3 # Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
5 from __future__ import absolute_import
7 from ipsilon.providers.common import ProviderBase
8 from ipsilon.providers.common import FACILITY
9 from ipsilon.providers.openid.auth import OpenID
10 from ipsilon.providers.openid.extensions.common import LoadExtensions
11 from ipsilon.util.plugin import PluginObject
13 from openid.server.server import Server
14 # TODO: Move this to the database
15 from openid.store.memstore import MemoryStore
18 class IdpProvider(ProviderBase):
21 super(IdpProvider, self).__init__('openid', 'openid')
25 self.extensions = None
26 self.description = """
27 Provides OpenID 2.0 authentication infrastructure. """
30 'default email domain': [
31 """Default email domain, for users missing email property.""",
36 """The Absolute URL of the OpenID provider""",
38 'http://localhost:8080/idp/openid/'
40 'identity url template': [
41 """The templated URL where identities are exposed.""",
43 'http://localhost:8080/idp/openid/id/%(username)s'
46 """List of trusted relying parties.""",
51 """List of untrusted relying parties.""",
55 'enabled extensions': [
56 """List of enabled extensions""",
63 def endpoint_url(self):
64 url = self.get_config_value('endpoint url')
71 def default_email_domain(self):
72 return self.get_config_value('default email domain')
75 def identity_url_template(self):
76 url = self.get_config_value('identity url template')
83 def trusted_roots(self):
84 return self.get_config_value('trusted roots')
87 def untrusted_roots(self):
88 return self.get_config_value('untrusted roots')
91 def enabled_extensions(self):
92 return self.get_config_value('enabled extensions')
94 def get_tree(self, site):
96 self.page = OpenID(site, self)
97 # self.admin = AdminPage(site, self)
99 # Expose OpenID presence in the root
100 headers = site[FACILITY]['root'].default_headers
101 headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
103 html_heads = site[FACILITY]['root'].html_heads
104 HEAD_LINK = '<link rel="%s" href="%s">'
105 openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
106 HEAD_LINK % ('openid.server', self.endpoint_url)]
107 html_heads['openid'] = openid_heads
112 self.server = Server(MemoryStore(), op_endpoint=self.endpoint_url)
113 loader = LoadExtensions(self.enabled_extensions)
114 self.extensions = loader.get_extensions()
120 class Installer(object):
124 self.ptype = 'provider'
126 def install_args(self, group):
127 group.add_argument('--openid', choices=['yes', 'no'], default='yes',
128 help='Configure OpenID Provider')
130 def configure(self, opts):
131 if opts['openid'] != 'yes':
135 if opts['secure'].lower() == 'no':
137 url = '%s://%s/%s/openid/' % (
138 proto, opts['hostname'], opts['instance'])
140 # Add configuration data to database
145 po.wipe_config_values(FACILITY)
146 config = {'endpoint url': url,
147 'identity_url_template': '%sid/%%(username)s' % url,
149 po.set_config(config)
150 po.save_plugin_config(FACILITY)