/ - Diff - Synnefo - Greek Research and Technology Network's projects

     from django.conf import settings
     from django.http import HttpResponse, HttpResponseRedirect
     from synnefo.db.models import SynnefoUser
     from synnefo.logic.shibboleth import Tokens, register_shibboleth_user
     from synnefo.aai.shibboleth import Tokens, register_shibboleth_user
     import time
     class SynnefoAuthMiddleware(object):
-...
                     response['X-CDN-Management-Url'] = ""
                 return response
             #No authentication info found in headers, redirect to Shibboleth
             return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
             if settings.TESTING:
                 if 'TEST-AAI' in request.META:
                     return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
             else:
                 #No authentication info found in headers, redirect to Shibboleth
                 return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
         def process_response(self, request, response):
             #Tell proxies and other interested parties that the

+    #
     # Business Logic for working with sibbolleth users
+    #
     # Copyright 2010 Greek Research and Technology Network
+    #
     from synnefo.logic import users
     class Tokens:
         SIB_GIVEN_NAME = "givenName"
         SIB_SN = "sn"
         SIB_CN = "cn"
         SIB_DISPLAY_NAME = "displayName"
         SIB_EDU_PERSON_PRINCIPAL_NAME = "eduPersonPrincipalName"
         SIB_EDU_PERSON_AFFILIATION = "eduPersonAffiliation"
         SIB_SCHAC_HOME_ORGANISATION = "schacHomeOrganization"
         SIB_SCHAC_PERSONAL_UNIQUE_CODE = "schacPersonalUniqueCode"
         SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH = "grEduPersonUndergraduateBranch"
     class NoUniqueToken(object):
         def __init__(self, msg):
             self.msg = msg
         pass
     class NoRealName(object):
         def __init__(self, msg):
             self.msg = msg
         pass
     def register_shibboleth_user(tokens):
         """Registers a sibbolleth user using the input hash as a source for data.
            The token requirements are described in:
            http://aai.grnet.gr/policy
         """
         realname = None
         if Tokens.SIB_GIVEN_NAME in tokens:
             realname = tokens[Tokens.SIB_GIVEN_NAME]
         if Tokens.SIB_DISPLAY_NAME in tokens:
             realname = tokens[Tokens.SIB_DISPLAY_NAME]
         is_student = Tokens.SIB_SCHAC_PERSONAL_UNIQUE_CODE in tokens or \
                      Tokens.SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH in tokens
         unq = tokens.get(Tokens.SIB_EDU_PERSON_PRINCIPAL_NAME)
         if unq is None:
             raise NoUniqueToken("Authentication does not return a unique token")
         if realname is None:
             raise NoRealName("Authentication does not return the user's name")
         if is_student:
             users.register_student(realname, '' ,unq)
         else:
             users.register_professor(realname, '' ,unq)
         return True

+    #
     # Unit Tests for api
     # Unit Tests for aai
+    #
     # Provides automated tests for api module
     # Provides automated tests for aai module. The tests
+    #
     # Copyright 2011 Greek Research and Technology Network
+    #
-...
     from django.test.client import Client
     from django.conf import settings
     from synnefo.logic.shibboleth import Tokens, NoUniqueToken
     from synnefo.aai.shibboleth import Tokens, NoUniqueToken
     from synnefo.db.models import SynnefoUser
     from datetime import datetime, timedelta
-...
             response = self.client.get(self.apibase + '/servers', {},
                                        **{Tokens.SIB_GIVEN_NAME: 'Jimmy',
                                           Tokens.SIB_EDU_PERSON_PRINCIPAL_NAME: 'jh@gmail.com',
                                           Tokens.SIB_DISPLAY_NAME: 'Jimmy Hendrix'})
                                           Tokens.SIB_DISPLAY_NAME: 'Jimmy Hendrix',
                                           'TEST-AAI' : 'true'})
             user = None
             try:
                 user = SynnefoUser.objects.get(uniq = "jh@gmail.com")
-...
             """
             response = self.client.get(self.apibase + '/servers', {},
                                         **{Tokens.SIB_GIVEN_NAME: 'Jimmy',
                                         Tokens.SIB_DISPLAY_NAME: 'Jimmy Hendrix'})
                                         Tokens.SIB_DISPLAY_NAME: 'Jimmy Hendrix',
                                         'TEST-AAI' : 'true'})
             self._test_redirect(response)
         def test_shibboleth_wrong_from_request(self):
-...
                                           Tokens.SIB_EDU_PERSON_PRINCIPAL_NAME: 'jh@gmail.com',
                                           Tokens.SIB_DISPLAY_NAME: 'Jimmy Hendrix',
                                           'REMOTE_ADDR': '1.2.3.4',
                                           'SERVER_NAME': 'nohost.nodomain'})
                                           'SERVER_NAME': 'nohost.nodomain',
                                           'TEST-AAI' : 'true'})
             self._test_redirect(response)
         def test_shibboleth_expired_token(self):
-...
             self.assertNotEqual(user.auth_token_created, None)
             self._update_user_ts(user)
             response = self.client.get(self.apibase + '/servers', {},
                                        **{'X-Auth-Token': user.auth_token})
                                        **{'X-Auth-Token': user.auth_token,
                                           'TEST-AAI' : 'true'})
             self._test_redirect(response)
         def test_shibboleth_redirect(self):
             """ test redirect to Sibboleth page
             """
             response = self.client.get(self.apibase + '/servers')
             response = self.client.get(self.apibase + '/servers', {}, **{'TEST-AAI' : 'true'})
             self._test_redirect(response)
         def test_shibboleth_auth(self):
-...
             """
             user = SynnefoUser.objects.get(uniq = "test@synnefo.gr")
             response = self.client.get(self.apibase + '/servers', {},
                                        **{'X-Auth-Token': user.auth_token})
                                        **{'X-Auth-Token': user.auth_token,
                                           'TEST-AAI' : 'true'})
             self.assertTrue(response.status_code, 200)
             self.assertTrue('Vary' in response)
             self.assertTrue('X-Auth-Token' in response['Vary'])
-...
             """
             response = self.client.get(self.apibase + '/servers', {},
                                        **{'X-Auth-User': 'notme',
                                           'X-Auth-Key': '0xdeadbabe'})
                                           'X-Auth-Key': '0xdeadbabe',
                                           'TEST-AAI' : 'true'})
             self.assertEquals(response.status_code, 401)
         def test_oapi_auth(self):
-...
             """
             response = self.client.get(self.apibase + '/', {},
                                        **{'X-Auth-User': 'testdbuser',
                                           'X-Auth-Key': 'test@synnefo.gr'})
                                           'X-Auth-Key': 'test@synnefo.gr',
                                           'TEST-AAI' : 'true'})
             self.assertEquals(response.status_code, 204)
             self.assertNotEqual(response['X-Auth-Token'], None)
             self.assertEquals(response['X-Server-Management-Url'], '')
-...
             user.auth_token_created = (datetime.now() -
                                        timedelta(hours = settings.AUTH_TOKEN_DURATION))
             user.save()

