3 # Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
5 from __future__ import absolute_import
7 from ipsilon.providers.common import ProviderBase
8 from ipsilon.providers.openid.auth import OpenID
9 from ipsilon.providers.openid.extensions.common import LoadExtensions
10 from ipsilon.util.plugin import PluginObject
11 from ipsilon.util import config as pconfig
12 from ipsilon.info.common import InfoMapping
14 from openid.server.server import Server
15 # TODO: Move this to the database
16 from openid.store.memstore import MemoryStore
19 class IdpProvider(ProviderBase):
21 def __init__(self, *pargs):
22 super(IdpProvider, self).__init__('openid', 'openid', *pargs)
23 self.mapping = InfoMapping()
27 self.extensions = LoadExtensions()
28 print self.extensions.available()
29 print self.extensions.available().keys()
30 self.description = """
31 Provides OpenID 2.0 authentication infrastructure. """
36 'default email domain',
37 'Used for users missing the email property.',
41 'The Absolute URL of the OpenID provider',
42 'http://localhost:8080/idp/openid/'),
44 'identity url template',
45 'The templated URL where identities are exposed.',
46 'http://localhost:8080/idp/openid/id/%(username)s'),
49 'List of trusted relying parties.'),
52 'List of untrusted relying parties.'),
55 'Choose the extensions to enable',
56 self.extensions.available().keys()),
60 def endpoint_url(self):
61 url = self.get_config_value('endpoint url')
68 def default_email_domain(self):
69 return self.get_config_value('default email domain')
72 def identity_url_template(self):
73 url = self.get_config_value('identity url template')
80 def trusted_roots(self):
81 return self.get_config_value('trusted roots')
84 def untrusted_roots(self):
85 return self.get_config_value('untrusted roots')
88 def enabled_extensions(self):
89 return self.get_config_value('enabled extensions')
91 def get_tree(self, site):
93 self.page = OpenID(site, self)
94 # self.admin = AdminPage(site, self)
96 # Expose OpenID presence in the root
97 headers = self._root.default_headers
98 headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
100 html_heads = self._root.html_heads
101 HEAD_LINK = '<link rel="%s" href="%s">'
102 openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
103 HEAD_LINK % ('openid.server', self.endpoint_url)]
104 html_heads['openid'] = openid_heads
109 self.server = Server(MemoryStore(), op_endpoint=self.endpoint_url)
112 super(IdpProvider, self).on_enable()
114 self.extensions.enable(self._config['enabled extensions'].get_value())
117 class Installer(object):
119 def __init__(self, *pargs):
121 self.ptype = 'provider'
124 def install_args(self, group):
125 group.add_argument('--openid', choices=['yes', 'no'], default='yes',
126 help='Configure OpenID Provider')
128 def configure(self, opts):
129 if opts['openid'] != 'yes':
133 if opts['secure'].lower() == 'no':
135 url = '%s://%s/%s/openid/' % (
136 proto, opts['hostname'], opts['instance'])
138 # Add configuration data to database
139 po = PluginObject(*self.pargs)
142 po.wipe_config_values()
143 config = {'endpoint url': url,
144 'identity_url_template': '%sid/%%(username)s' % url}
145 po.save_plugin_config(config)
147 # Update global config to add login plugin
149 po.save_enabled_state()