1 # Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
3 from __future__ import absolute_import
5 from ipsilon.providers.common import ProviderBase
6 from ipsilon.providers.openid.store import OpenIDStore
7 from ipsilon.providers.openid.auth import OpenID
8 from ipsilon.providers.openid.extensions.common import LoadExtensions
9 from ipsilon.util.plugin import PluginObject
10 from ipsilon.util import config as pconfig
11 from ipsilon.info.common import InfoMapping
13 from openid.server.server import Server
16 class IdpProvider(ProviderBase):
18 def __init__(self, *pargs):
19 super(IdpProvider, self).__init__('openid', 'openid', *pargs)
20 self.mapping = InfoMapping()
24 self.extensions = LoadExtensions()
25 print self.extensions.available()
26 print self.extensions.available().keys()
27 self.description = """
28 Provides OpenID 2.0 authentication infrastructure. """
34 'Database URL for OpenID temp storage',
37 'default email domain',
38 'Used for users missing the email property.',
42 'The Absolute URL of the OpenID provider',
43 'http://localhost:8080/idp/openid/'),
45 'identity url template',
46 'The templated URL where identities are exposed.',
47 'http://localhost:8080/idp/openid/id/%(username)s'),
50 'List of trusted relying parties.'),
53 'List of untrusted relying parties.'),
56 'Choose the extensions to enable',
57 self.extensions.available().keys()),
61 def endpoint_url(self):
62 url = self.get_config_value('endpoint url')
69 def default_email_domain(self):
70 return self.get_config_value('default email domain')
73 def identity_url_template(self):
74 url = self.get_config_value('identity url template')
81 def trusted_roots(self):
82 return self.get_config_value('trusted roots')
85 def untrusted_roots(self):
86 return self.get_config_value('untrusted roots')
89 def enabled_extensions(self):
90 return self.get_config_value('enabled extensions')
92 def get_tree(self, site):
94 self.page = OpenID(site, self)
95 # self.admin = AdminPage(site, self)
100 self.server = Server(
101 OpenIDStore(self.get_config_value('database url')),
102 op_endpoint=self.endpoint_url)
104 # Expose OpenID presence in the root
105 headers = self._root.default_headers
106 headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
108 html_heads = self._root.html_heads
109 HEAD_LINK = '<link rel="%s" href="%s">'
110 openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
111 HEAD_LINK % ('openid.server', self.endpoint_url)]
112 html_heads['openid'] = openid_heads
115 super(IdpProvider, self).on_enable()
117 self.extensions.enable(self._config['enabled extensions'].get_value())
120 class Installer(object):
122 def __init__(self, *pargs):
124 self.ptype = 'provider'
127 def install_args(self, group):
128 group.add_argument('--openid', choices=['yes', 'no'], default='yes',
129 help='Configure OpenID Provider')
131 def configure(self, opts):
132 if opts['openid'] != 'yes':
136 if opts['secure'].lower() == 'no':
138 url = '%s://%s/%s/openid/' % (
139 proto, opts['hostname'], opts['instance'])
141 # Add configuration data to database
142 po = PluginObject(*self.pargs)
145 po.wipe_config_values()
146 config = {'endpoint url': url,
147 'identity_url_template': '%sid/%%(username)s' % url}
148 po.save_plugin_config(config)
150 # Update global config to add login plugin
152 po.save_enabled_state()