cascardo/ipsilon.git
5 years agoAdd server-install plugin configuration support
Simo Sorce [Fri, 14 Mar 2014 22:08:49 +0000 (18:08 -0400)]
Add server-install plugin configuration support

Automatically find plugins installed in the system and exposes their
installation and configuration functions through the installer.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFirst install script commit
Simo Sorce [Fri, 14 Mar 2014 20:55:29 +0000 (16:55 -0400)]
First install script commit

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix minor syntax issues in saml2 provider
Simo Sorce [Wed, 19 Mar 2014 21:08:51 +0000 (17:08 -0400)]
Fix minor syntax issues in saml2 provider

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoRemove unused import and fix syntax
Simo Sorce [Wed, 19 Mar 2014 21:05:04 +0000 (17:05 -0400)]
Remove unused import and fix syntax

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd sample spec file
Simo Sorce [Fri, 7 Mar 2014 21:13:53 +0000 (16:13 -0500)]
Add sample spec file

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix default and example paths
Simo Sorce [Thu, 13 Mar 2014 20:43:18 +0000 (16:43 -0400)]
Fix default and example paths

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix install of data files.
Simo Sorce [Fri, 7 Mar 2014 21:21:56 +0000 (16:21 -0500)]
Fix install of data files.

Move doc and examples under appropriate directory.
Crate data directry for templates and ui static files.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoBetter handling of configuration file
Simo Sorce [Thu, 13 Mar 2014 20:05:46 +0000 (16:05 -0400)]
Better handling of configuration file

allow to pass it on the command line or to look for it in well known
locations.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoImprove exceptions for saml2 providers
Simo Sorce [Mon, 3 Mar 2014 00:03:38 +0000 (19:03 -0500)]
Improve exceptions for saml2 providers

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd ability to strip domain/realm per provider
Simo Sorce [Sun, 2 Mar 2014 23:32:06 +0000 (18:32 -0500)]
Add ability to strip domain/realm per provider

This allows to return (hopefully) the same name whether the user
authenticated via ESSO or form based authentication.

Crude for now, may be augmented with some regex configuration in the future.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUnsplit checking functions
Simo Sorce [Sun, 2 Mar 2014 23:29:15 +0000 (18:29 -0500)]
Unsplit checking functions

Easier to deal with stuff if they are a single validation function.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd a way to return the email address of the user
Simo Sorce [Sun, 2 Mar 2014 23:09:27 +0000 (18:09 -0500)]
Add a way to return the email address of the user

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd way to return Kerberos nameid if available
Simo Sorce [Fri, 28 Feb 2014 21:16:25 +0000 (16:16 -0500)]
Add way to return Kerberos nameid if available

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd way to save user data after login
Simo Sorce [Sun, 2 Mar 2014 23:06:44 +0000 (18:06 -0500)]
Add way to save user data after login

The login manager that successfully authenticated the user can now
pass data to be stored in the user facility of the session.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoCreate a user facility in the session
Simo Sorce [Sun, 2 Mar 2014 22:59:14 +0000 (17:59 -0500)]
Create a user facility in the session

This way all identification data about the user can be managed in
a single place and be erased/replaced at login time.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoCheck the NameID policy during authentication
Simo Sorce [Thu, 27 Feb 2014 02:50:33 +0000 (21:50 -0500)]
Check the NameID policy during authentication

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd Service Provider class
Simo Sorce [Wed, 26 Feb 2014 23:42:09 +0000 (18:42 -0500)]
Add Service Provider class

This class allows to represent a service provider and its associated policy

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd authentication exception support
Simo Sorce [Tue, 25 Feb 2014 02:43:12 +0000 (21:43 -0500)]
Add authentication exception support

This also add code to return an error code to the SP.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoInitial SAML2 provider
Simo Sorce [Sun, 23 Feb 2014 23:41:13 +0000 (18:41 -0500)]
Initial SAML2 provider

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd way to tell if the session is anonymous
Simo Sorce [Sun, 23 Feb 2014 23:35:59 +0000 (18:35 -0500)]
Add way to tell if the session is anonymous

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd provider plugins loader
Simo Sorce [Fri, 24 Jan 2014 19:41:11 +0000 (14:41 -0500)]
Add provider plugins loader

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUse cherrypy handlers to render error pages
Simo Sorce [Mon, 24 Feb 2014 23:34:17 +0000 (18:34 -0500)]
Use cherrypy handlers to render error pages

Replaces custom code to render 401 Unauthorized page as well as
adds 400 and 500 handlers

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoBetter session management at login
Simo Sorce [Sun, 23 Feb 2014 23:39:35 +0000 (18:39 -0500)]
Better session management at login

