diff options
author | Simo Sorce <simo@redhat.com> | 2014-10-08 23:38:18 -0400 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-10-24 18:03:28 +0200 |
commit | 3d3583f81e78600a37d518a5f8c814c6b4c99b91 (patch) | |
tree | ee7e34b578fe2768e92eda6976b75a292a0984c0 | |
parent | d274763d8dc06b42f70014b14fcb2e852c086751 (diff) | |
download | ipsilon.git-3d3583f81e78600a37d518a5f8c814c6b4c99b91.tar.gz ipsilon.git-3d3583f81e78600a37d518a5f8c814c6b4c99b91.tar.xz ipsilon.git-3d3583f81e78600a37d518a5f8c814c6b4c99b91.zip |
Add OpenId extensions
Implement:
Simple Registration
Attribute Exchange
(Fedora) Teams
CLAs
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
-rwxr-xr-x | ipsilon/providers/openid/extensions/ax.py | 64 | ||||
-rwxr-xr-x | ipsilon/providers/openid/extensions/cla.py | 34 | ||||
-rwxr-xr-x | ipsilon/providers/openid/extensions/fas_teams.py | 24 | ||||
-rwxr-xr-x | ipsilon/providers/openid/extensions/sreg.py | 33 | ||||
-rwxr-xr-x | ipsilon/providers/openid/extensions/teams.py | 38 |
5 files changed, 193 insertions, 0 deletions
diff --git a/ipsilon/providers/openid/extensions/ax.py b/ipsilon/providers/openid/extensions/ax.py new file mode 100755 index 0000000..7daa52a --- /dev/null +++ b/ipsilon/providers/openid/extensions/ax.py @@ -0,0 +1,64 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.common import OpenidExtensionBase +from openid.extensions import ax + + +AP_MAP = { + 'http://schema.openid.net/namePerson': 'fullname', + 'http://schema.openid.net/contact/email': 'email', + 'http://axschema.org/namePerson': 'fullname', + 'http://axschema.org/namePerson/first': 'firstname', + 'http://axschema.org/namePerson/last': 'lastname', + 'http://axschema.org/namePerson/friendly': 'nickname', + 'http://axschema.org/contact/email': 'email', + 'http://openid.net/schema/namePerson/first': 'firstname', + 'http://openid.net/schema/namePerson/last': 'lastname', + 'http://openid.net/schema/namePerson/friendly': 'nickname', + 'http://openid.net/schema/gender': 'gender', + 'http://openid.net/schema/language/pref': 'language', + 'http://fedoauth.org/openid/schema/GPG/keyid': 'gpg_keyid', + 'http://fedoauth.org/openid/schema/SSH/key': 'ssh_key', +} + + +class OpenidExtension(OpenidExtensionBase): + + def __init__(self): + super(OpenidExtension, self).__init__('Attribute Exchange') + self.type_uris = [ + ax.AXMessage.ns_uri, + ] + + def _resp(self, request, userdata): + req = ax.FetchRequest.fromOpenIDRequest(request) + if req is None: + return {} + resp = ax.FetchResponse(req) + for name in req.requested_attributes: + try: + self.debug(name) + if name in AP_MAP: + resp.addValue(name, userdata[AP_MAP[name]]) + else: + resp.addValue(name, userdata[name]) + except Exception: # pylint: disable=broad-except + pass + return resp + + def _display(self, request, userdata): + resp = self._resp(request, userdata) + data = dict() + for name, value in resp.data.items(): + key = name + if name in AP_MAP: + key = AP_MAP[name] + data[key] = ', '.join(value if value else []) + return data + + def _response(self, request, userdata): + return self._resp(request, userdata) diff --git a/ipsilon/providers/openid/extensions/cla.py b/ipsilon/providers/openid/extensions/cla.py new file mode 100755 index 0000000..cc4d11d --- /dev/null +++ b/ipsilon/providers/openid/extensions/cla.py @@ -0,0 +1,34 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.common import OpenidExtensionBase +from openid_cla import cla + + +class OpenidExtension(OpenidExtensionBase): + + def __init__(self): + super(OpenidExtension, self).__init__('CLAs') + self.type_uris = [ + cla.cla_uri, + ] + + def _resp(self, request, userdata): + req = cla.CLARequest.fromOpenIDRequest(request) + self.debug(req) + if req is None: + return {} + data = userdata['extras'].get('cla', []) + return cla.CLAResponse.extractResponse(req, data) + + def _display(self, request, userdata): + resp = self._resp(request, userdata) + if resp.clas: + return {'CLA': 'yes'} + return {} + + def _response(self, request, userdata): + return self._resp(request, userdata) diff --git a/ipsilon/providers/openid/extensions/fas_teams.py b/ipsilon/providers/openid/extensions/fas_teams.py new file mode 100755 index 0000000..fd9dd27 --- /dev/null +++ b/ipsilon/providers/openid/extensions/fas_teams.py @@ -0,0 +1,24 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.teams import Teams +from openid_teams import teams + + +class OpenidExtension(Teams): + + def __init__(self): + super(OpenidExtension, self).__init__('Fedora Teams') + + def _resp(self, request, userdata): + req = teams.TeamsRequest.fromOpenIDRequest(request) + if req is None: + return {} + if '_FAS_ALL_GROUPS_' in req.requested: + # We will send all groups the user is a member of + req.requested = userdata.get('groups', []) + data = userdata.get('groups', []) + return teams.TeamsResponse.extractResponse(req, data) diff --git a/ipsilon/providers/openid/extensions/sreg.py b/ipsilon/providers/openid/extensions/sreg.py new file mode 100755 index 0000000..a2b4db7 --- /dev/null +++ b/ipsilon/providers/openid/extensions/sreg.py @@ -0,0 +1,33 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.common import OpenidExtensionBase +from openid.extensions import sreg + + +class OpenidExtension(OpenidExtensionBase): + + def __init__(self): + super(OpenidExtension, self).__init__('Simple Registration') + self.type_uris = [ + sreg.ns_uri_1_1, + sreg.ns_uri_1_0, + ] + + def _resp(self, request, userdata): + req = sreg.SRegRequest.fromOpenIDRequest(request) + data = dict() + for name in sreg.data_fields: + if name in userdata: + data[name] = userdata[name] + return sreg.SRegResponse.extractResponse(req, data) + + def _display(self, request, userdata): + resp = self._resp(request, userdata) + return resp.data + + def _response(self, request, userdata): + return self._resp(request, userdata) diff --git a/ipsilon/providers/openid/extensions/teams.py b/ipsilon/providers/openid/extensions/teams.py new file mode 100755 index 0000000..50c09af --- /dev/null +++ b/ipsilon/providers/openid/extensions/teams.py @@ -0,0 +1,38 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.common import OpenidExtensionBase +from openid_teams import teams + + +class Teams(OpenidExtensionBase): + + def __init__(self, name): + super(Teams, self).__init__(name) + self.type_uris = [ + teams.teams_uri, + ] + + def _resp(self, request, userdata): + req = teams.TeamsRequest.fromOpenIDRequest(request) + if req is None: + return {} + data = userdata.get('groups', []) + return teams.TeamsResponse.extractResponse(req, data) + + def _display(self, request, userdata): + resp = self._resp(request, userdata) + if resp.teams: + return {'Groups': resp.teams} + return {} + + def _response(self, request, userdata): + return self._resp(request, userdata) + + +class OpenidExtension(Teams): + def __init__(self): + super(OpenidExtension, self).__init__('Teams') |