def login_oauth2(request):
try:
common.authentication_required(request)
logger.info('Authenticating OAuth2 for {}'.format(
request.user.auth.openid_url))
auth_service, cert_service = openid.services(
request.user.auth.openid_url, (URN_AUTHORIZE, URN_RESOURCE))
redirect_url, state = oauth2.get_authorization_url(
auth_service.server_url, cert_service.server_url)
logger.info('Retrieved authorization url for OpenID {}'.format(
request.user.auth.openid_url))
request.session.update({
'oauth_state': state,
'openid': request.user.auth.openid_url
})
except WPSError as e:
logger.exception('Error authenticating OAuth2')
return common.failed(str(e))
else:
return common.success({'redirect': redirect_url})
def login_mpc(request):
try:
common.authentication_required(request)
form = forms.MPCForm(request.POST)
data = common.validate_form(form, ('username', 'password'))
logger.info('Authenticating MyProxyClient for {}'.format(
data['username']))
services = openid.services(request.user.auth.openid_url, (URN_MPC, ))
g = re.match('socket://(.*):(.*)', services[0].server_url)
if g is None or len(g.groups()) != 2:
raise MPCEndpointParseError()
host, port = g.groups()
from OpenSSL import SSL
MyProxyClient.SSL_METHOD = SSL.TLSv1_2_METHOD
try:
m = MyProxyClient(hostname=host, caCertDir=settings.WPS_CA_PATH)
c = m.logon(data['username'], data['password'], bootstrap=True)
except Exception as e:
raise common.AuthenticationError(user=data['username'])
logger.info(
'Authenticated with MyProxyClient backend for user {}'.format(
data['username']))
request.user.auth.update('myproxyclient', c)
except WPSError as e:
logger.exception('Error authenticating MyProxyClient')
return common.failed(str(e))
else:
metrics.track_login(metrics.WPS_MPC_LOGIN_SUCCESS,
request.user.auth.openid_url)
return common.success({
'type': request.user.auth.type,
'api_key': request.user.auth.api_key
})
finally:
if not request.user.is_anonymous:
metrics.track_login(metrics.WPS_MPC_LOGIN,
request.user.auth.openid_url)
def user_logout(request):
try:
common.authentication_required(request)
logger.info('Logging user {} out'.format(request.user.username))
logout(request)
except WPSError as e:
logger.exception('Error logging user out')
return common.failed(str(e))
else:
return common.success('Logged out')
def processes(request):
try:
common.authentication_required(request)
data = [
dict(identifier=x.identifier, description=x.description)
for x in models.Process.objects.all() if x.enabled
]
except WPSError as e:
logger.exception('Error retrieving processes')
return common.failed(e.message)
else:
return common.success(data)
def user_cert(request):
try:
if not settings.CERT_DOWNLOAD_ENABLED:
return http.HttpResponseBadRequest()
metrics.WPS_CERT_DOWNLOAD.inc()
common.authentication_required(request)
user = request.user
cert = user.auth.cert
content_type = 'application/force-download'
response = http.HttpResponse(cert, content_type=content_type)
response['Content-Disposition'] = 'attachment; filename="cert.pem"'
response['Content-Length'] = len(cert)
except WPSError as e:
return http.HttpResponseBadRequest()
else:
return response