-#!/usr/bin/python
-#
-# Copyright (C) 2014 Ipsilon contributors, see COPYING file for license
+# Copyright (C) 2014 Ipsilon project Contributors, for license see COPYING
-
-from ipsilon.info.common import InfoMapping
-from ipsilon.login.common import LoginFormBase, LoginManagerBase
-from ipsilon.login.common import FACILITY
+from ipsilon.login.common import LoginFormBase, LoginManagerBase, \
+ LoginManagerInstaller
from ipsilon.util.plugin import PluginObject
+from ipsilon.util.policy import Policy
+from ipsilon.util import config as pconfig
import cherrypy
+import logging
from fedora.client.fasproxy import FasProxyClient
from fedora.client import AuthError
except ImportError:
CLA_GROUPS = dict()
-fas_mapping = {
- 'username': 'nickname',
- 'telephone': 'phone',
- 'country_code': 'country',
- 'human_name': 'fullname',
- 'email': 'email',
- 'timezone': 'timezone',
-}
+fas_mapping = [
+ ['username', 'nickname'],
+ ['telephone', 'phone'],
+ ['country_code', 'country'],
+ ['human_name', 'fullname'],
+ ['email', 'email'],
+ ['timezone', 'timezone'],
+]
class FAS(LoginFormBase):
def __init__(self, site, mgr, page):
super(FAS, self).__init__(site, mgr, page)
- self.mapper = InfoMapping()
- self.mapper.set_mapping(fas_mapping)
+ self.mapper = Policy(fas_mapping)
def POST(self, *args, **kwargs):
username = kwargs.get("login_name")
try:
_, data = self.lm.fpc.login(username, password)
except AuthError, e:
- cherrypy.log.error("Authentication error [%s]" % str(e))
+ cherrypy.log.error("Authentication error [%s]" % str(e),
+ severity=logging.ERROR)
except Exception, e: # pylint: disable=broad-except
- cherrypy.log.error("Unknown Error [%s]" % str(e))
+ cherrypy.log.error("Unknown Error [%s]" % str(e),
+ severity=logging.ERROR)
+
if data and data.user:
userdata = self.make_userdata(data.user)
return self.lm.auth_successful(self.trans,
userdata=userdata)
else:
error = "Authentication failed"
- cherrypy.log.error(error)
+ cherrypy.log.error(error, severity=logging.ERROR)
else:
error = "Username or password is missing"
- cherrypy.log.error("Error: " + error)
+ cherrypy.log.error("Error: " + error, severity=logging.ERROR)
context = self.create_tmpl_context(
username=username,
error_password=not password,
error_username=not username
)
- # pylint: disable=star-args
+ self.lm.set_auth_error()
return self._template(self.formtemplate, **context)
def make_userdata(self, fas_data):
- userdata, fas_extra = self.mapper.map_attrs(fas_data)
+ userdata, fas_extra = self.mapper.map_attributes(fas_data)
# compute and store groups and cla groups
- userdata['groups'] = []
- userdata['extras'] = {'fas': fas_extra, 'cla': []}
+ userdata['_groups'] = []
+ userdata['_extras'] = {'fas': fas_extra, 'cla': []}
for group in fas_data.get('approved_memberships', {}):
if 'name' not in group:
continue
if group.get('group_type') == 'cla':
if group['name'] in CLA_GROUPS:
- userdata['extras']['cla'].append(CLA_GROUPS[group['name']])
+ group_name = CLA_GROUPS[group['name']]
else:
- userdata['extras']['cla'].append(group['name'])
+ group_name = group['name']
+ userdata['_extras']['cla'].append(group_name)
else:
- userdata['groups'].append(group['name'])
+ userdata['_groups'].append(group['name'])
return userdata
self.description = """
Form based login Manager that uses the Fedora Authentication Server
"""
- self._options = {
- 'help text': [
- """ The text shown to guide the user at login time. """,
- 'string',
- 'Login wth your FAS credentials'
- ],
- 'username text': [
- """ The text shown to ask for the username in the form. """,
- 'string',
- 'FAS Username'
- ],
- 'password text': [
- """ The text shown to ask for the password in the form. """,
- 'string',
- 'Password'
- ],
- 'FAS url': [
- """ The FAS Url. """,
- 'string',
- 'https://admin.fedoraproject.org/accounts/'
- ],
- 'FAS Proxy client user Agent': [
- """ The User Agent presented to the FAS Server. """,
- 'string',
- 'Ipsilon v1.0'
- ],
- 'FAS Insecure Auth': [
- """ If 'YES' skips FAS server cert verification. """,
- 'string',
- ''
- ],
- }
- self.conf_opt_order = ['FAS url', 'FAS Proxy client user Agent',
- 'FAS Insecure Auth', 'username text',
- 'password text', 'help text']
+ self.new_config(
+ self.name,
+ pconfig.String(
+ 'FAS url',
+ 'The FAS Url.',
+ 'https://admin.fedoraproject.org/accounts/'),
+ pconfig.String(
+ 'FAS Proxy client user Agent',
+ 'The User Agent presented to the FAS Server.',
+ 'Ipsilon v1.0'),
+ pconfig.Condition(
+ 'FAS Insecure Auth',
+ 'If checked skips FAS server cert verification.',
+ False),
+ pconfig.String(
+ 'username text',
+ 'Text used to ask for the username at login time.',
+ 'FAS Username'),
+ pconfig.String(
+ 'password text',
+ 'Text used to ask for the password at login time.',
+ 'Password'),
+ pconfig.String(
+ 'help text',
+ 'Text used to guide the user at login time.',
+ 'Login with your FAS credentials')
+ )
@property
def help_text(self):
return self.page
-class Installer(object):
+class Installer(LoginManagerInstaller):
- def __init__(self):
+ def __init__(self, *pargs):
+ super(Installer, self).__init__()
self.name = 'fas'
- self.ptype = 'login'
+ self.pargs = pargs
def install_args(self, group):
group.add_argument('--fas', choices=['yes', 'no'], default='no',
help='Configure FAS authentication')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['fas'] != 'yes':
return
# Add configuration data to database
- po = PluginObject()
+ po = PluginObject(*self.pargs)
po.name = 'fas'
po.wipe_data()
-
- po.wipe_config_values(FACILITY)
+ po.wipe_config_values()
# Update global config to add login plugin
- po = PluginObject()
- po.name = 'global'
- globalconf = po.get_plugin_config(FACILITY)
- if 'order' in globalconf:
- order = globalconf['order'].split(',')
- else:
- order = []
- order.append('fas')
- globalconf['order'] = ','.join(order)
- po.set_config(globalconf)
- po.save_plugin_config(FACILITY)
+ po.is_enabled = True
+ po.save_enabled_state()
projects / cascardo / ipsilon.git / blobdiff