summaryrefslogtreecommitdiffstats
path: root/ipsilon/providers
diff options
context:
space:
mode:
Diffstat (limited to 'ipsilon/providers')
-rwxr-xr-xipsilon/providers/common.py80
-rwxr-xr-xipsilon/providers/openid/extensions/ax.py2
-rwxr-xr-xipsilon/providers/openid/extensions/cla.py2
-rwxr-xr-xipsilon/providers/openid/extensions/common.py16
-rwxr-xr-xipsilon/providers/openid/extensions/fas_teams.py2
-rwxr-xr-xipsilon/providers/openid/extensions/sreg.py2
-rwxr-xr-xipsilon/providers/openid/extensions/teams.py2
-rwxr-xr-xipsilon/providers/openidp.py31
-rwxr-xr-xipsilon/providers/saml2idp.py29
9 files changed, 64 insertions, 102 deletions
diff --git a/ipsilon/providers/common.py b/ipsilon/providers/common.py
index ead50e2..03118ae 100755
--- a/ipsilon/providers/common.py
+++ b/ipsilon/providers/common.py
@@ -51,68 +51,29 @@ class InvalidRequest(ProviderException):
class ProviderBase(PluginConfig, PluginObject):
- def __init__(self, name, path):
+ def __init__(self, name, path, *pargs):
PluginConfig.__init__(self)
- PluginObject.__init__(self)
+ PluginObject.__init__(self, *pargs)
self.name = name
+ self._root = None
self.path = path
self.tree = None
- self.is_enabled = False
-
- def on_enable(self):
- # this one does nothing
- # derived classes can override with custom behavior
- return
def get_tree(self, site):
raise NotImplementedError
- def register(self, site):
- if self.tree:
- # already registered
- return
-
- # configure self
- plugins = site[FACILITY]
- if self.name in plugins['config']:
- self.import_config(plugins['config'][self.name])
+ def register(self, root, site):
+ self._root = root
# init pages and admin interfaces
self.tree = self.get_tree(site)
-
self._debug('IdP Provider registered: %s' % self.name)
- if self.get_config_value('enabled') is True:
- # and enable self
- self._enable(site)
-
- def _enable(self, site):
- root = site[FACILITY]['root']
- root.add_subtree(self.name, self.tree)
- self._debug('IdP Provider enabled: %s' % self.name)
- self.is_enabled = True
- self.on_enable()
-
- def enable(self, site):
- if self.is_enabled:
- return
-
- self._enable(site)
- self.set_config_value('enabled', True)
- self.save_plugin_config(FACILITY)
-
- def disable(self, site):
- if not self.is_enabled:
- return
-
- # remove self to the root
- root = site[FACILITY]['root']
- root.del_subtree(self.name)
+ def on_enable(self):
+ self._root.add_subtree(self.name, self.tree)
- self.is_enabled = False
- self.set_config_value('enabled', False)
- self.save_plugin_config(FACILITY)
- self._debug('IdP Provider disabled: %s' % self.name)
+ def on_disable(self):
+ self._root.del_subtree(self.name)
class ProviderPageBase(Page):
@@ -155,21 +116,26 @@ FACILITY = 'provider_config'
class LoadProviders(Log):
def __init__(self, root, site):
- loader = PluginLoader(LoadProviders, FACILITY, 'IdpProvider')
- site[FACILITY] = loader.get_plugin_data()
- providers = site[FACILITY]
+ plugins = PluginLoader(LoadProviders, FACILITY, 'IdpProvider')
+ plugins.get_plugin_data()
+ site[FACILITY] = plugins
- available = providers['available'].keys()
+ available = plugins.available.keys()
self._debug('Available providers: %s' % str(available))
- providers['root'] = root
- for item in providers['available']:
- plugin = providers['available'][item]
- plugin.register(site)
+ for item in plugins.available:
+ plugin = plugins.available[item]
+ plugin.register(root, site)
+
+ for item in plugins.enabled:
+ self._debug('Provider plugin in enabled list: %s' % item)
+ if item not in plugins.available:
+ continue
+ plugins.available[item].enable()
class ProvidersInstall(object):
def __init__(self):
- pi = PluginInstaller(ProvidersInstall)
+ pi = PluginInstaller(ProvidersInstall, FACILITY)
self.plugins = pi.get_plugins()
diff --git a/ipsilon/providers/openid/extensions/ax.py b/ipsilon/providers/openid/extensions/ax.py
index 7daa52a..d00a4fc 100755
--- a/ipsilon/providers/openid/extensions/ax.py
+++ b/ipsilon/providers/openid/extensions/ax.py
@@ -28,7 +28,7 @@ AP_MAP = {
class OpenidExtension(OpenidExtensionBase):
- def __init__(self):
+ def __init__(self, *pargs):
super(OpenidExtension, self).__init__('Attribute Exchange')
