Lines 389-397
class QueueRequest(object):
|
Link Here
|
---|
|
389 |
|
389 |
|
390 |
class User(object): |
390 |
class User(object): |
391 |
|
391 |
|
392 |
def __init__(self, sessionid, username, saml=None): |
392 |
def __init__(self, sessionid, username, password, saml=None): |
393 |
self.sessionid = sessionid |
393 |
self.sessionid = sessionid |
394 |
self.username = username |
394 |
self.username = username |
|
|
395 |
self.password = password |
395 |
self.saml = saml |
396 |
self.saml = saml |
396 |
|
397 |
|
397 |
def get_client(self): |
398 |
def get_client(self): |
Lines 674-683
class Ressource(object):
|
Link Here
|
---|
|
674 |
if morsel: |
675 |
if morsel: |
675 |
return morsel.value |
676 |
return morsel.value |
676 |
|
677 |
|
677 |
def set_session(self, sessionid, username, saml=None): |
678 |
def set_session(self, sessionid, username, password=None, saml=None): |
678 |
olduser = self.get_user() |
679 |
olduser = self.get_user() |
679 |
|
680 |
|
680 |
user = User(sessionid, username, saml or olduser and olduser.saml) |
681 |
user = User(sessionid, username, password, saml or olduser and olduser.saml) |
681 |
|
682 |
|
682 |
self.sessions[sessionid] = user |
683 |
self.sessions[sessionid] = user |
683 |
self.set_cookies(('UMCSessionId', sessionid), ('UMCUsername', username)) |
684 |
self.set_cookies(('UMCSessionId', sessionid), ('UMCUsername', username)) |
Lines 690-701
class Ressource(object):
|
Link Here
|
---|
|
690 |
UMCP_Dispatcher.cleanup_session(sessionid) |
691 |
UMCP_Dispatcher.cleanup_session(sessionid) |
691 |
self.set_cookies(('UMCSessionId', ''), expires=datetime.datetime.fromtimestamp(0)) |
692 |
self.set_cookies(('UMCSessionId', ''), expires=datetime.datetime.fromtimestamp(0)) |
692 |
|
693 |
|
693 |
def get_user(self): |
694 |
def get_user(self, force=False): |
694 |
value = self.get_session_id() |
695 |
value = self.get_session_id() |
695 |
if not value or value not in self.sessions: |
696 |
if not value or value not in self.sessions: |
696 |
return |
697 |
return |
697 |
user = self.sessions[value] |
698 |
user = self.sessions[value] |
698 |
if user.time_remaining <= 0: |
699 |
if not force and user.time_remaining <= 0: |
699 |
return |
700 |
return |
700 |
return user |
701 |
return user |
701 |
|
702 |
|
Lines 776-781
class CPgeneric(Ressource):
|
Link Here
|
---|
|
776 |
self.set_accept_language(request) |
777 |
self.set_accept_language(request) |
777 |
|
778 |
|
778 |
response_queue = Queue.Queue() |
779 |
response_queue = Queue.Queue() |
|
|
780 |
user = self.get_user(True) |
781 |
if user and user.password and not UMCP_Dispatcher.sessions.get(sessionid): |
782 |
auth = Request('AUTH') |
783 |
auth.body = {'username': user.username, 'password': user.password} |
784 |
auth_response = Queue.Queue() |
785 |
UMCP_Dispatcher._queue_send.put(QueueRequest(sessionid, request, auth_response, get_ip_address(), self.session_validity)) |
786 |
auth_response.get() |
779 |
queue_request = QueueRequest(sessionid, request, response_queue, get_ip_address(), self.session_validity) |
787 |
queue_request = QueueRequest(sessionid, request, response_queue, get_ip_address(), self.session_validity) |
780 |
UMCP_Dispatcher._queue_send.put(queue_request) |
788 |
UMCP_Dispatcher._queue_send.put(queue_request) |
781 |
|
789 |
|
Lines 1026-1032
class CPAuth(CPgeneric):
|
Link Here
|
---|
|
1026 |
if response.mimetype == 'application/json': |
1034 |
if response.mimetype == 'application/json': |
1027 |
username = response.body.get('username', username) |
1035 |
username = response.body.get('username', username) |
1028 |
body = json.dumps(response.body) |
1036 |
body = json.dumps(response.body) |
1029 |
self.set_session(sessionid, username) |
1037 |
self.set_session(sessionid, username, password=req.body.get('password')) |
1030 |
return body |
1038 |
return body |
1031 |
|
1039 |
|
1032 |
def basic(self): |
1040 |
def basic(self): |
Lines 1147-1153
class SAML(Ressource):
|
Link Here
|
---|
|
1147 |
def attribute_consuming_service(self, binding, message, relay_state): |
1155 |
def attribute_consuming_service(self, binding, message, relay_state): |
1148 |
response = self.acs(message, binding) |
1156 |
response = self.acs(message, binding) |
1149 |
saml = SAMLUser(response, message) |
1157 |
saml = SAMLUser(response, message) |
1150 |
self.set_session(self.create_sessionid(), saml.username, saml) |
1158 |
self.set_session(self.create_sessionid(), saml.username, saml=saml) |
1151 |
raise HTTPRedirect('/univention/auth/sso') |
1159 |
raise HTTPRedirect('/univention/auth/sso') |
1152 |
|
1160 |
|
1153 |
def attribute_consuming_service_iframe(self, binding, message, relay_state): |
1161 |
def attribute_consuming_service_iframe(self, binding, message, relay_state): |
Lines 1163-1169
class SAML(Ressource):
|
Link Here
|
---|
|
1163 |
} |
1171 |
} |
1164 |
sessionid = self.create_sessionid() |
1172 |
sessionid = self.create_sessionid() |
1165 |
auth_response = cherrypy.request.app.root.auth._auth_request(req, sessionid) |
1173 |
auth_response = cherrypy.request.app.root.auth._auth_request(req, sessionid) |
1166 |
self.set_session(sessionid, saml.username, saml) |
1174 |
self.set_session(sessionid, saml.username, saml=saml) |
1167 |
cherrypy.response.headers['Content-Type'] = 'text/html' |
1175 |
cherrypy.response.headers['Content-Type'] = 'text/html' |
1168 |
return '<html><body><textarea>%s</textarea></body></html>' % (auth_response,) |
1176 |
return '<html><body><textarea>%s</textarea></body></html>' % (auth_response,) |
1169 |
|
1177 |
|