diff options
| author | Nathaniel McCallum <npmccallum@redhat.com> | 2014-05-28 11:38:40 -0400 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2014-06-26 15:55:24 +0200 |
| commit | 14b38b7704778b4000a7b1b31d78fbb6b45e647b (patch) | |
| tree | 13408e8d9f6204e7f311592bd4c1ab7f284a6744 /ipaserver/plugins | |
| parent | 1c94edd3a09711d85ba099bd815c0bdd8f0210c1 (diff) | |
| download | freeipa-14b38b7704778b4000a7b1b31d78fbb6b45e647b.tar.gz freeipa-14b38b7704778b4000a7b1b31d78fbb6b45e647b.tar.xz freeipa-14b38b7704778b4000a7b1b31d78fbb6b45e647b.zip | |
Add /session/token_sync POST support
This HTTP call takes the following parameters:
* user
* password
* first_code
* second_code
* token (optional)
Using this information, the server will perform token synchronization.
If the token is not specified, all tokens will be searched for synchronization.
Otherwise, only the token specified will be searched.
https://fedorahosted.org/freeipa/ticket/4218
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'ipaserver/plugins')
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 14 | ||||
| -rw-r--r-- | ipaserver/plugins/xmlserver.py | 3 |
2 files changed, 12 insertions, 5 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 29bb20d41..9ecd0b87c 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -93,7 +93,7 @@ class ldap2(LDAPClient, CrudBackend): def create_connection(self, ccache=None, bind_dn=None, bind_pw='', tls_cacertfile=None, tls_certfile=None, tls_keyfile=None, - debug_level=0, autobind=False): + debug_level=0, autobind=False, serverctrls=None, clientctrls=None): """ Connect to LDAP server. @@ -151,16 +151,22 @@ class ldap2(LDAPClient, CrudBackend): context=krbV.default_context()).principal().name os.environ['KRB5CCNAME'] = ccache - conn.sasl_interactive_bind_s(None, SASL_GSSAPI) + conn.sasl_interactive_bind_s(None, SASL_GSSAPI, + serverctrls=serverctrls, + clientctrls=clientctrls) setattr(context, 'principal', principal) else: # no kerberos ccache, use simple bind or external sasl if autobind: pent = pwd.getpwuid(os.geteuid()) auth_tokens = _ldap.sasl.external(pent.pw_name) - conn.sasl_interactive_bind_s(None, auth_tokens) + conn.sasl_interactive_bind_s(None, auth_tokens, + serverctrls=serverctrls, + clientctrls=clientctrls) else: - conn.simple_bind_s(bind_dn, bind_pw) + conn.simple_bind_s(bind_dn, bind_pw, + serverctrls=serverctrls, + clientctrls=clientctrls) return conn diff --git a/ipaserver/plugins/xmlserver.py b/ipaserver/plugins/xmlserver.py index 8d96262cf..7460ead69 100644 --- a/ipaserver/plugins/xmlserver.py +++ b/ipaserver/plugins/xmlserver.py @@ -25,7 +25,7 @@ Loads WSGI server plugins. from ipalib import api if 'in_server' in api.env and api.env.in_server is True: - from ipaserver.rpcserver import wsgi_dispatch, xmlserver, jsonserver_kerb, jsonserver_session, login_kerberos, login_password, change_password, xmlserver_session + from ipaserver.rpcserver import wsgi_dispatch, xmlserver, jsonserver_kerb, jsonserver_session, login_kerberos, login_password, change_password, sync_token, xmlserver_session api.register(wsgi_dispatch) api.register(xmlserver) api.register(jsonserver_kerb) @@ -33,4 +33,5 @@ if 'in_server' in api.env and api.env.in_server is True: api.register(login_kerberos) api.register(login_password) api.register(change_password) + api.register(sync_token) api.register(xmlserver_session) |