def pickup_request(reference_id): username = ConfigurationManager.get_configuration( IdpConstants.ADAPTER_USERNAME) password = ConfigurationManager.get_configuration( IdpConstants.ADAPTER_PASSWORD) return "GET " + UrlUtil.pickup_url(reference_id) + "\n" \ + IdpConstants.PING_ADAPTER_HEADER + ": " \ + ConfigurationManager.get_configuration(IdpConstants.ADAPTER_ID) + "\n" \ + "Authentication: " + base64.b64encode((username + ":" + password).encode('ascii')).decode('ascii')
def pickup_attributes(reference_value): # Pickup the attributes from PingFederate pickup_location = UrlUtil.pickup_url(reference_value) username = ConfigurationManager.get_configuration(IdpConstants.ADAPTER_USERNAME) password = ConfigurationManager.get_configuration(IdpConstants.ADAPTER_PASSWORD) headers = { IdpConstants.PING_ADAPTER_HEADER: ConfigurationManager.get_configuration(IdpConstants.ADAPTER_ID) } # For simplicity, trust any certificate. Do not use in production. return requests.get(pickup_location, headers=headers, auth=(username, password), verify=False)
def dropoff_post(user_attributes): username = ConfigurationManager.get_configuration( IdpConstants.ADAPTER_USERNAME) password = ConfigurationManager.get_configuration( IdpConstants.ADAPTER_PASSWORD) return "POST " + UrlUtil.dropoff_url() + "\n" \ + "Content-Type: application/json\n" \ + "Content-Length: " + str(len(user_attributes)) + "\n" \ + IdpConstants.PING_ADAPTER_HEADER + ": " \ + ConfigurationManager.get_configuration(IdpConstants.ADAPTER_ID) + "\n" \ + "Authentication: " + base64.b64encode((username + ":" + password).encode('ascii')).decode('ascii') + "\n" \ + "\n" \ + user_attributes
def handle(self, request): username = request.form[IdpConstants.USERNAME] # create dictionary containing user attributes idp_user_attributes = dict.get(IdpSampleUserLoader.get_user(username), "attributes") idp_user_attributes.update({IdpConstants.SUBJECT: username}) idp_user_attributes.update({ IdpConstants.AUTH_INST: datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S") }) # Drop the attributes into PingFederate dropoff_location = UrlUtil.dropoff_url() username = ConfigurationManager.get_configuration( IdpConstants.ADAPTER_USERNAME) password = ConfigurationManager.get_configuration( IdpConstants.ADAPTER_PASSWORD) headers = { "Content-type": "application/json", IdpConstants.PING_ADAPTER_HEADER: ConfigurationManager.get_configuration(IdpConstants.ADAPTER_ID) } # For simplicity, trust any certificate. Do not use in production. response = requests.post(dropoff_location, json=idp_user_attributes, auth=(username, password), headers=headers, verify=False) response_dict = json.loads(response.text) response_json = json.dumps(response.json(), indent=4) idp_user_attributes = json.dumps(idp_user_attributes, indent=4) return render_template( 'Dropoff.html', resumePath=request.form[IdpConstants.RESUME_PATH], resumeUrl=UrlUtil.resume_url(request), REF=response_dict[IdpConstants.REF], configureUrl=UrlUtil.configure_url(request), userAttributes=idp_user_attributes, httpStatus=ReferenceAdapterUtil.http_status(response.status_code), dropoffEndpoint=IdpConstants.DROPOFF_ENDPOINT, ssoUrl=UrlUtil.sso_url(), rawRequest=ReferenceAdapterUtil.dropoff_post(idp_user_attributes), rawResponse=ReferenceAdapterUtil.session_response( response.headers, response_json))
