3 # Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
5 from __future__ import absolute_import
7 from ipsilon.providers.common import ProviderBase
8 from ipsilon.providers.common import FACILITY
9 from ipsilon.providers.openid.auth import OpenID
10 from ipsilon.providers.openid.extensions.common import LoadExtensions
11 from ipsilon.util.plugin import PluginObject
12 from ipsilon.info.common import InfoMapping
14 from openid.server.server import Server
15 # TODO: Move this to the database
16 from openid.store.memstore import MemoryStore
19 class IdpProvider(ProviderBase):
22 super(IdpProvider, self).__init__('openid', 'openid')
23 self.mapping = InfoMapping()
27 self.extensions = None
28 self.description = """
29 Provides OpenID 2.0 authentication infrastructure. """
32 'default email domain': [
33 """Default email domain, for users missing email property.""",
38 """The Absolute URL of the OpenID provider""",
40 'http://localhost:8080/idp/openid/'
42 'identity url template': [
43 """The templated URL where identities are exposed.""",
45 'http://localhost:8080/idp/openid/id/%(username)s'
48 """List of trusted relying parties.""",
53 """List of untrusted relying parties.""",
57 'enabled extensions': [
58 """List of enabled extensions""",
65 def endpoint_url(self):
66 url = self.get_config_value('endpoint url')
73 def default_email_domain(self):
74 return self.get_config_value('default email domain')
77 def identity_url_template(self):
78 url = self.get_config_value('identity url template')
85 def trusted_roots(self):
86 return self.get_config_value('trusted roots')
89 def untrusted_roots(self):
90 return self.get_config_value('untrusted roots')
93 def enabled_extensions(self):
94 return self.get_config_value('enabled extensions')
96 def get_tree(self, site):
98 self.page = OpenID(site, self)
99 # self.admin = AdminPage(site, self)
101 # Expose OpenID presence in the root
102 headers = site[FACILITY]['root'].default_headers
103 headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
105 html_heads = site[FACILITY]['root'].html_heads
106 HEAD_LINK = '<link rel="%s" href="%s">'
107 openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
108 HEAD_LINK % ('openid.server', self.endpoint_url)]
109 html_heads['openid'] = openid_heads
114 self.server = Server(MemoryStore(), op_endpoint=self.endpoint_url)
115 loader = LoadExtensions(self.enabled_extensions)
116 self.extensions = loader.get_extensions()
122 class Installer(object):
126 self.ptype = 'provider'
128 def install_args(self, group):
129 group.add_argument('--openid', choices=['yes', 'no'], default='yes',
130 help='Configure OpenID Provider')
132 def configure(self, opts):
133 if opts['openid'] != 'yes':
137 if opts['secure'].lower() == 'no':
139 url = '%s://%s/%s/openid/' % (
140 proto, opts['hostname'], opts['instance'])
142 # Add configuration data to database
147 po.wipe_config_values(FACILITY)
148 config = {'endpoint url': url,
149 'identity_url_template': '%sid/%%(username)s' % url,
151 po.save_plugin_config(FACILITY, config)