|
Lines 389-397
class QueueRequest(object):
|
Link Here
|
|---|
|
|---|
| 389 |
|
389 |
|
| 390 |
class User(object): |
390 |
class User(object): |
| 391 |
|
391 |
|
| 392 |
def __init__(self, sessionid, username, saml=None): |
392 |
def __init__(self, sessionid, username, password, saml=None): |
| 393 |
self.sessionid = sessionid |
393 |
self.sessionid = sessionid |
| 394 |
self.username = username |
394 |
self.username = username |
|
|
395 |
self.password = password |
| 395 |
self.saml = saml |
396 |
self.saml = saml |
| 396 |
|
397 |
|
| 397 |
def get_client(self): |
398 |
def get_client(self): |
|
Lines 674-683
class Ressource(object):
|
Link Here
|
|---|
|
|---|
| 674 |
if morsel: |
675 |
if morsel: |
| 675 |
return morsel.value |
676 |
return morsel.value |
| 676 |
|
677 |
|
| 677 |
def set_session(self, sessionid, username, saml=None): |
678 |
def set_session(self, sessionid, username, password=None, saml=None): |
| 678 |
olduser = self.get_user() |
679 |
olduser = self.get_user() |
| 679 |
|
680 |
|
| 680 |
user = User(sessionid, username, saml or olduser and olduser.saml) |
681 |
user = User(sessionid, username, password, saml or olduser and olduser.saml) |
| 681 |
|
682 |
|
| 682 |
self.sessions[sessionid] = user |
683 |
self.sessions[sessionid] = user |
| 683 |
self.set_cookies(('UMCSessionId', sessionid), ('UMCUsername', username)) |
684 |
self.set_cookies(('UMCSessionId', sessionid), ('UMCUsername', username)) |
|
Lines 690-701
class Ressource(object):
|
Link Here
|
|---|
|
|---|
| 690 |
UMCP_Dispatcher.cleanup_session(sessionid) |
691 |
UMCP_Dispatcher.cleanup_session(sessionid) |
| 691 |
self.set_cookies(('UMCSessionId', ''), expires=datetime.datetime.fromtimestamp(0)) |
692 |
self.set_cookies(('UMCSessionId', ''), expires=datetime.datetime.fromtimestamp(0)) |
| 692 |
|
693 |
|
| 693 |
def get_user(self): |
694 |
def get_user(self, force=False): |
| 694 |
value = self.get_session_id() |
695 |
value = self.get_session_id() |
| 695 |
if not value or value not in self.sessions: |
696 |
if not value or value not in self.sessions: |
| 696 |
return |
697 |
return |
| 697 |
user = self.sessions[value] |
698 |
user = self.sessions[value] |
| 698 |
if user.time_remaining <= 0: |
699 |
if not force and user.time_remaining <= 0: |
| 699 |
return |
700 |
return |
| 700 |
return user |
701 |
return user |
| 701 |
|
702 |
|
|
Lines 776-781
class CPgeneric(Ressource):
|
Link Here
|
|---|
|
|---|
| 776 |
self.set_accept_language(request) |
777 |
self.set_accept_language(request) |
| 777 |
|
778 |
|
| 778 |
response_queue = Queue.Queue() |
779 |
response_queue = Queue.Queue() |
|
|
780 |
user = self.get_user(True) |
| 781 |
if user and user.password and not UMCP_Dispatcher.sessions.get(sessionid): |
| 782 |
auth = Request('AUTH') |
| 783 |
auth.body = {'username': user.username, 'password': user.password} |
| 784 |
auth_response = Queue.Queue() |
| 785 |
UMCP_Dispatcher._queue_send.put(QueueRequest(sessionid, request, auth_response, get_ip_address(), self.session_validity)) |
| 786 |
auth_response.get() |
| 779 |
queue_request = QueueRequest(sessionid, request, response_queue, get_ip_address(), self.session_validity) |
787 |
queue_request = QueueRequest(sessionid, request, response_queue, get_ip_address(), self.session_validity) |
| 780 |
UMCP_Dispatcher._queue_send.put(queue_request) |
788 |
UMCP_Dispatcher._queue_send.put(queue_request) |
| 781 |
|
789 |
|
|
Lines 1026-1032
class CPAuth(CPgeneric):
|
Link Here
|
|---|
|
|---|
| 1026 |
if response.mimetype == 'application/json': |
1034 |
if response.mimetype == 'application/json': |
| 1027 |
username = response.body.get('username', username) |
1035 |
username = response.body.get('username', username) |
| 1028 |
body = json.dumps(response.body) |
1036 |
body = json.dumps(response.body) |
| 1029 |
self.set_session(sessionid, username) |
1037 |
self.set_session(sessionid, username, password=req.body.get('password')) |
| 1030 |
return body |
1038 |
return body |
| 1031 |
|
1039 |
|
| 1032 |
def basic(self): |
1040 |
def basic(self): |
|
Lines 1147-1153
class SAML(Ressource):
|
Link Here
|
|---|
|
|---|
| 1147 |
def attribute_consuming_service(self, binding, message, relay_state): |
1155 |
def attribute_consuming_service(self, binding, message, relay_state): |
| 1148 |
response = self.acs(message, binding) |
1156 |
response = self.acs(message, binding) |
| 1149 |
saml = SAMLUser(response, message) |
1157 |
saml = SAMLUser(response, message) |
| 1150 |
self.set_session(self.create_sessionid(), saml.username, saml) |
1158 |
self.set_session(self.create_sessionid(), saml.username, saml=saml) |
| 1151 |
raise HTTPRedirect('/univention/auth/sso') |
1159 |
raise HTTPRedirect('/univention/auth/sso') |
| 1152 |
|
1160 |
|
| 1153 |
def attribute_consuming_service_iframe(self, binding, message, relay_state): |
1161 |
def attribute_consuming_service_iframe(self, binding, message, relay_state): |
|
Lines 1163-1169
class SAML(Ressource):
|
Link Here
|
|---|
|
|---|
| 1163 |
} |
1171 |
} |
| 1164 |
sessionid = self.create_sessionid() |
1172 |
sessionid = self.create_sessionid() |
| 1165 |
auth_response = cherrypy.request.app.root.auth._auth_request(req, sessionid) |
1173 |
auth_response = cherrypy.request.app.root.auth._auth_request(req, sessionid) |
| 1166 |
self.set_session(sessionid, saml.username, saml) |
1174 |
self.set_session(sessionid, saml.username, saml=saml) |
| 1167 |
cherrypy.response.headers['Content-Type'] = 'text/html' |
1175 |
cherrypy.response.headers['Content-Type'] = 'text/html' |
| 1168 |
return '<html><body><textarea>%s</textarea></body></html>' % (auth_response,) |
1176 |
return '<html><body><textarea>%s</textarea></body></html>' % (auth_response,) |
| 1169 |
|
1177 |
|