def handle(self, request): if request.method == 'GET': return render_template( 'Configuration.html', configurationError=None, configureUrl=UrlUtil.configure_url(request), basePfUrlName=IdpConstants.BASE_PF_URL, basePfUrl=ConfigurationManager.get_configuration( IdpConstants.BASE_PF_URL), adapterUsernameName=IdpConstants.ADAPTER_USERNAME, adapterUsername=ConfigurationManager.get_configuration( IdpConstants.ADAPTER_USERNAME), adapterPassphraseName=IdpConstants.ADAPTER_PASSWORD, adapterPassphrase=ConfigurationManager.get_configuration( IdpConstants.ADAPTER_PASSWORD), adapterIdName=IdpConstants.ADAPTER_ID, adapterId=ConfigurationManager.get_configuration( IdpConstants.ADAPTER_ID), targetUrlName=IdpConstants.TARGET_URL, targetUrl=ConfigurationManager.get_configuration( IdpConstants.TARGET_URL), partnerIdName=IdpConstants.PARTNER_ENTITY_ID, partnerId=ConfigurationManager.get_configuration( IdpConstants.PARTNER_ENTITY_ID)) else: try: ConfigurationManager.save_configuration(request) ConfigurationManager.load_configuration() return redirect(UrlUtil.sso_url(), code=302) except Exception as e: return render_template( 'Configuration.html', configurationError=e, configureUrl=UrlUtil.configure_url(request), basePfUrlName=IdpConstants.BASE_PF_URL, basePfUrl=request.form[IdpConstants.BASE_PF_URL], adapterUsernameName=IdpConstants.ADAPTER_USERNAME, adapterUsername=request.form[ IdpConstants.ADAPTER_USERNAME], adapterPassphraseName=IdpConstants.ADAPTER_PASSWORD, adapterPassphrase=request.form[ IdpConstants.ADAPTER_PASSWORD], adapterIdName=IdpConstants.ADAPTER_ID, adapterId=request.form[IdpConstants.ADAPTER_ID], targetUrlName=IdpConstants.TARGET_URL, targetUrl=request.form[IdpConstants.TARGET_URL], partnerIdName=IdpConstants.PARTNER_ENTITY_ID, partnerId=request.form[IdpConstants.PARTNER_ENTITY_ID])
def dropoff_url(): return ConfigurationManager.get_configuration(IdpConstants.BASE_PF_URL) \ + IdpConstants.DROPOFF_ENDPOINT
def pickup_url(reference_id): return ConfigurationManager.get_configuration(IdpConstants.BASE_PF_URL) \ + IdpConstants.PICKUP_ENDPOINT \ + "?REF=" + reference_id
def sso_url(): return ConfigurationManager.get_configuration(IdpConstants.BASE_PF_URL) + IdpConstants.START_SP_SSO \ + "?PartnerIdpId=" + ConfigurationManager.get_configuration(IdpConstants.PARTNER_ENTITY_ID)
def resume_logout_url(request, reference_id): return ConfigurationManager.get_configuration(IdpConstants.BASE_PF_URL) + request.form[IdpConstants.RESUME_PATH] \ + "?REF=" + reference_id
def resume_to_pf_url(request): return ConfigurationManager.get_configuration(IdpConstants.BASE_PF_URL) + request.form[IdpConstants.RESUME_PATH] \ + "?REF=" + request.form[IdpConstants.REF] + "&TargetResource=" \ + url.quote_plus(ConfigurationManager.get_configuration(IdpConstants.TARGET_URL))
return controller.handle(request) @app.route('/AgentlessIdPSample/app/login', methods=['POST', 'GET']) def login(): controller = LoginController() return controller.handle(request) @app.route('/AgentlessIdPSample/app/resume', methods=['POST']) def resume(): controller = ResumeController() return controller.handle(request) @app.route('/AgentlessIdPSample/app/logout', methods=['POST', 'GET']) def logout(): controller = LogoutController() return controller.handle(request) @app.route('/AgentlessIdPSample/app/configure', methods=['POST', 'GET']) def configure(): controller = ConfigurationController() return controller.handle(request) if __name__ == "__main__": ConfigurationManager() app.run(host='127.0.0.1', port=8080, ssl_context='adhoc')