-#!/usr/bin/python
-#
-# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
+# Copyright (C) 2014 Ipsilon project Contributors, for license see COPYING
from __future__ import absolute_import
-from ipsilon.providers.common import ProviderBase
+from ipsilon.providers.common import ProviderBase, ProviderInstaller
+from ipsilon.providers.openid.store import OpenIDStore
from ipsilon.providers.openid.auth import OpenID
from ipsilon.providers.openid.extensions.common import LoadExtensions
from ipsilon.util.plugin import PluginObject
from ipsilon.info.common import InfoMapping
from openid.server.server import Server
-# TODO: Move this to the database
-from openid.store.memstore import MemoryStore
class IdpProvider(ProviderBase):
self.server = None
self.basepath = None
self.extensions = LoadExtensions()
- print self.extensions.available()
- print self.extensions.available().keys()
self.description = """
Provides OpenID 2.0 authentication infrastructure. """
self.new_config(
self.name,
+ pconfig.String(
+ 'database url',
+ 'Database URL for OpenID temp storage',
+ 'openid.sqlite'),
pconfig.String(
'default email domain',
'Used for users missing the email property.',
'enabled extensions',
'Choose the extensions to enable',
self.extensions.available().keys()),
+ pconfig.MappingList(
+ 'default attribute mapping',
+ 'Defines how to map attributes before calling extensions',
+ [['*', '*']]),
+ pconfig.ComplexList(
+ 'default allowed attributes',
+ 'Defines a list of allowed attributes, applied after mapping',
+ ['*']),
)
@property
def enabled_extensions(self):
return self.get_config_value('enabled extensions')
+ @property
+ def default_attribute_mapping(self):
+ return self.get_config_value('default attribute mapping')
+
+ @property
+ def default_allowed_attributes(self):
+ return self.get_config_value('default allowed attributes')
+
def get_tree(self, site):
self.init_idp()
self.page = OpenID(site, self)
# self.admin = AdminPage(site, self)
+ return self.page
+
+ def init_idp(self):
+ self.server = Server(
+ OpenIDStore(self.get_config_value('database url')),
+ op_endpoint=self.endpoint_url)
+
# Expose OpenID presence in the root
headers = self._root.default_headers
headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
HEAD_LINK % ('openid.server', self.endpoint_url)]
html_heads['openid'] = openid_heads
- return self.page
-
- def init_idp(self):
- self.server = Server(MemoryStore(), op_endpoint=self.endpoint_url)
-
def on_enable(self):
super(IdpProvider, self).on_enable()
self.init_idp()
self.extensions.enable(self._config['enabled extensions'].get_value())
-class Installer(object):
+class Installer(ProviderInstaller):
def __init__(self, *pargs):
+ super(Installer, self).__init__()
self.name = 'openid'
- self.ptype = 'provider'
self.pargs = pargs
def install_args(self, group):
group.add_argument('--openid', choices=['yes', 'no'], default='yes',
help='Configure OpenID Provider')
+ group.add_argument('--openid-dburi',
+ help='OpenID database URI')
+ group.add_argument('--openid-extensions', default='',
+ help='List of OpenID Extensions to enable')
- def configure(self, opts):
+ def configure(self, opts, changes):
if opts['openid'] != 'yes':
return
po.wipe_data()
po.wipe_config_values()
config = {'endpoint url': url,
- 'identity_url_template': '%sid/%%(username)s' % url}
+ 'identity url template': '%sid/%%(username)s' % url,
+ 'database url': opts['openid_dburi'] or
+ opts['database_url'] % {
+ 'datadir': opts['data_dir'], 'dbname': 'openid'},
+ 'enabled extensions': opts['openid_extensions']}
po.save_plugin_config(config)
# Update global config to add login plugin
projects / cascardo / ipsilon.git / blobdiff