summaryrefslogtreecommitdiffstats
path: root/ipsilon/login/common.py
Commit message (Collapse)AuthorAgeFilesLines
* Fix error returned from login pluginsSimo Sorce2015-03-171-0/+3
| | | | | | | | | | | Some login plugins use form based authentication and let the user retry on authentication errors. This is fine, however the wrong error code is returned in this case, 401 should be returned. Fixes: https://fedorahosted.org/ipsilon/ticket/94 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Nathan Kinder <nkinder@redhat.com>
* Fix transaction ID passing for failed authenticationPatrick Uiterwijk2015-03-031-3/+6
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Add uninstallation support.Patrick Uiterwijk2015-02-261-0/+16
| | | | | | | | | As part of this, made all plugins use a Installer baseclass. https://fedorahosted.org/ipsilon/ticket/38 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Rob Crittenden <rcritten@redhat.com>
* Prefix userdata hives with _ to avoid conflictsSimo Sorce2015-02-241-13/+20
| | | | | | | | | | | The main userdata dict contains common attributes, but we add a sepcial groups list and unmapped extras, as well as indicators like auth_type. All these additional attributes are now prefixed by a _ character so that conflicts with legitimate attributes are improbable. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Fix file permissions and remove shebang'sPatrick Uiterwijk2014-12-161-2/+0
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Add support for Persona Identity ProviderPatrick Uiterwijk2014-11-141-2/+4
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Refactor plugin initialization and enablementSimo Sorce2014-11-121-70/+46
| | | | | | | | | | | | Move most plugin enablement and initialization code in plugin.py to reduce code duplication and simplify and unifify plugin enablement for all base plugin types (login, info, providers). This patch breaks backwards compatibility as it changes how the list of enabled plugins is stored in the database tables. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Refactor plugin configurationSimo Sorce2014-11-121-5/+6
| | | | | | | | | | | | | | | Fork a PluginConfig class out of PluginObject, the base object now supports a simple dictionary config, while using PluginConfig provide access to structured util.config based configuration. Change UI code that deal with plugins configuration to properly use the new structured config objects in order to represent data in appropriate format based on the data type. Use the new util.config objects to represent plugins configuration. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Fix plugins enablement codeSimo Sorce2014-10-271-14/+12
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Reuse the AdminPlugins class for the providers tooSimo Sorce2014-10-271-0/+9
| | | | | | | This way we can remove even more duplicated code... \o/ Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Return to provider if user cancels loginSimo Sorce2014-10-241-0/+22
| | | | | | | | When the cancel button is hit return to the provider and eventually to the original application via return urls. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Handle invalid/expired transactions gracefullySimo Sorce2014-10-241-3/+2
| | | | | | | | | Return a useful error page every time and invalid or expired transaction is requested, instead of ending up with an internal backtrace and an ugly 500 error. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Show login target on the login screenPatrick Uiterwijk2014-10-241-0/+3
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Add attribute mapping for user informationSimo Sorce2014-10-241-2/+10
| | | | | | | | | | | | When user information is retrieved we map any wellknown data to a standardized set of names. A ne InfoMapping class takes cares of helping the info modules to map the data they retrieve so that providers can find it in wellknown attribute names for further use. Mapping of attribute names for diplay purposes is also provided. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Fix transaction handling in providersSimo Sorce2014-10-061-0/+1
| | | | | | | | | | | | When a provider redirects to the login code, it must retain 'ownership' of the transaction, otherwise the login code will wipe the transaction data as sson as the authentication is completed but before the provider has completed its part of the transaction. Make sure the transaction code retrieves the 'owner' from the data for pre-existing transactions. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Fix login session's userdata acquisitionSimo Sorce2014-10-061-1/+3
| | | | | | | | | With the transaction code changes th session.login() function was incorrectly moved before all the userdata was gathered. An incomplete set was stored in the session. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use transactions throughout the codeSimo Sorce2014-09-241-18/+44
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add abstraction class to handle cookiesSimo Sorce2014-09-241-9/+9
| | | | | | | This handles secure cokies with useful helpers and defaults. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add Info providers Admin pagesSimo Sorce2014-09-241-1/+1
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add support for returning user attributesSimo Sorce2014-09-241-0/+14
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use helper cookie to remember the usernameSimo Sorce2014-09-241-1/+25
| | | | | | | | | This makes the login page a lot more friendy Available only over HTTPS Max age set to 15 days Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Create common form handler pageSimo Sorce2014-09-241-0/+35
| | | | | | | Reduce duplication Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Move user attribute storage into session functionsSimo Sorce2014-08-271-6/+1
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use new Log class everywhereSimo Sorce2014-08-271-5/+2
| | | | | | | | | Replace copies of _debug function sprinkled all over the code with a single implementation Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com> - Removed replace of self._debug to self.debug
* Fix E256 with stricter pep8 error checkerSimo Sorce2014-05-201-1/+1
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Refactor login plugin enablement codeSimo Sorce2014-03-281-12/+60
| | | | | | | This allows us to finally implement the plugin enable/disable configuration buttons and enable/disable plugins on the fly. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add server-install plugin configuration supportSimo Sorce2014-03-201-0/+8
| | | | | | | Automatically find plugins installed in the system and exposes their installation and configuration functions through the installer. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add way to save user data after loginSimo Sorce2014-03-021-1/+7
| | | | | | | The login manager that successfully authenticated the user can now pass data to be stored in the user facility of the session. Signed-off-by: Simo Sorce <simo@redhat.com>
* Use cherrypy handlers to render error pagesSimo Sorce2014-02-241-2/+1
| | | | | | | Replaces custom code to render 401 Unauthorized page as well as adds 400 and 500 handlers Signed-off-by: Simo Sorce <simo@redhat.com>
* Better session management at loginSimo Sorce2014-02-241-8/+16
| | | | | | | | | Save data bout the prformed authentication Do not destroy the whole session at login, providers may need to store data before the user is authenticate and retrieve it later if authentication ws successful. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add _debug facility to the Page classSimo Sorce2014-02-241-7/+3
| | | | | | | Use this instead of th misleading "_log" name. These really are just debugging statements not normal logging. Signed-off-by: Simo Sorce <simo@redhat.com>
* Log available login managersSimo Sorce2014-02-241-0/+3
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Initialize plugins in order defined in DBPetr Vobornik2014-02-171-3/+3
| | | | | Signed-off-by: Petr Vobornik <pvoborni@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Unauthorized pagePetr Vobornik2014-02-171-3/+3
| | | | | Signed-off-by: Petr Vobornik <pvoborni@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Implement login plugin infrastructureSimo Sorce2014-01-241-0/+114
Signed-off-by: Simo Sorce <simo@redhat.com>
generated by cgit (git 2.34.1) at 2024-06-19 16:02:12 +0000