diff options
Diffstat (limited to 'coip/apps/saml2')
| -rw-r--r-- | coip/apps/saml2/__init__.py | 0 | ||||
| -rw-r--r-- | coip/apps/saml2/conf.py | 42 | ||||
| -rw-r--r-- | coip/apps/saml2/urls.py | 11 | ||||
| -rw-r--r-- | coip/apps/saml2/views.py | 61 |
4 files changed, 114 insertions, 0 deletions
diff --git a/coip/apps/saml2/__init__.py b/coip/apps/saml2/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/coip/apps/saml2/__init__.py diff --git a/coip/apps/saml2/conf.py b/coip/apps/saml2/conf.py new file mode 100644 index 0000000..4dc70d9 --- /dev/null +++ b/coip/apps/saml2/conf.py @@ -0,0 +1,42 @@ +''' +Created on Apr 2, 2012 + +@author: leifj +''' + +from saml2 import BINDING_SOAP +from saml2.saml import NAME_FORMAT_URI +from coip.settings import PREFIX_URL, SAML_CERT, SAML_KEY, BASE_DIR, METADATA + +CONFIG={ + "entityid" : "%s/saml2/entity" % PREFIX_URL, + "description": "COIP", + "service": { + "aa": { + "name" : "COIP", + "endpoints" : { + "attribute_service" : [("%s/aq" % PREFIX_URL, BINDING_SOAP)], + }, + "policy": { + "default": { + "lifetime": {"minutes":15}, + "attribute_restrictions": None, # means all I have + "name_form": NAME_FORMAT_URI + }, + }, + "subject_data": ("dict", {}), + } + }, + "debug" : 1, + "key_file" : SAML_KEY, + "cert_file" : SAML_CERT, + "attribute_map_dir" : "%s/saml2/attributemaps" % BASE_DIR, + "metadata" : { + "local": ["%s/saml2/metadata/sp.xml" % BASE_DIR], + }, + "organization": { + "display_name": "COIP", + "name": "COIP", + "url": PREFIX_URL, + }, +}
\ No newline at end of file diff --git a/coip/apps/saml2/urls.py b/coip/apps/saml2/urls.py new file mode 100644 index 0000000..1654c66 --- /dev/null +++ b/coip/apps/saml2/urls.py @@ -0,0 +1,11 @@ +''' +Created on Nov 7, 2011 + +@author: leifj +''' +from django.conf.urls.defaults import patterns, url, include + +urlpatterns = patterns('coip.apps.saml2.views', + url(r'^aq$',view='aq'), + url(r'^metadata$',view='metadata') +)
\ No newline at end of file diff --git a/coip/apps/saml2/views.py b/coip/apps/saml2/views.py new file mode 100644 index 0000000..497e219 --- /dev/null +++ b/coip/apps/saml2/views.py @@ -0,0 +1,61 @@ +''' +Created on Apr 2, 2012 + +@author: leifj +''' + +import re +from saml2 import server +from saml2 import saml +from saml2 import soap +import logging +from django.contrib.auth.models import User +from django.http import HttpResponse, HttpResponseBadRequest +from saml2.config import Config +from saml2.metadata import entity_descriptor +from coip.apps.saml2 import conf + +aa = server.Server("coip.apps.saml2.conf", log=logging, debug=1, stype="aa") + +def _aa_reply(aa, aq, user, sp_entityid): + consumer_url = aa.metadata.consumer_url(aq.issuer.text) + in_response_to = aq.id + name_id = aq.subject.name_id + + logging.info("name_id: %s" % name_id) + return aa.do_aa_response(in_response_to, + consumer_url, + sp_entityid, + identity=user, + name_id=name_id, + issuer=aa.conf.entityid) + +def metadata(request): + cnf = Config().load(conf.CONFIG, metadata_construction=True) + ed = entity_descriptor(cnf, 0) + return HttpResponse(content=ed,content_type="text/xml") + +def aq(request): + if request.method == 'POST': + global aa + request_xml = soap.parse_soap_enveloped_saml_attribute_query(request.raw_post_data) + logging.debug(request_xml) + (subject, attribute, aq) = aa.parse_attribute_query(request_xml,False) + sp_entityid = aq.issuer.text + + claims = {} + try: + logging.debug("Subject: %s" % subject.text) + user = User.objects.get(username=subject.text) + p = user.get_profile() + claims = {'uid': user.username,'displayName': p.display_name} + except Exception,exc: + logging.debug(exc) + pass + + aa_response = _aa_reply(aa, aq, claims, sp_entityid) + xml = soap.make_soap_enveloped_saml_thingy(aa_response) + logging.debug(xml) + return HttpResponse(content=xml, content_type="application/soap+xml") + else: + return HttpResponseBadRequest("<html><head><title>No</title></head><body><h1>Bad Request</h1><p>Go sell crazy someplace else, we're all stocked up here!</p></body></html>")
\ No newline at end of file |