Пример #1
0
    def test_construct(self):
        self.failUnlessEqual([], self.req.auth_policies)
        self.failUnlessEqual(None, self.req.auth_age)
        self.failUnlessEqual('pape', self.req.ns_alias)
        self.failUnlessEqual(None, self.req.nist_auth_level)

        req2 = pape.Response([pape.AUTH_MULTI_FACTOR], 1000, 3)
        self.failUnlessEqual([pape.AUTH_MULTI_FACTOR], req2.auth_policies)
        self.failUnlessEqual(1000, req2.auth_age)
        self.failUnlessEqual(3, req2.nist_auth_level)
Пример #2
0
    def test_construct(self):
        self.assertEqual(self.resp.auth_policies, [])
        self.assertIsNone(self.resp.auth_time)
        self.assertEqual(self.resp.ns_alias, 'pape')
        self.assertIsNone(self.resp.nist_auth_level)

        req2 = pape.Response([pape.AUTH_MULTI_FACTOR],
                             "2004-12-11T10:30:44Z", {pape.LEVELS_NIST: 3})
        self.assertEqual(req2.auth_policies, [pape.AUTH_MULTI_FACTOR])
        self.assertEqual(req2.auth_time, "2004-12-11T10:30:44Z")
        self.assertEqual(req2.nist_auth_level, 3)
Пример #3
0
def processTrustResult(request):
    """
    Handle the result of a trust decision and respond to the RP
    accordingly.
    """
    # Get the request from the session so we can construct the
    # appropriate response.
    openid_request = getRequest(request)

    # The identifier that this server can vouch for
    response_identity = request.build_absolute_uri(reverse('server:local_id'))
    # Method `build_absolute_uri` returns str in both python 2 and 3, convert to text_type in 2.7
    if isinstance(response_identity, six.binary_type):
        response_identity = response_identity.decode('utf-8')

    # If the decision was to allow the verification, respond
    # accordingly.
    allowed = 'allow' in request.POST

    # Generate a response with the appropriate answer.
    openid_response = openid_request.answer(allowed,
                                            identity=response_identity)

    # Send Simple Registration data in the response, if appropriate.
    if allowed:
        sreg_data = {
            'fullname': 'Example User',
            'nickname': 'example',
            'dob': '1970-01-01',
            'email': '*****@*****.**',
            'gender': 'F',
            'postcode': '12345',
            'country': 'ES',
            'language': 'eu',
            'timezone': 'America/New_York',
        }

        sreg_req = sreg.SRegRequest.fromOpenIDRequest(openid_request)
        sreg_resp = sreg.SRegResponse.extractResponse(sreg_req, sreg_data)
        openid_response.addExtension(sreg_resp)

        pape_response = pape.Response()
        pape_response.setAuthLevel(pape.LEVELS_NIST, 0)
        openid_response.addExtension(pape_response)

    return displayResponse(request, openid_response)
Пример #4
0
def addPape(openid_request, openid_response):
    auth_time = request.auth_module.last_loggedin(). \
        strftime('%Y-%m-%dT%H:%M:%SZ')
    auth_policies = []
    auth_levels = {}
    auth_levels[pape.LEVELS_NIST] = 2

    if request.auth_module.used_multi_factor():
        auth_policies.append(pape.AUTH_MULTI_FACTOR)
        if request.auth_module.used_multi_factor_physical():
            auth_policies.append(pape.AUTH_MULTI_FACTOR_PHYSICAL)
            if request.auth_module.used_phishing_resistant():
                auth_policies.append(pape.AUTH_PHISHING_RESISTANT)
                auth_levels[pape.LEVELS_NIST] = 3
    else:
        auth_policies.append(pape.AUTH_NONE)

    pape_resp = pape.Response(auth_policies=auth_policies,
                              auth_time=auth_time,
                              auth_levels=auth_levels)
    if openid_response:
        openid_response.addExtension(pape_resp)
    return auth_levels[pape.LEVELS_NIST]
Пример #5
0
 def setUp(self):
     self.resp = pape.Response()