self.type_uris = [
ax.AXMessage.ns_uri,
diff --git a/ipsilon/providers/openid/extensions/cla.py b/ipsilon/providers/openid/extensions/cla.py
index cc4d11d..481f341 100755
--- a/ipsilon/providers/openid/extensions/cla.py
+++ b/ipsilon/providers/openid/extensions/cla.py
@@ -10,7 +10,7 @@ from openid_cla import cla
class OpenidExtension(OpenidExtensionBase):
- def __init__(self):
+ def __init__(self, *pargs):
super(OpenidExtension, self).__init__('CLAs')
self.type_uris = [
cla.cla_uri,
diff --git a/ipsilon/providers/openid/extensions/common.py b/ipsilon/providers/openid/extensions/common.py
index 804f695..02cd1a0 100755
--- a/ipsilon/providers/openid/extensions/common.py
+++ b/ipsilon/providers/openid/extensions/common.py
@@ -50,22 +50,20 @@ FACILITY = 'openid_extensions'
class LoadExtensions(Log):
def __init__(self):
- loader = PluginLoader(LoadExtensions, FACILITY, 'OpenidExtension')
- self.plugins = loader.get_plugin_data()
+ self.plugins = PluginLoader(LoadExtensions,
+ FACILITY, 'OpenidExtension')
+ self.plugins.get_plugin_data()
- available = self.plugins['available'].keys()
+ available = self.plugins.available.keys()
self._debug('Available Extensions: %s' % str(available))
def enable(self, enabled):
for item in enabled:
- if item not in self.plugins['available']:
+ if item not in self.plugins.available:
self.debug('<%s> not available' % item)
continue
self.debug('Enable OpenId extension: %s' % item)
- self.plugins['available'][item].enable()
+ self.plugins.available[item].enable()
def available(self):
- available = self.plugins['available']
- if available is None:
- available = dict()
- return available
+ return self.plugins.available
diff --git a/ipsilon/providers/openid/extensions/fas_teams.py b/ipsilon/providers/openid/extensions/fas_teams.py
index fd9dd27..4de2e83 100755
--- a/ipsilon/providers/openid/extensions/fas_teams.py
+++ b/ipsilon/providers/openid/extensions/fas_teams.py
@@ -10,7 +10,7 @@ from openid_teams import teams
class OpenidExtension(Teams):
- def __init__(self):
+ def __init__(self, *pargs):
super(OpenidExtension, self).__init__('Fedora Teams')
def _resp(self, request, userdata):
diff --git a/ipsilon/providers/openid/extensions/sreg.py b/ipsilon/providers/openid/extensions/sreg.py
index a2b4db7..e1144fc 100755
--- a/ipsilon/providers/openid/extensions/sreg.py
+++ b/ipsilon/providers/openid/extensions/sreg.py
@@ -10,7 +10,7 @@ from openid.extensions import sreg
class OpenidExtension(OpenidExtensionBase):
- def __init__(self):
+ def __init__(self, *pargs):
super(OpenidExtension, self).__init__('Simple Registration')
self.type_uris = [
sreg.ns_uri_1_1,
diff --git a/ipsilon/providers/openid/extensions/teams.py b/ipsilon/providers/openid/extensions/teams.py
index 50c09af..258a437 100755
--- a/ipsilon/providers/openid/extensions/teams.py
+++ b/ipsilon/providers/openid/extensions/teams.py
@@ -34,5 +34,5 @@ class Teams(OpenidExtensionBase):
class OpenidExtension(Teams):
- def __init__(self):
+ def __init__(self, *pargs):
super(OpenidExtension, self).__init__('Teams')
diff --git a/ipsilon/providers/openidp.py b/ipsilon/providers/openidp.py
index 197b1cf..335b41b 100755
--- a/ipsilon/providers/openidp.py
+++ b/ipsilon/providers/openidp.py
@@ -5,7 +5,6 @@
from __future__ import absolute_import
from ipsilon.providers.common import ProviderBase
-from ipsilon.providers.common import FACILITY
from ipsilon.providers.openid.auth import OpenID
from ipsilon.providers.openid.extensions.common import LoadExtensions
from ipsilon.util.plugin import PluginObject
@@ -19,8 +18,8 @@ from openid.store.memstore import MemoryStore
class IdpProvider(ProviderBase):
- def __init__(self):
- super(IdpProvider, self).__init__('openid', 'openid')
+ def __init__(self, *pargs):
+ super(IdpProvider, self).__init__('openid', 'openid', *pargs)
self.mapping = InfoMapping()
self.page = None
self.server = None
@@ -55,10 +54,6 @@ Provides OpenID 2.0 authentication infrastructure. """
'enabled extensions',
'Choose the extensions to enable',
self.extensions.available().keys()),
- pconfig.Condition(
- 'enabled',
- 'Whether the OpenID IDP is enabled',
- False)
)
@property
