# Copyright (C) 2014 Ipsilon contributors, see COPYING file for license
-from ipsilon.login.common import LoginPageBase, LoginManagerBase
+from ipsilon.info.common import InfoMapping
+from ipsilon.login.common import LoginFormBase, LoginManagerBase
from ipsilon.login.common import FACILITY
from ipsilon.util.plugin import PluginObject
import cherrypy
from fedora.client import AuthError
-class FAS(LoginPageBase):
+try:
+ import openid_cla.cla as cla
+
+ CLA_GROUPS = {
+ 'cla_click': cla.CLA_URI_FEDORA_CLICK,
+ 'cla_dell': cla.CLA_URI_FEDORA_DELL,
+ 'cla_done': cla.CLA_URI_FEDORA_DONE,
+ 'cla_fedora': cla.CLA_URI_FEDORA_FEDORA,
+ 'cla_fpca': cla.CLA_URI_FEDORA_FPCA,
+ 'cla_ibm': cla.CLA_URI_FEDORA_IBM,
+ 'cla_intel': cla.CLA_URI_FEDORA_INTEL,
+ 'cla_redhat': cla.CLA_URI_FEDORA_REDHAT,
+ }
+except ImportError:
+ CLA_GROUPS = dict()
+
+fas_mapping = {
+ 'username': 'nickname',
+ 'telephone': 'phone',
+ 'country_code': 'country',
+ 'human_name': 'fullname',
+ 'email': 'email',
+ 'timezone': 'timezone',
+}
- def GET(self, *args, **kwargs):
- context = self.create_tmpl_context()
- # pylint: disable=star-args
- return self._template('login/fas.html', **context)
+
+class FAS(LoginFormBase):
+
+ def __init__(self, site, mgr, page):
+ super(FAS, self).__init__(site, mgr, page)
+ self.mapper = InfoMapping()
+ self.mapper.set_mapping(fas_mapping)
def POST(self, *args, **kwargs):
username = kwargs.get("login_name")
except Exception, e: # pylint: disable=broad-except
cherrypy.log.error("Unknown Error [%s]" % str(e))
if data and data.user:
- return self.lm.auth_successful(data.user['username'],
- userdata={'fas': data.user})
+ userdata = self.make_userdata(data.user)
+ return self.lm.auth_successful(self.trans,
+ data.user['username'],
+ userdata=userdata)
else:
error = "Authentication failed"
cherrypy.log.error(error)
error_username=not username
)
# pylint: disable=star-args
- return self._template('login/fas.html', **context)
-
- def root(self, *args, **kwargs):
- op = getattr(self, cherrypy.request.method, self.GET)
- if callable(op):
- return op(*args, **kwargs)
-
- def create_tmpl_context(self, **kwargs):
- next_url = None
- if self.lm.next_login is not None:
- next_url = self.lm.next_login.path
-
- context = {
- "title": 'Login',
- "action": '%s/login/fas' % self.basepath,
- "service_name": self.lm.service_name,
- "username_text": self.lm.username_text,
- "password_text": self.lm.password_text,
- "description": self.lm.help_text,
- "next_url": next_url,
- }
- context.update(kwargs)
- return context
+ return self._template(self.formtemplate, **context)
+
+ def make_userdata(self, fas_data):
+ userdata, fas_extra = self.mapper.map_attrs(fas_data)
+
+ # compute and store groups and cla groups
+ userdata['groups'] = []
+ userdata['extras'] = {'fas': fas_extra, 'cla': []}
+ for group in fas_data.get('approved_memberships', {}):
+ if 'name' not in group:
+ continue
+ if group.get('group_type') == 'cla':
+ if group['name'] in CLA_GROUPS:
+ userdata['extras']['cla'].append(CLA_GROUPS[group['name']])
+ else:
+ userdata['extras']['cla'].append(group['name'])
+ else:
+ userdata['groups'].append(group['name'])
+
+ return userdata
class LoginManager(LoginManagerBase):
super(LoginManager, self).__init__(*args, **kwargs)
self.name = 'fas'
self.path = 'fas'
+ self.service_name = 'fas'
self.page = None
self.fpc = None
self.description = """
Form based login Manager that uses the Fedora Authentication Server
"""
self._options = {
- 'service name': [
- """ The name of the PAM service used to authenticate. """,
- 'string',
- 'remote'
- ],
'help text': [
""" The text shown to guide the user at login time. """,
'string',
''
],
}
-
- @property
- def service_name(self):
- return self.get_config_value('service name')
+ self.conf_opt_order = ['FAS url', 'FAS Proxy client user Agent',
+ 'FAS Insecure Auth', 'username text',
+ 'password text', 'help text']
@property
def help_text(self):
self.fpc = FasProxyClient(base_url=self.fas_url,
useragent=self.user_agent,
insecure=(self.insecure == 'YES'))
- self.page = FAS(site, self)
+ self.page = FAS(site, self, 'login/fas')
return self.page
order = []
order.append('fas')
globalconf['order'] = ','.join(order)
- po.set_config(globalconf)
- po.save_plugin_config(FACILITY)
+ po.save_plugin_config(FACILITY, globalconf)