def authenticatedService(request, **kwargs): operation = kwargs['operation'] isHtmlView = kwargs['isHtmlView'] redirectResponse = getUserInfo(request, kwargs) if redirectResponse != None: return redirectResponse userId = kwargs['userId'] tenantKey = kwargs['tenant'] tenant = Tenant.objects.get(tenantKey=tenantKey) if tenant == None: return emitErrorResponse(kwargs, UNIDENTIFIED_TENANT_ERROR, isHtmlView) try: tenantUser = SiteUser.objects.get(userId=userId, tenant=tenant) except SiteUser.DoesNotExist: tenantUser = None # see adapter in security package for custom behavior user = auth.authenticate(**kwargs) if user != None and user.is_authenticated: auth.login(request, user) try: service = Service(user, tenant, tenantUser) result = service.doOperation(operation, request, kwargs) except: auth.logout(request) raise auth.logout(request) else: return emitErrorResponse(kwargs, USER_CANT_BE_AUTHENTICATED % (kwargs), isHtmlView) return result
def getUserInfo(request, kwargs): redirectResponse = None ssoSource = kwargs['sso'] attributeDict = dict() userId = None authMemCookieKey = request.COOKIES.get('AuthMemCookie') if authMemCookieKey != None: attrBuf = cache.get(authMemCookieKey) if attrBuf != None: attributes = attrBuf.split('\r\n') for attributePair in attributes: tokens = attributePair.split('=') if len(tokens) == 2: name = tokens[0] value = tokens[1] log(name + '=' + value) attributeDict[name] = value userId = attributeDict.get('ATTR_UserId') if userId != None: kwargs['userId'] = userId kwargs['firstname'] = attributeDict.get('ATTR_FirstName') kwargs['lastname'] = attributeDict.get('ATTR_LastName') kwargs['emailAddress'] = attributeDict.get('ATTR_EmailAddress') kwargs['role'] = 'student' log('OpenSSO authenticated ' + userId) elif ssoSource == None or ssoSource.endswith('andDB'): getUserInfoTest(request, kwargs) log('TestAuthenticator authenticated ' + kwargs['userId']) else: redirectResponse = emitErrorResponse(kwargs, UNIDENTIFIED_USER_ERROR, kwargs['isHtmlView']) return redirectResponse