root / aai / shibboleth.py @ 53481544
History | View | Annotate | Download (3.2 kB)
| 1 | 48130e66 | Georgios Gousios | # Copyright 2011 GRNET S.A. All rights reserved.
|
|---|---|---|---|
| 2 | 462c7e47 | Georgios Gousios | #
|
| 3 | 48130e66 | Georgios Gousios | # Redistribution and use in source and binary forms, with or without
|
| 4 | 48130e66 | Georgios Gousios | # modification, are permitted provided that the following conditions
|
| 5 | 48130e66 | Georgios Gousios | # are met:
|
| 6 | 462c7e47 | Georgios Gousios | #
|
| 7 | 48130e66 | Georgios Gousios | # 1. Redistributions of source code must retain the above copyright
|
| 8 | 48130e66 | Georgios Gousios | # notice, this list of conditions and the following disclaimer.
|
| 9 | 462c7e47 | Georgios Gousios | #
|
| 10 | 48130e66 | Georgios Gousios | # 2. Redistributions in binary form must reproduce the above copyright
|
| 11 | 48130e66 | Georgios Gousios | # notice, this list of conditions and the following disclaimer in the
|
| 12 | 48130e66 | Georgios Gousios | # documentation and/or other materials provided with the distribution.
|
| 13 | 462c7e47 | Georgios Gousios | #
|
| 14 | 48130e66 | Georgios Gousios | # THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
| 15 | 48130e66 | Georgios Gousios | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
| 16 | 48130e66 | Georgios Gousios | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
| 17 | 48130e66 | Georgios Gousios | # ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
| 18 | 48130e66 | Georgios Gousios | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
| 19 | 48130e66 | Georgios Gousios | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
| 20 | 48130e66 | Georgios Gousios | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
| 21 | 48130e66 | Georgios Gousios | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
| 22 | 48130e66 | Georgios Gousios | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
| 23 | 48130e66 | Georgios Gousios | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
| 24 | 48130e66 | Georgios Gousios | # SUCH DAMAGE.
|
| 25 | 85c6267a | Georgios Gousios | |
| 26 | 462c7e47 | Georgios Gousios | #
|
| 27 | 48130e66 | Georgios Gousios | # The views and conclusions contained in the software and documentation are
|
| 28 | 48130e66 | Georgios Gousios | # those of the authors and should not be interpreted as representing official
|
| 29 | 48130e66 | Georgios Gousios | # policies, either expressed or implied, of GRNET S.A.
|
| 30 | 48130e66 | Georgios Gousios | |
| 31 | 48130e66 | Georgios Gousios | # Business Logic for working with sibbolleth users
|
| 32 | 462c7e47 | Georgios Gousios | |
| 33 | 462c7e47 | Georgios Gousios | from synnefo.logic import users |
| 34 | 462c7e47 | Georgios Gousios | |
| 35 | 462c7e47 | Georgios Gousios | class Tokens: |
| 36 | f2bb825f | Faidon Liambotis | # these are mapped by the Shibboleth SP software
|
| 37 | f2bb825f | Faidon Liambotis | SHIB_EPPN = "eppn" # eduPersonPrincipalName |
| 38 | fdc10aee | Faidon Liambotis | SHIB_NAME = "Shib-InetOrgPerson-givenName"
|
| 39 | fdc10aee | Faidon Liambotis | SHIB_SURNAME = "Shib-Person-surname"
|
| 40 | fdc10aee | Faidon Liambotis | SHIB_CN = "Shib-Person-commonName"
|
| 41 | f2bb825f | Faidon Liambotis | SHIB_DISPLAYNAME = "Shib-InetOrgPerson-displayName"
|
| 42 | f2bb825f | Faidon Liambotis | SHIB_EP_AFFILIATION = "Shib-EP-Affiliation"
|
| 43 | fdc10aee | Faidon Liambotis | SHIB_SESSION_ID = "Shib-Session-ID"
|
| 44 | 462c7e47 | Georgios Gousios | |
| 45 | faa26af8 | Georgios Gousios | |
| 46 | f2bb825f | Faidon Liambotis | class NoUniqueToken(BaseException): |
| 47 | faa26af8 | Georgios Gousios | def __init__(self, msg): |
| 48 | faa26af8 | Georgios Gousios | self.msg = msg
|
| 49 | faa26af8 | Georgios Gousios | |
| 50 | faa26af8 | Georgios Gousios | |
| 51 | f2bb825f | Faidon Liambotis | class NoRealName(BaseException): |
| 52 | faa26af8 | Georgios Gousios | def __init__(self, msg): |
| 53 | faa26af8 | Georgios Gousios | self.msg = msg
|
| 54 | faa26af8 | Georgios Gousios | |
| 55 | 462c7e47 | Georgios Gousios | |
| 56 | f2bb825f | Faidon Liambotis | def register_shibboleth_user(tokens): |
| 57 | f2bb825f | Faidon Liambotis | """Registers a Shibboleth user using the input hash as a source for data."""
|
| 58 | 63efc637 | Georgios Gousios | |
| 59 | f2bb825f | Faidon Liambotis | if Tokens.SHIB_DISPLAYNAME in tokens: |
| 60 | f2bb825f | Faidon Liambotis | realname = tokens[Tokens.SHIB_DISPLAYNAME] |
| 61 | f2bb825f | Faidon Liambotis | elif Tokens.SHIB_CN in tokens: |
| 62 | fdc10aee | Faidon Liambotis | realname = tokens[Tokens.SHIB_CN] |
| 63 | f2bb825f | Faidon Liambotis | elif Tokens.SHIB_NAME in tokens and Tokens.SHIB_SURNAME in tokens: |
| 64 | f2bb825f | Faidon Liambotis | realname = tokens[Tokens.SHIB_NAME] + ' ' + tokens[Tokens.SHIB_SURNAME]
|
| 65 | f2bb825f | Faidon Liambotis | else:
|
| 66 | f2bb825f | Faidon Liambotis | raise NoRealName("Authentication does not return the user's name") |
| 67 | 1896d262 | Georgios Gousios | |
| 68 | f2bb825f | Faidon Liambotis | try:
|
| 69 | f2bb825f | Faidon Liambotis | affiliation = tokens[Tokens.SHIB_EP_AFFILIATION] |
| 70 | f2bb825f | Faidon Liambotis | except KeyError: |
| 71 | f2bb825f | Faidon Liambotis | affiliation = 'member'
|
| 72 | 462c7e47 | Georgios Gousios | |
| 73 | f2bb825f | Faidon Liambotis | try:
|
| 74 | f2bb825f | Faidon Liambotis | eppn = tokens[Tokens.SHIB_EPPN] |
| 75 | f2bb825f | Faidon Liambotis | except KeyError: |
| 76 | faa26af8 | Georgios Gousios | raise NoUniqueToken("Authentication does not return a unique token") |
| 77 | faa26af8 | Georgios Gousios | |
| 78 | f2bb825f | Faidon Liambotis | if affiliation == 'student': |
| 79 | f2bb825f | Faidon Liambotis | users.register_student(realname, '' , eppn)
|
| 80 | 1896d262 | Georgios Gousios | else:
|
| 81 | f2bb825f | Faidon Liambotis | # this includes faculty but also staff, alumni, member, other, ...
|
| 82 | f2bb825f | Faidon Liambotis | users.register_professor(realname, '' , eppn)
|
| 83 | dbf97ed2 | Georgios Gousios | |
| 84 | 63efc637 | Georgios Gousios | return True |