1 # Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
3 from __future__ import absolute_import
5 from ipsilon.providers.common import ProviderBase
6 from ipsilon.providers.openid.store import OpenIDStore
7 from ipsilon.providers.openid.auth import OpenID
8 from ipsilon.providers.openid.extensions.common import LoadExtensions
9 from ipsilon.util.plugin import PluginObject
10 from ipsilon.util import config as pconfig
11 from ipsilon.info.common import InfoMapping
13 from openid.server.server import Server
16 class IdpProvider(ProviderBase):
18 def __init__(self, *pargs):
19 super(IdpProvider, self).__init__('openid', 'openid', *pargs)
20 self.mapping = InfoMapping()
24 self.extensions = LoadExtensions()
25 self.description = """
26 Provides OpenID 2.0 authentication infrastructure. """
32 'Database URL for OpenID temp storage',
35 'default email domain',
36 'Used for users missing the email property.',
40 'The Absolute URL of the OpenID provider',
41 'http://localhost:8080/idp/openid/'),
43 'identity url template',
44 'The templated URL where identities are exposed.',
45 'http://localhost:8080/idp/openid/id/%(username)s'),
48 'List of trusted relying parties.'),
51 'List of untrusted relying parties.'),
54 'Choose the extensions to enable',
55 self.extensions.available().keys()),
59 def endpoint_url(self):
60 url = self.get_config_value('endpoint url')
67 def default_email_domain(self):
68 return self.get_config_value('default email domain')
71 def identity_url_template(self):
72 url = self.get_config_value('identity url template')
79 def trusted_roots(self):
80 return self.get_config_value('trusted roots')
83 def untrusted_roots(self):
84 return self.get_config_value('untrusted roots')
87 def enabled_extensions(self):
88 return self.get_config_value('enabled extensions')
90 def get_tree(self, site):
92 self.page = OpenID(site, self)
93 # self.admin = AdminPage(site, self)
99 OpenIDStore(self.get_config_value('database url')),
100 op_endpoint=self.endpoint_url)
102 # Expose OpenID presence in the root
103 headers = self._root.default_headers
104 headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
106 html_heads = self._root.html_heads
107 HEAD_LINK = '<link rel="%s" href="%s">'
108 openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
109 HEAD_LINK % ('openid.server', self.endpoint_url)]
110 html_heads['openid'] = openid_heads
113 super(IdpProvider, self).on_enable()
115 self.extensions.enable(self._config['enabled extensions'].get_value())
118 class Installer(object):
120 def __init__(self, *pargs):
122 self.ptype = 'provider'
125 def install_args(self, group):
126 group.add_argument('--openid', choices=['yes', 'no'], default='yes',
127 help='Configure OpenID Provider')
129 def configure(self, opts):
130 if opts['openid'] != 'yes':
134 if opts['secure'].lower() == 'no':
136 url = '%s://%s/%s/openid/' % (
137 proto, opts['hostname'], opts['instance'])
139 # Add configuration data to database
140 po = PluginObject(*self.pargs)
143 po.wipe_config_values()
144 config = {'endpoint url': url,
145 'identity_url_template': '%sid/%%(username)s' % url}
146 po.save_plugin_config(config)
148 # Update global config to add login plugin
150 po.save_enabled_state()