Save data bout the prformed authentication
Do not destroy the whole session at login, providers may need to store
data before the user is authenticate and retrieve it later if
authentication ws successful.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoImprove handing of session data
Simo Sorce [Sun, 23 Feb 2014 23:36:40 +0000 (18:36 -0500)]
Improve handing of session data

Add functions to store data in an organized way so that multiple plugins
can store data w/o stomping on each other.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd _debug facility to the Page class
Simo Sorce [Tue, 25 Feb 2014 00:58:10 +0000 (19:58 -0500)]
Add _debug facility to the Page class

Use this instead of th misleading "_log" name. These really are just
debugging statements not normal logging.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoMove default template arguments to its own function
Simo Sorce [Tue, 18 Feb 2014 20:08:12 +0000 (15:08 -0500)]
Move default template arguments to its own function

This way it is clearer what the defaults are, plus subclasses can
override the defaults if they so choose.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoLog available login managers
Simo Sorce [Tue, 18 Feb 2014 06:51:03 +0000 (01:51 -0500)]
Log available login managers

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix master-admin template upper left corner href
Simo Sorce [Tue, 18 Feb 2014 20:17:35 +0000 (15:17 -0500)]
Fix master-admin template upper left corner href

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd initial design document
Simo Sorce [Wed, 22 Jan 2014 23:34:59 +0000 (18:34 -0500)]
Add initial design document

For now, very high level direction of the project and intended high level
architecture.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoApply patternfly to administration pages
Petr Vobornik [Tue, 11 Feb 2014 16:36:37 +0000 (17:36 +0100)]
Apply patternfly to administration pages

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoInitialize plugins in order defined in DB
Petr Vobornik [Mon, 27 Jan 2014 17:10:20 +0000 (18:10 +0100)]
Initialize plugins in order defined in DB

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoKrb page
Petr Vobornik [Mon, 27 Jan 2014 17:09:30 +0000 (18:09 +0100)]
Krb page

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoPAM page
Petr Vobornik [Tue, 28 Jan 2014 12:10:19 +0000 (13:10 +0100)]
PAM page

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoLogin root page
Petr Vobornik [Tue, 28 Jan 2014 12:10:06 +0000 (13:10 +0100)]
Login root page

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoUnauthorized page
Petr Vobornik [Mon, 27 Jan 2014 17:07:33 +0000 (18:07 +0100)]
Unauthorized page

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoRoot pages
Petr Vobornik [Tue, 28 Jan 2014 12:09:54 +0000 (13:09 +0100)]
Root pages

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoMaster template
Petr Vobornik [Mon, 27 Jan 2014 17:01:40 +0000 (18:01 +0100)]
Master template

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd images
Petr Vobornik [Fri, 24 Jan 2014 15:48:06 +0000 (16:48 +0100)]
Add images

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoRemove old CSS
Petr Vobornik [Mon, 27 Jan 2014 17:16:28 +0000 (18:16 +0100)]
Remove old CSS

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoRegenerate CSS
Petr Vobornik [Mon, 27 Jan 2014 17:16:06 +0000 (18:16 +0100)]
Regenerate CSS

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoMake CSS from LESS
Petr Vobornik [Mon, 27 Jan 2014 17:14:41 +0000 (18:14 +0100)]
Make CSS from LESS

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd own styles
Petr Vobornik [Mon, 27 Jan 2014 17:15:50 +0000 (18:15 +0100)]
Add own styles

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd 3rd party Javascript libraries
Petr Vobornik [Tue, 11 Feb 2014 16:32:14 +0000 (17:32 +0100)]
Add 3rd party Javascript libraries

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd PatternFly files
Petr Vobornik [Mon, 27 Jan 2014 17:15:31 +0000 (18:15 +0100)]
Add PatternFly files

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd Boostrap files
Petr Vobornik [Mon, 27 Jan 2014 17:15:12 +0000 (18:15 +0100)]
Add Boostrap files

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd help text to be shown on form based login page
Simo Sorce [Mon, 27 Jan 2014 21:25:12 +0000 (16:25 -0500)]
Add help text to be shown on form based login page

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd infrastructure to configure server
Simo Sorce [Fri, 24 Jan 2014 19:20:42 +0000 (14:20 -0500)]
Add infrastructure to configure server

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd sample apache configuration
Simo Sorce [Wed, 22 Jan 2014 16:40:57 +0000 (11:40 -0500)]
Add sample apache configuration

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd Kerberos Negotiate auth plugin
Simo Sorce [Mon, 20 Jan 2014 21:14:52 +0000 (16:14 -0500)]
Add Kerberos Negotiate auth plugin

This plugin depends on the proper configuration of mod_auth_kerb

The mod_auth_kerb plugin should be configured with a <Location> directive
like the folowing:

<Location /idp/login/krb/negotiate>
  AuthType Kerberos
  AuthName "Kerberos Login"
  KrbMethodNegotiate on
  KrbMethodK5Passwd off
  KrbServiceName HTTP
  KrbAuthRealms $REALM_NAME
  Krb5KeyTab $KEYTAB_NAME
  KrbSaveCredentials off
  KrbConstrainedDelegation off
  Require valid-user

  ErrorDocument 401 /idp/login/krb/unauthorized
</Location>

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd sample pam based login plugin
Simo Sorce [Fri, 20 Dec 2013 04:33:41 +0000 (23:33 -0500)]
Add sample pam based login plugin

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoImplement login plugin infrastructure
Simo Sorce [Fri, 24 Jan 2014 19:26:15 +0000 (14:26 -0500)]
Implement login plugin infrastructure

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoBetter infrastructure to load plugins
Simo Sorce [Fri, 24 Jan 2014 22:01:35 +0000 (17:01 -0500)]
Better infrastructure to load plugins

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUse pep8 check
Petr Vobornik [Thu, 23 Jan 2014 17:11:26 +0000 (18:11 +0100)]
Use pep8 check

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUse pylint check
Petr Vobornik [Thu, 23 Jan 2014 14:51:20 +0000 (15:51 +0100)]
Use pylint check

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoFix Imports
Simo Sorce [Fri, 24 Jan 2014 20:57:28 +0000 (15:57 -0500)]
Fix Imports

Based on patches by Petr Voborni

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd missing packages
Petr Vobornik [Thu, 23 Jan 2014 17:12:06 +0000 (18:12 +0100)]
Add missing packages

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoRename the main executable to idpserver.py
Simo Sorce [Fri, 24 Jan 2014 20:44:04 +0000 (15:44 -0500)]
Rename the main executable to idpserver.py

Based on a patch from Petr Voborni

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix __init__.py filename
Petr Vobornik [Thu, 23 Jan 2014 13:58:45 +0000 (14:58 +0100)]
Fix __init__.py filename

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoRename src package to ipsilon
Simo Sorce [Fri, 24 Jan 2014 20:32:21 +0000 (15:32 -0500)]
Rename src package to ipsilon

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoAdd build to .gitignore
Petr Vobornik [Fri, 24 Jan 2014 16:14:52 +0000 (17:14 +0100)]
Add build to .gitignore

Signed-off-by: Petr Vobornik <pvoborni@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
5 years agoMove template and user retrieval to page class
Simo Sorce [Thu, 19 Dec 2013 03:44:25 +0000 (22:44 -0500)]
Move template and user retrieval to page class

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd page class handler
Simo Sorce [Sat, 14 Dec 2013 02:56:52 +0000 (21:56 -0500)]
Add page class handler

This also adds support for sessions and a somewhat custom page
dispatcher.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoInitial user preferences infrastructure
Simo Sorce [Thu, 12 Dec 2013 19:21:41 +0000 (14:21 -0500)]
Initial user preferences infrastructure

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix global and app configs
Simo Sorce [Thu, 12 Dec 2013 20:03:17 +0000 (15:03 -0500)]
Fix global and app configs

Do not overwrite config settings
- the update() method replaces the global config, we just want to merge
  new directives normally

Provide default app settings for quick development
- allow ui/ to be served as static files when run in standalone mode

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoFix settings
Simo Sorce [Thu, 12 Dec 2013 19:24:01 +0000 (14:24 -0500)]
Fix settings

Fix logging to use right name and value
Make all option relative to the base of the tree.

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd doc and examples to setup.py
Simo Sorce [Wed, 11 Dec 2013 21:06:18 +0000 (16:06 -0500)]
Add doc and examples to setup.py

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoUse jinja2 as the templating system
Simo Sorce [Thu, 5 Dec 2013 03:42:09 +0000 (22:42 -0500)]
Use jinja2 as the templating system

Add flashy css to indicate this is development stuff

5 years agoAdd Admin preferences system
Simo Sorce [Wed, 4 Dec 2013 20:24:10 +0000 (15:24 -0500)]
Add Admin preferences system

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd example configuration
Simo Sorce [Wed, 4 Dec 2013 04:20:57 +0000 (23:20 -0500)]
Add example configuration

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoAdd plugins loader
Simo Sorce [Tue, 3 Dec 2013 21:49:24 +0000 (16:49 -0500)]
Add plugins loader

Signed-off-by: Simo Sorce <simo@redhat.com>
5 years agoInitial module
Simo Sorce [Tue, 3 Dec 2013 17:47:05 +0000 (12:47 -0500)]
Initial module

Signed-off-by: Simo Sorce <simo@redhat.com>