Revision 462c7e47
| b/api/tests_auth.py | ||
|---|---|---|
| 13 | 13 |
fixtures = ['auth_test_data'] |
| 14 | 14 |
apibase = '/api/v1.0' |
| 15 | 15 |
|
| 16 |
|
|
| 17 |
|
|
| 18 | 16 |
def setUp(self): |
| 19 | 17 |
self.client = Client() |
| 20 | 18 |
|
| 21 | 19 |
def register_sibbolleth_user(self): |
| 22 | 20 |
""" test registration of sibboleth user upon new incoming request |
| 23 | 21 |
""" |
| 22 |
response = self.client.get( self.apibase + '/servers', {},
|
|
| 23 |
**{'X-givenName':'notme',
|
|
| 24 |
'X-sn':'0xdeadbabe'}) |
|
| 24 | 25 |
|
| 25 | 26 |
|
| 26 | 27 |
def test_auth_sibbolleth(self): |
| 27 | 28 |
""" test whether the authentication mechanism sets the correct headers |
| 28 | 29 |
""" |
| 29 | 30 |
|
| 30 |
|
|
| 31 | 31 |
def test_auth_headers(self): |
| 32 | 32 |
""" test whether the authentication mechanism sets the correct headers |
| 33 | 33 |
""" |
| b/logic/sibbolleth.py | ||
|---|---|---|
| 1 |
# |
|
| 2 |
# Business Logic for working with sibbolleth users |
|
| 3 |
# |
|
| 4 |
# Copyright 2010 Greek Research and Technology Network |
|
| 5 |
# |
|
| 6 |
|
|
| 7 |
from synnefo.logic import users |
|
| 8 |
|
|
| 9 |
class Tokens: |
|
| 10 |
SIB_GIVEN_NAME = "givenName" |
|
| 11 |
SIB_SN = "sn" |
|
| 12 |
SIB_CN = "cn" |
|
| 13 |
SIB_DISPLAY_NAME = "displayName" |
|
| 14 |
SIB_EDU_PERSON_PRINCIPAL_NAME = "eduPersonPrincipalName" |
|
| 15 |
SIB_EDU_PERSON_AFFILIATION = "eduPersonAffiliation" |
|
| 16 |
SIB_SCHAC_HOME_ORGANISATION = "schacHomeOrganization" |
|
| 17 |
SIB_SCHAC_PERSONAL_UNIQUE_CODE = "schacPersonalUniqueCode" |
|
| 18 |
SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH = "grEduPersonUndergraduateBranch" |
|
| 19 |
|
|
| 20 |
class NoUniqueToken(object): |
|
| 21 |
pass |
|
| 22 |
|
|
| 23 |
|
|
| 24 |
def register_sibbolleth_user(tokens): |
|
| 25 |
"""Registers a sibbolleth user using the input hash as a source for data. |
|
| 26 |
The token requirements are described in this document |
|
| 27 |
http://aai.grnet.gr/policy |
|
| 28 |
""" |
|
| 29 |
|
|
| 30 |
realname = tokens[Tokens.SIB_GIVEN_NAME] | tokens[Tokens.SIB_GIVEN_NAME] |
|
| 31 |
is_student = tokens[Tokens.SIB_SCHAC_PERSONAL_UNIQUE_CODE] | \ |
|
| 32 |
tokens[Tokens.SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH] |
|
| 33 |
|
|
| 34 |
unq = tokens[Tokens.SIB_EDU_PERSON_PRINCIPAL_NAME] |
|
| 35 |
|
|
| 36 |
if unq is None: |
|
| 37 |
raise NoUniqueToken |
|
| 38 |
|
|
| 39 |
if is_student: |
|
| 40 |
users.register_student(realname, '' ,unq) |
|
| 41 |
else : |
|
| 42 |
users.register_professor(realname, '' ,unq) |
|
| b/logic/users.py | ||
|---|---|---|
| 36 | 36 |
md5.update(user.name) |
| 37 | 37 |
return md5.hexdigest() |
| 38 | 38 |
|
| 39 |
|
|
| 40 |
|
|
| 39 | 41 |
#def login(username, password): |
| 42 |
|
|
| 43 |
|
|
Also available in: Unified diff