3 # Copyright (C) 2014 Ipsilon contributors, see COPYING file for license
6 from ipsilon.login.common import LoginPageBase, LoginManagerBase
7 from ipsilon.login.common import FACILITY
8 from ipsilon.util.plugin import PluginObject
11 from fedora.client.fasproxy import FasProxyClient
12 from fedora.client import AuthError
15 class FAS(LoginPageBase):
17 def GET(self, *args, **kwargs):
18 context = self.create_tmpl_context()
19 # pylint: disable=star-args
20 return self._template('login/fas.html', **context)
22 def POST(self, *args, **kwargs):
23 username = kwargs.get("login_name")
24 password = kwargs.get("login_password")
27 if username and password:
30 _, data = self.lm.fpc.login(username, password)
32 cherrypy.log.error("Authentication error [%s]" % str(e))
33 except Exception, e: # pylint: disable=broad-except
34 cherrypy.log.error("Unknown Error [%s]" % str(e))
35 if data and data.user:
36 return self.lm.auth_successful(data.user['username'],
37 userdata={'fas': data.user})
39 error = "Authentication failed"
40 cherrypy.log.error(error)
42 error = "Username or password is missing"
43 cherrypy.log.error("Error: " + error)
45 context = self.create_tmpl_context(
48 error_password=not password,
49 error_username=not username
51 # pylint: disable=star-args
52 return self._template('login/fas.html', **context)
54 def root(self, *args, **kwargs):
55 op = getattr(self, cherrypy.request.method, self.GET)
57 return op(*args, **kwargs)
59 def create_tmpl_context(self, **kwargs):
61 if self.lm.next_login is not None:
62 next_url = self.lm.next_login.path
66 "action": '%s/login/fas' % self.basepath,
67 "username_text": self.lm.username_text,
68 "password_text": self.lm.password_text,
69 "description": self.lm.help_text,
72 context.update(kwargs)
76 class LoginManager(LoginManagerBase):
78 def __init__(self, *args, **kwargs):
79 super(LoginManager, self).__init__(*args, **kwargs)
84 self.description = """
85 Form based login Manager that uses the Fedora Authentication Server
89 """ The text shown to guide the user at login time. """,
91 'Login wth your FAS credentials'
94 """ The text shown to ask for the username in the form. """,
99 """ The text shown to ask for the password in the form. """,
104 """ The FAS Url. """,
106 'https://admin.fedoraproject.org/accounts/'
108 'FAS Proxy client user Agent': [
109 """ The User Agent presented to the FAS Server. """,
113 'FAS Insecure Auth': [
114 """ If 'YES' skips FAS server cert verification. """,
122 return self.get_config_value('help text')
125 def username_text(self):
126 return self.get_config_value('username text')
129 def password_text(self):
130 return self.get_config_value('password text')
134 return self.get_config_value('FAS url')
137 def user_agent(self):
138 return self.get_config_value('FAS Proxy client user Agent')
142 return self.get_config_value('FAS Insecure Auth')
144 def get_tree(self, site):
145 self.fpc = FasProxyClient(base_url=self.fas_url,
146 useragent=self.user_agent,
147 insecure=(self.insecure == 'YES'))
148 self.page = FAS(site, self)
152 class Installer(object):
158 def install_args(self, group):
159 group.add_argument('--fas', choices=['yes', 'no'], default='no',
160 help='Configure FAS authentication')
162 def configure(self, opts):
163 if opts['fas'] != 'yes':
166 # Add configuration data to database
171 po.wipe_config_values(FACILITY)
173 # Update global config to add login plugin
176 globalconf = po.get_plugin_config(FACILITY)
177 if 'order' in globalconf:
178 order = globalconf['order'].split(',')
182 globalconf['order'] = ','.join(order)
183 po.set_config(globalconf)
184 po.save_plugin_config(FACILITY)