ReturnUrl="/"):
"""生成sso请求参数,5min过期"""
app_name = SSO.get("app_name")
app_id = SSO.get("app_id")
app_secret = SSO.get("app_secret")
return cbc.encrypt(
jwt.createJWT(payload=dict(app_name=app_name,
app_id=app_id,
app_secret=app_secret,
ReturnUrl=ReturnUrl),
expiredSeconds=300))
def logout():
#data = requests.delete(SSO.get("SSO.URL") + "/sso/", timeout=6, headers={"User-Agent": "Interest.blog/%s" %__version__}, verify=False, data={"username": g.username, "time": g.expires, "sessionId": g.sessionId}).text
#logger.info({"sso logout": data})
SSOLogoutURL = SSO.get("SSO.URL") + "/sso/?nextUrl=" + SSO.get(
"SSO.REDIRECT")
resp = make_response(redirect(SSOLogoutURL))
resp.set_cookie(key='logged_in', value='', expires=0)
resp.set_cookie(key='username', value='', expires=0)
resp.set_cookie(key='sessionId', value='', expires=0)
resp.set_cookie(key='time', value='', expires=0)
resp.set_cookie(key='Azone', value='', expires=0)
return resp
def isLogged_in(cookie_str):
''' check username is logged in '''
AuthType = GLOBAL["Authentication"].lower()
if AuthType == "sso":
SSOURL = SSO.get("SSO.URL")
if cookie_str and not cookie_str == '..':
username, expires, sessionId = cookie_str.split('.')
success = requests.post(SSOURL + "/sso/",
data={
"username": username,
"time": expires,
"sessionId": sessionId
},
timeout=5,
verify=False,
headers={
"User-Agent": "Template"
}).json().get("success", False)
logger.info("check login request, cookie_str: %s, success:%s" %
(cookie_str, success))
return success
elif AuthType == "none":
return True
else:
logger.info("Not Logged in")
return False
def logout():
SSOLogoutURL = SSO.get(
"SSO.URL") + "/sso/?nextUrl=" + request.url_root.strip("/")
resp = make_response(redirect(SSOLogoutURL))
resp.set_cookie(key='logged_in', value='', expires=0)
resp.set_cookie(key='username', value='', expires=0)
resp.set_cookie(key='sessionId', value='', expires=0)
resp.set_cookie(key='time', value='', expires=0)
resp.set_cookie(key='Azone', value='', expires=0)
return resp
def login():
if g.signin:
return redirect(url_for("index"))
else:
SSOLoginURL = "%s/login/?%s" % (
SSO.get("SSO.URL"),
urlencode({
"sso":
True,
"sso_r":
SSO.get("SSO.REDIRECT") + "/sso/",
"sso_p":
SSO.get("SSO.PROJECT"),
"sso_t":
md5("%s:%s" % (SSO.get("SSO.PROJECT"),
SSO.get("SSO.REDIRECT") + "/sso/"))
}))
logger.info("User request login to SSO: %s" % SSOLoginURL)
return redirect(SSOLoginURL)
def isLogged_in(cookie_str):
''' To determine whether to log on with cookie '''
SSOURL = SSO.get("SSO.URL")
if cookie_str and not cookie_str == '..':
username, expires, sessionId = cookie_str.split('.')
#success = Requests(SSOURL+"/sso/").post(data={"username": username, "time": expires, "sessionId": sessionId}).get("success", False)
success = requests.post(SSOURL+"/sso/", data={"username": username, "time": expires, "sessionId": sessionId}, timeout=5, verify=False, headers={"User-Agent": SSO.get("SSO.PROJECT")}).json().get("success", False)
logger.info("check login request, cookie_str: %s, success:%s" %(cookie_str, success))
return success
else:
logger.info("Not Logged in")
return False
def isLogged_in(cookie_str):
''' check username is logged in '''
SSOURL = SSO.get("SSO.URL")
if cookie_str and not cookie_str == '..':
username, expires, sessionId = cookie_str.split('.')
try:
success = requests.post(SSOURL+"/sso/", data={"username": username, "time": expires, "sessionId": sessionId}, timeout=3, verify=False, headers={"User-Agent": "SSO.Client"}).json().get("success", False)
except Exception,e:
logger.sso.error(e, exc_info=True)
else:
logger.sso.info("check login request, cookie_str: %s, success:%s" %(cookie_str, success))
return success
__url__ = "https://www.saintic.com"
#: Plugin License
#: 插件许可证
__license__ = "MIT"
#: Plugin License File
#: 插件许可证文件
__license_file__ = "LICENSE"
#: Plugin Readme File
#: 插件自述文件
__readme_file__ = "README"
#: Plugin state, enabled or disabled, default: enabled
#: 插件状态, enabled、disabled, 默认enabled
__state__ = "enabled"
# 定义sso server地址并删除SSO多余参数
sso_server = SSO.get("sso_server").strip("/")
if not url_check(sso_server):
raise
# 定义请求函数
def sso_request(url, params=None, data=None, timeout=5, num_retries=1):
"""
@params dict: 请求查询参数
@data dict: 提交表单数据
@timeout int: 超时时间,单位秒
@num_retries int: 超时重试次数
"""
headers = {
"User-Agent":
"Mozilla/5.0 (X11; CentOS; Linux i686; rv:7.0.1406) Gecko/20100101 PassportClient/{}"
def signup():
regUrl = SSO.get("sso_server").strip("/") + "/signUp"
return redirect(regUrl)
def getAdmins():
AdminUsers = requests.get(g.apiurl + "/user/", params={"getadminuser": True}, timeout=5, verify=False, headers={"User-Agent": SSO.get("SSO.PROJECT")}).json().get("data")
return AdminUsers
def signup():
regUrl = SSO.get("SSO.URL").strip("/") + "/SignUp"
return redirect(regUrl)