From 3d3583f81e78600a37d518a5f8c814c6b4c99b91 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 8 Oct 2014 23:38:18 -0400 Subject: Add OpenId extensions Implement: Simple Registration Attribute Exchange (Fedora) Teams CLAs Signed-off-by: Simo Sorce Signed-off-by: Patrick Uiterwijk Reviewed-by: Patrick Uiterwijk --- ipsilon/providers/openid/extensions/ax.py | 64 ++++++++++++++++++++++++ ipsilon/providers/openid/extensions/cla.py | 34 +++++++++++++ ipsilon/providers/openid/extensions/fas_teams.py | 24 +++++++++ ipsilon/providers/openid/extensions/sreg.py | 33 ++++++++++++ ipsilon/providers/openid/extensions/teams.py | 38 ++++++++++++++ 5 files changed, 193 insertions(+) create mode 100755 ipsilon/providers/openid/extensions/ax.py create mode 100755 ipsilon/providers/openid/extensions/cla.py create mode 100755 ipsilon/providers/openid/extensions/fas_teams.py create mode 100755 ipsilon/providers/openid/extensions/sreg.py create mode 100755 ipsilon/providers/openid/extensions/teams.py (limited to 'ipsilon') diff --git a/ipsilon/providers/openid/extensions/ax.py b/ipsilon/providers/openid/extensions/ax.py new file mode 100755 index 0000000..7daa52a --- /dev/null +++ b/ipsilon/providers/openid/extensions/ax.py @@ -0,0 +1,64 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.common import OpenidExtensionBase +from openid.extensions import ax + + +AP_MAP = { + 'http://schema.openid.net/namePerson': 'fullname', + 'http://schema.openid.net/contact/email': 'email', + 'http://axschema.org/namePerson': 'fullname', + 'http://axschema.org/namePerson/first': 'firstname', + 'http://axschema.org/namePerson/last': 'lastname', + 'http://axschema.org/namePerson/friendly': 'nickname', + 'http://axschema.org/contact/email': 'email', + 'http://openid.net/schema/namePerson/first': 'firstname', + 'http://openid.net/schema/namePerson/last': 'lastname', + 'http://openid.net/schema/namePerson/friendly': 'nickname', + 'http://openid.net/schema/gender': 'gender', + 'http://openid.net/schema/language/pref': 'language', + 'http://fedoauth.org/openid/schema/GPG/keyid': 'gpg_keyid', + 'http://fedoauth.org/openid/schema/SSH/key': 'ssh_key', +} + + +class OpenidExtension(OpenidExtensionBase): + + def __init__(self): + super(OpenidExtension, self).__init__('Attribute Exchange') + self.type_uris = [ + ax.AXMessage.ns_uri, + ] + + def _resp(self, request, userdata): + req = ax.FetchRequest.fromOpenIDRequest(request) + if req is None: + return {} + resp = ax.FetchResponse(req) + for name in req.requested_attributes: + try: + self.debug(name) + if name in AP_MAP: + resp.addValue(name, userdata[AP_MAP[name]]) + else: + resp.addValue(name, userdata[name]) + except Exception: # pylint: disable=broad-except + pass + return resp + + def _display(self, request, userdata): + resp = self._resp(request, userdata) + data = dict() + for name, value in resp.data.items(): + key = name + if name in AP_MAP: + key = AP_MAP[name] + data[key] = ', '.join(value if value else []) + return data + + def _response(self, request, userdata): + return self._resp(request, userdata) diff --git a/ipsilon/providers/openid/extensions/cla.py b/ipsilon/providers/openid/extensions/cla.py new file mode 100755 index 0000000..cc4d11d --- /dev/null +++ b/ipsilon/providers/openid/extensions/cla.py @@ -0,0 +1,34 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.common import OpenidExtensionBase +from openid_cla import cla + + +class OpenidExtension(OpenidExtensionBase): + + def __init__(self): + super(OpenidExtension, self).__init__('CLAs') + self.type_uris = [ + cla.cla_uri, + ] + + def _resp(self, request, userdata): + req = cla.CLARequest.fromOpenIDRequest(request) + self.debug(req) + if req is None: + return {} + data = userdata['extras'].get('cla', []) + return cla.CLAResponse.extractResponse(req, data) + + def _display(self, request, userdata): + resp = self._resp(request, userdata) + if resp.clas: + return {'CLA': 'yes'} + return {} + + def _response(self, request, userdata): + return self._resp(request, userdata) diff --git a/ipsilon/providers/openid/extensions/fas_teams.py b/ipsilon/providers/openid/extensions/fas_teams.py new file mode 100755 index 0000000..fd9dd27 --- /dev/null +++ b/ipsilon/providers/openid/extensions/fas_teams.py @@ -0,0 +1,24 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.teams import Teams +from openid_teams import teams + + +class OpenidExtension(Teams): + + def __init__(self): + super(OpenidExtension, self).__init__('Fedora Teams') + + def _resp(self, request, userdata): + req = teams.TeamsRequest.fromOpenIDRequest(request) + if req is None: + return {} + if '_FAS_ALL_GROUPS_' in req.requested: + # We will send all groups the user is a member of + req.requested = userdata.get('groups', []) + data = userdata.get('groups', []) + return teams.TeamsResponse.extractResponse(req, data) diff --git a/ipsilon/providers/openid/extensions/sreg.py b/ipsilon/providers/openid/extensions/sreg.py new file mode 100755 index 0000000..a2b4db7 --- /dev/null +++ b/ipsilon/providers/openid/extensions/sreg.py @@ -0,0 +1,33 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.common import OpenidExtensionBase +from openid.extensions import sreg + + +class OpenidExtension(OpenidExtensionBase): + + def __init__(self): + super(OpenidExtension, self).__init__('Simple Registration') + self.type_uris = [ + sreg.ns_uri_1_1, + sreg.ns_uri_1_0, + ] + + def _resp(self, request, userdata): + req = sreg.SRegRequest.fromOpenIDRequest(request) + data = dict() + for name in sreg.data_fields: + if name in userdata: + data[name] = userdata[name] + return sreg.SRegResponse.extractResponse(req, data) + + def _display(self, request, userdata): + resp = self._resp(request, userdata) + return resp.data + + def _response(self, request, userdata): + return self._resp(request, userdata) diff --git a/ipsilon/providers/openid/extensions/teams.py b/ipsilon/providers/openid/extensions/teams.py new file mode 100755 index 0000000..50c09af --- /dev/null +++ b/ipsilon/providers/openid/extensions/teams.py @@ -0,0 +1,38 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING + +from __future__ import absolute_import + +from ipsilon.providers.openid.extensions.common import OpenidExtensionBase +from openid_teams import teams + + +class Teams(OpenidExtensionBase): + + def __init__(self, name): + super(Teams, self).__init__(name) + self.type_uris = [ + teams.teams_uri, + ] + + def _resp(self, request, userdata): + req = teams.TeamsRequest.fromOpenIDRequest(request) + if req is None: + return {} + data = userdata.get('groups', []) + return teams.TeamsResponse.extractResponse(req, data) + + def _display(self, request, userdata): + resp = self._resp(request, userdata) + if resp.teams: + return {'Groups': resp.teams} + return {} + + def _response(self, request, userdata): + return self._resp(request, userdata) + + +class OpenidExtension(Teams): + def __init__(self): + super(OpenidExtension, self).__init__('Teams') -- cgit