root / aai / shibboleth.py @ 63efc637
History | View | Annotate | Download (1.7 kB)
1 |
#
|
---|---|
2 |
# Business Logic for working with sibbolleth users
|
3 |
#
|
4 |
# Copyright 2010 Greek Research and Technology Network
|
5 |
#
|
6 |
|
7 |
from synnefo.logic import users |
8 |
|
9 |
class Tokens: |
10 |
SIB_NAME = "Shib-InetOrgPerson-givenName"
|
11 |
SIB_SURNAME = "Shib-Person-surname"
|
12 |
SIB_CN = "Shib-Person-commonName"
|
13 |
SIB_DISPLAY_NAME = "displayName"
|
14 |
SIB_EPPN = "eppn"
|
15 |
SIB_EDU_PERSON_AFFILIATION = "shib_ep_primaryaffiliation"
|
16 |
SIB_SCHAC_PERSONAL_UNIQUE_CODE = "schacPersonalUniqueCode"
|
17 |
SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH = "grEduPersonUndergraduateBranch"
|
18 |
|
19 |
class NoUniqueToken(object): |
20 |
|
21 |
def __init__(self, msg): |
22 |
self.msg = msg
|
23 |
|
24 |
pass
|
25 |
|
26 |
class NoRealName(object): |
27 |
|
28 |
def __init__(self, msg): |
29 |
self.msg = msg
|
30 |
|
31 |
pass
|
32 |
|
33 |
def register_shibboleth_user(tokens): |
34 |
"""Registers a sibbolleth user using the input hash as a source for data.
|
35 |
The token requirements are described in:
|
36 |
http://aai.grnet.gr/policy
|
37 |
"""
|
38 |
realname = None
|
39 |
print tokens
|
40 |
|
41 |
if Tokens.SIB_SURNAME in tokens: |
42 |
realname = tokens[Tokens.SIB_SURNAME] |
43 |
|
44 |
if Tokens.SIB_NAME in tokens: |
45 |
realname = tokens[Tokens.SIB_NAME] + ' ' + realname
|
46 |
|
47 |
if Tokens.SIB_CN in tokens: |
48 |
realname = tokens[Tokens.SIB_CN] |
49 |
|
50 |
is_student = Tokens.SIB_SCHAC_PERSONAL_UNIQUE_CODE in tokens or \ |
51 |
Tokens.SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH in tokens
|
52 |
|
53 |
unq = tokens.get(Tokens.SIB_EPPN) |
54 |
|
55 |
if unq is None: |
56 |
raise NoUniqueToken("Authentication does not return a unique token") |
57 |
|
58 |
if realname is None: |
59 |
raise NoRealName("Authentication does not return the user's name") |
60 |
|
61 |
if is_student:
|
62 |
users.register_student(realname, '' ,unq)
|
63 |
else:
|
64 |
users.register_professor(realname, '' ,unq)
|
65 |
|
66 |
return True |