1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
'''
Created on Apr 2, 2012
@author: leifj
'''
import re
from saml2 import server
from saml2 import saml
from saml2 import soap
import logging
from django.contrib.auth.models import User
from django.http import HttpResponse, HttpResponseBadRequest
from saml2.config import Config
from saml2.metadata import entity_descriptor
from coip.apps.saml2 import conf
aa = server.Server("coip.apps.saml2.conf", log=logging, debug=1, stype="aa")
def _aa_reply(aa, aq, user, sp_entityid):
consumer_url = aa.metadata.consumer_url(aq.issuer.text)
in_response_to = aq.id
name_id = aq.subject.name_id
logging.info("name_id: %s" % name_id)
return aa.do_aa_response(in_response_to,
consumer_url,
sp_entityid,
identity=user,
name_id=name_id,
issuer=aa.conf.entityid)
def metadata(request):
cnf = Config().load(conf.CONFIG, metadata_construction=True)
ed = entity_descriptor(cnf, 0)
return HttpResponse(content=ed,content_type="text/xml")
def aq(request):
if request.method == 'POST':
global aa
request_xml = soap.parse_soap_enveloped_saml_attribute_query(request.raw_post_data)
logging.debug(request_xml)
(subject, attribute, aq) = aa.parse_attribute_query(request_xml,False)
sp_entityid = aq.issuer.text
claims = {}
try:
logging.debug("Subject: %s" % subject.text)
user = User.objects.get(username=subject.text)
p = user.get_profile()
claims = {'uid': user.username,'displayName': p.display_name}
except Exception,exc:
logging.debug(exc)
pass
aa_response = _aa_reply(aa, aq, claims, sp_entityid)
xml = soap.make_soap_enveloped_saml_thingy(aa_response)
logging.debug(xml)
return HttpResponse(content=xml, content_type="application/soap+xml")
else:
return HttpResponseBadRequest("<html><head><title>No</title></head><body><h1>Bad Request</h1><p>Go sell crazy someplace else, we're all stocked up here!</p></body></html>")
|