+    #
     # Business Logic for working with sibbolleth users
+    #
     # Copyright 2010 Greek Research and Technology Network
+    #
     from synnefo.logic import users
     class Tokens:
         SIB_GIVEN_NAME = "givenName"
         SIB_SN = "sn"
         SIB_CN = "cn"
         SIB_DISPLAY_NAME = "displayName"
         SIB_EDU_PERSON_PRINCIPAL_NAME = "eduPersonPrincipalName"
         SIB_EDU_PERSON_AFFILIATION = "eduPersonAffiliation"
         SIB_SCHAC_HOME_ORGANISATION = "schacHomeOrganization"
         SIB_SCHAC_PERSONAL_UNIQUE_CODE = "schacPersonalUniqueCode"
         SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH = "grEduPersonUndergraduateBranch"
     class NoUniqueToken(object):
         def __init__(self, msg):
             self.msg = msg
         pass
     class NoRealName(object):
         def __init__(self, msg):
             self.msg = msg
         pass
     def register_shibboleth_user(tokens):
         """Registers a sibbolleth user using the input hash as a source for data.
            The token requirements are described in:
            http://aai.grnet.gr/policy
         """
         realname = None
         if Tokens.SIB_GIVEN_NAME in tokens:
             realname = tokens[Tokens.SIB_GIVEN_NAME]
         if Tokens.SIB_DISPLAY_NAME in tokens:
             realname = tokens[Tokens.SIB_DISPLAY_NAME]
         is_student = Tokens.SIB_SCHAC_PERSONAL_UNIQUE_CODE in tokens or \
                      Tokens.SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH in tokens
         unq = tokens.get(Tokens.SIB_EDU_PERSON_PRINCIPAL_NAME)
         if unq is None:
             raise NoUniqueToken("Authentication does not return a unique token")
         if realname is None:
             raise NoRealName("Authentication does not return the user's name")
         if is_student:
             users.register_student(realname, '' ,unq)
         else:
             users.register_professor(realname, '' ,unq)
         return True

     MIDDLEWARE_CLASSES = (
         'django.contrib.sessions.middleware.SessionMiddleware',
         #'django.contrib.auth.middleware.AuthenticationMiddleware',
         'synnefo.aai.middleware.SynnefoAuthMiddleware',
         'django.middleware.locale.LocaleMiddleware',
         'django.middleware.common.CommonMiddleware',
         'synnefo.middleware.StripURLMiddleware',
         #'synnefo.api.middleware.SynnefoAuthMiddleware',
         'django.contrib.messages.middleware.MessageMiddleware',
         'django.contrib.messages.middleware.MessageMiddleware'
+    )
     ROOT_URLCONF = 'synnefo.urls'
-...
     #Number of hours during which a user token is active
     AUTH_TOKEN_DURATION = 24
     #Controls whether the system is running tests
     #Set as reading the DEBUG variable is not reliable (Django changes its value
     # unpredictably)
     TESTING = True

Synnefo

Revision 8f377cd6