@@ -99,10 +94,10 @@ Provides OpenID 2.0 authentication infrastructure. """
# self.admin = AdminPage(site, self)
# Expose OpenID presence in the root
- headers = site[FACILITY]['root'].default_headers
+ headers = self._root.default_headers
headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
- html_heads = site[FACILITY]['root'].html_heads
+ html_heads = self._root.html_heads
HEAD_LINK = '<link rel="%s" href="%s">'
openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
HEAD_LINK % ('openid.server', self.endpoint_url)]
@@ -114,15 +109,17 @@ Provides OpenID 2.0 authentication infrastructure. """
self.server = Server(MemoryStore(), op_endpoint=self.endpoint_url)
def on_enable(self):
+ super(IdpProvider, self).on_enable()
self.init_idp()
self.extensions.enable(self._config['enabled extensions'].get_value())
class Installer(object):
- def __init__(self):
+ def __init__(self, *pargs):
self.name = 'openid'
self.ptype = 'provider'
+ self.pargs = pargs
def install_args(self, group):
group.add_argument('--openid', choices=['yes', 'no'], default='yes',
@@ -139,12 +136,14 @@ class Installer(object):
proto, opts['hostname'], opts['instance'])
# Add configuration data to database
- po = PluginObject()
+ po = PluginObject(*self.pargs)
po.name = 'openid'
po.wipe_data()
-
- po.wipe_config_values(FACILITY)
+ po.wipe_config_values()
config = {'endpoint url': url,
- 'identity_url_template': '%sid/%%(username)s' % url,
- 'enabled': '1'}
- po.save_plugin_config(FACILITY, config)
+ 'identity_url_template': '%sid/%%(username)s' % url}
+ po.save_plugin_config(config)
+
+ # Update global config to add login plugin
+ po.is_enabled = True
+ po.save_enabled_state()
diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py
index 8896e16..b0f4304 100755
--- a/ipsilon/providers/saml2idp.py
+++ b/ipsilon/providers/saml2idp.py
@@ -18,7 +18,6 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipsilon.providers.common import ProviderBase, ProviderPageBase
-from ipsilon.providers.common import FACILITY
from ipsilon.providers.saml2.auth import AuthenticateRequest
from ipsilon.providers.saml2.admin import Saml2AdminPage
from ipsilon.providers.saml2.provider import IdentityProvider
@@ -119,8 +118,8 @@ class SAML2(ProviderPageBase):
class IdpProvider(ProviderBase):
- def __init__(self):
- super(IdpProvider, self).__init__('saml2', 'saml2')
+ def __init__(self, *pargs):
+ super(IdpProvider, self).__init__('saml2', 'saml2', *pargs)
self.admin = None
self.page = None
self.idp = None
@@ -163,10 +162,6 @@ Provides SAML 2.0 authentication infrastructure. """
'default email domain',
'Used for users missing the email property.',
'example.com'),
- pconfig.Condition(
- 'enabled',
- 'Whether the SAML IDP is enabled',
- False)
)
if cherrypy.config.get('debug', False):
import logging
@@ -242,7 +237,8 @@ Provides SAML 2.0 authentication infrastructure. """
return idp
def on_enable(self):
- self.init_idp()
+ super(IdpProvider, self).on_enable()
+ self.idp = self.init_idp()
if hasattr(self, 'admin'):
if self.admin:
self.admin.add_sps()
@@ -250,9 +246,10 @@ Provides SAML 2.0 authentication infrastructure. """
class Installer(object):
- def __init__(self):
+ def __init__(self, *pargs):
self.name = 'saml2'
self.ptype = 'provider'
+ self.pargs = pargs
def install_args(self, group):
group.add_argument('--saml2', choices=['yes', 'no'], default='yes',
@@ -297,17 +294,19 @@ class Installer(object):
meta.output(os.path.join(path, 'metadata.xml'))
# Add configuration data to database
- po = PluginObject()
+ po = PluginObject(*self.pargs)
po.name = 'saml2'
po.wipe_data()
-
- po.wipe_config_values(FACILITY)
+ po.wipe_config_values()
config = {'idp storage path': path,
'idp metadata file': 'metadata.xml',
'idp certificate file': cert.cert,
- 'idp key file': cert.key,
- 'enabled': '1'}
- po.save_plugin_config(FACILITY, config)
+ 'idp key file': cert.key}
+ po.save_plugin_config(config)
+
+ # Update global config to add login plugin
+ po.is_enabled = True
+ po.save_enabled_state()
# Fixup permissions so only the ipsilon user can read these files
files.fix_user_dirs(path, opts['system_user'])
generated by cgit (git 2.34.1) at 2024-06-10 16:32:59 +0000