3 # Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
5 from __future__ import absolute_import
7 from ipsilon.providers.common import ProviderBase
8 from ipsilon.providers.common import FACILITY
9 from ipsilon.providers.openid.auth import OpenID
10 from ipsilon.providers.openid.extensions.common import LoadExtensions
11 from ipsilon.util.plugin import PluginObject
12 from ipsilon.util import config as pconfig
13 from ipsilon.info.common import InfoMapping
15 from openid.server.server import Server
16 # TODO: Move this to the database
17 from openid.store.memstore import MemoryStore
20 class IdpProvider(ProviderBase):
23 super(IdpProvider, self).__init__('openid', 'openid')
24 self.mapping = InfoMapping()
28 self.extensions = LoadExtensions()
29 print self.extensions.available()
30 print self.extensions.available().keys()
31 self.description = """
32 Provides OpenID 2.0 authentication infrastructure. """
37 'default email domain',
38 'Used for users missing the email property.',
42 'The Absolute URL of the OpenID provider',
43 'http://localhost:8080/idp/openid/'),
45 'identity url template',
46 'The templated URL where identities are exposed.',
47 'http://localhost:8080/idp/openid/id/%(username)s'),
50 'List of trusted relying parties.'),
53 'List of untrusted relying parties.'),
56 'Choose the extensions to enable',
57 self.extensions.available().keys()),
60 'Whether the OpenID IDP is enabled',
65 def endpoint_url(self):
66 url = self.get_config_value('endpoint url')
73 def default_email_domain(self):
74 return self.get_config_value('default email domain')
77 def identity_url_template(self):
78 url = self.get_config_value('identity url template')
85 def trusted_roots(self):
86 return self.get_config_value('trusted roots')
89 def untrusted_roots(self):
90 return self.get_config_value('untrusted roots')
93 def enabled_extensions(self):
94 return self.get_config_value('enabled extensions')
96 def get_tree(self, site):
98 self.page = OpenID(site, self)
99 # self.admin = AdminPage(site, self)
101 # Expose OpenID presence in the root
102 headers = site[FACILITY]['root'].default_headers
103 headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
105 html_heads = site[FACILITY]['root'].html_heads
106 HEAD_LINK = '<link rel="%s" href="%s">'
107 openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
108 HEAD_LINK % ('openid.server', self.endpoint_url)]
109 html_heads['openid'] = openid_heads
114 self.server = Server(MemoryStore(), op_endpoint=self.endpoint_url)
118 self.extensions.enable(self._config['enabled extensions'].get_value())
121 class Installer(object):
125 self.ptype = 'provider'
127 def install_args(self, group):
128 group.add_argument('--openid', choices=['yes', 'no'], default='yes',
129 help='Configure OpenID Provider')
131 def configure(self, opts):
132 if opts['openid'] != 'yes':
136 if opts['secure'].lower() == 'no':
138 url = '%s://%s/%s/openid/' % (
139 proto, opts['hostname'], opts['instance'])
141 # Add configuration data to database
146 po.wipe_config_values(FACILITY)
147 config = {'endpoint url': url,
148 'identity_url_template': '%sid/%%(username)s' % url,
150 po.save_plugin_config(FACILITY, config)