diff options
author | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-10-06 19:12:13 +0200 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-10-24 18:02:21 +0200 |
commit | f461a713ce28e434a34dca4e4d1abbfe255ef1ff (patch) | |
tree | 20e3167cfe3b28e8c7163e661fc757ffd8df228b /ipsilon/providers/openid/meta.py | |
parent | c6fab2542f52f6cca71c207c1925785971e51295 (diff) | |
download | ipsilon-f461a713ce28e434a34dca4e4d1abbfe255ef1ff.tar.gz ipsilon-f461a713ce28e434a34dca4e4d1abbfe255ef1ff.tar.xz ipsilon-f461a713ce28e434a34dca4e4d1abbfe255ef1ff.zip |
Add OpenIDP Provider
This commit implements all the core functionality needed to expose
an OpenID Identity Provider including a framework to dynamycally add
extensions.
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/providers/openid/meta.py')
-rwxr-xr-x | ipsilon/providers/openid/meta.py | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/ipsilon/providers/openid/meta.py b/ipsilon/providers/openid/meta.py new file mode 100755 index 0000000..a04a78c --- /dev/null +++ b/ipsilon/providers/openid/meta.py @@ -0,0 +1,102 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from ipsilon.providers.common import ProviderPageBase + +import cherrypy + + +class MetaHandler(ProviderPageBase): + + def __init__(self, *args, **kwargs): + super(MetaHandler, self).__init__(*args, **kwargs) + self.default_headers.update({ + 'Cache-Control': 'no-cache, must-revalidate', + 'Pragma': 'no-cache', + 'Expires': 'Thu, 01 Dec 1994 16:00:00 GMT', + }) + self._template_name = None + self._take_args = False + + def reply(self, **kwargs): + if self._template_name is None: + raise ValueError('Template not set') + return self._template(self._template_name, **kwargs) + + def default(self, *args, **kwargs): + if self._take_args: + return self.root(*args, **kwargs) + raise cherrypy.NotFound() + + +class XRDSHandler(MetaHandler): + + def __init__(self, *args, **kwargs): + super(XRDSHandler, self).__init__(*args, **kwargs) + self.default_headers['Content-Type'] = 'application/xrds+xml' + self._template_name = 'openid/xrds.xml' + + def GET(self, *args, **kwargs): + types = [ + 'http://specs.openid.net/auth/2.0/server', + 'http://openid.net/server/1.0', + ] + for _, e in self.cfg.extensions.items(): + types.extend(e.get_type_uris()) + + return self.reply(types=types, + uri=self.cfg.endpoint_url) + + +class UserXRDSHandler(XRDSHandler): + + def __init__(self, *args, **kwargs): + super(UserXRDSHandler, self).__init__(*args, **kwargs) + self._take_args = True + + def GET(self, *args, **kwargs): + if len(args) != 1: + raise cherrypy.NotFound() + if args[0].endswith('.xrds'): + name = args[0][:-5] + identity_url = self.cfg.identity_url_template % {'username': name} + types = [ + 'http://specs.openid.net/auth/2.0/signon', + 'http://openid.net/signon/1.0', + ] + for _, e in self.cfg.extensions.items(): + types.extend(e.get_type_uris()) + + return self.reply(types=types, + uri=self.cfg.endpoint_url, + localid=identity_url) + + raise cherrypy.NotFound() + + +class IDHandler(MetaHandler): + + def __init__(self, *args, **kwargs): + super(IDHandler, self).__init__(*args, **kwargs) + self._template_name = 'openid/userpage.html' + self._take_args = True + + def GET(self, *args, **kwargs): + if len(args) != 1: + raise cherrypy.NotFound() + name = args[0] + yadis = '%syadis/%s.xrds' % (self.cfg.endpoint_url, name) + cherrypy.response.headers['X-XRDS-Location'] = yadis + + endpoint_url = self.cfg.endpoint_url + identity_url = self.cfg.identity_url_template % {'username': name} + + HEAD_LINK = '<link rel="%s" href="%s">' + provider_heads = [HEAD_LINK % ('openid2.provider', endpoint_url), + HEAD_LINK % ('openid.server', endpoint_url)] + user_heads = [HEAD_LINK % ('openid2.delegate', identity_url), + HEAD_LINK % ('openid.local_id', identity_url)] + heads = {'provider': provider_heads, 'user': user_heads} + + return self.reply(title='Userpage', username=name, heads=heads) |