source: TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/attributeauthority.py @ 6686

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/attributeauthority.py@6686
Revision 6686, 6.8 KB checked in by pjkersha, 10 years ago (diff)

Refactoring Attribute Authority to remove NDG Attribute Certificate and role mapping code.

Line 
1"""WSGI Middleware to set an Attribute Authority instance in tyhe WSGI environ
2
3NERC DataGrid Project
4"""
5__author__ = "P J Kershaw"
6__date__ = "19/08/09"
7__copyright__ = "(C) 2009 Science and Technology Facilities Council"
8__contact__ = "Philip.Kershaw@stfc.ac.uk"
9__license__ = "BSD - see LICENSE file in top-level directory"
10__revision__ = "$Id: $"
11import logging
12log = logging.getLogger(__name__)
13import os
14
15from ndg.security.server.attributeauthority import AttributeAuthority
16from ndg.security.server.wsgi import NDGSecurityMiddlewareBase
17
18
19class AttributeAuthorityMiddleware(NDGSecurityMiddlewareBase):
20    '''WSGI to add an NDG Security Attribute Authority in the environ.  This
21    enables multiple WSGI filters to access the same underlying Attribute
22    Authority instance e.g. provide SAML SOAP and WSDL SOAP based interfaces
23    to the same Attribute Authority
24    '''
25    DEFAULT_KEYNAME = 'ndg.security.server.wsgi.attributeauthority'
26    ENVIRON_KEYNAME_CFG_OPTNAME = 'environKeyName'
27   
28    DEFAULT_ATTR_QUERY_IFACE_KEYNAME = \
29        'ndg.security.server.wsgi.attributeauthority.attributeQuery'
30    ENVIRON_KEYNAME_ATTR_QUERY_IFACE_CFG_OPT_NAME = \
31        'environKeyNameAttributeQueryInterface'
32       
33    def __init__(self, app):
34        '''Set-up an Attribute Authority instance
35        '''
36        # Stop in debugger at beginning of SOAP stub if environment variable
37        # is set
38        self.__debug = bool(os.environ.get('NDGSEC_INT_DEBUG'))
39        if self.__debug:
40            import pdb
41            pdb.set_trace()
42       
43        self._app = app
44        self.__aa = None
45        self.__attributeQuery = None
46        self.__keyName = None
47        self.__attributeQueryKeyName = None
48
49    def initialise(self, global_conf, prefix='attributeauthority.',
50                   **app_conf):
51        """Set-up Attribute authority middleware using a Paste app factory
52        pattern.  Overloaded base class method to enable custom settings from
53        app_conf
54       
55        @type app: callable following WSGI interface
56        @param app: next middleware application in the chain     
57        @type global_conf: dict       
58        @param global_conf: PasteDeploy global configuration dictionary
59        @type prefix: basestring
60        @param prefix: prefix for configuration items
61        @type app_conf: dict       
62        @param app_conf: PasteDeploy application specific configuration
63        dictionary
64        """
65        # Set key name for attribute authority set in environ
66        environKeyOptName = prefix + \
67                    AttributeAuthorityMiddleware.ENVIRON_KEYNAME_CFG_OPTNAME
68                   
69        self.keyName = app_conf.pop(environKeyOptName,
70                                AttributeAuthorityMiddleware.DEFAULT_KEYNAME)
71
72        attrQueryIfaceEnvironKeyOptName = prefix + \
73            AttributeAuthorityMiddleware.\
74            ENVIRON_KEYNAME_ATTR_QUERY_IFACE_CFG_OPT_NAME
75           
76        self.attributeQueryKeyName = app_conf.pop(
77            attrQueryIfaceEnvironKeyOptName,
78            AttributeAuthorityMiddleware.DEFAULT_ATTR_QUERY_IFACE_KEYNAME)
79       
80        self.aa = AttributeAuthority.fromProperties(propPrefix=prefix,
81                                                    **app_conf)
82        self.attributeQuery = self.aa.samlAttributeQueryFactory()
83
84    @classmethod
85    def filter_app_factory(cls, app, global_conf, **app_conf):
86        '''Wrapper to enable instantiation compatible with Paste Deploy
87        filter application factory function signature
88       
89        @type app: callable following WSGI interface
90        @param app: next middleware application in the chain     
91        @type global_conf: dict       
92        @param global_conf: PasteDeploy global configuration dictionary
93        @type prefix: basestring
94        @param prefix: prefix for configuration items
95        @type app_conf: dict       
96        @param app_conf: PasteDeploy application specific configuration
97        dictionary
98        '''
99        app = AttributeAuthorityMiddleware(app)
100        app.initialise(global_conf, **app_conf)
101       
102        return app
103   
104    def __call__(self, environ, start_response):
105        '''Set the Attribute Authority instantiated at initialisation in
106        environ
107       
108        @type environ: dict
109        @param environ: WSGI environment variables dictionary
110        @type start_response: function
111        @param start_response: standard WSGI start response function
112        @rtype: iterable
113        @return: next application in the WSGI stack
114        '''
115        environ[self.keyName] = self.aa
116        environ[self.attributeQueryKeyName] = self.attributeQuery
117        return self._app(environ, start_response)
118   
119    def _get_aa(self):
120        return self.__aa
121   
122    def _set_aa(self, val):
123        if not isinstance(val, AttributeAuthority):
124            raise TypeError('Expecting %r for "aa" attribute; got %r' %
125                            (AttributeAuthority, type(val)))
126        self.__aa = val
127           
128    aa = property(fget=_get_aa,
129                  fset=_set_aa,
130                  doc="Attribute Authority instance")
131
132    def _getKeyName(self):
133        return self.__keyName
134
135    def _setKeyName(self, val):
136        if not isinstance(val, basestring):
137            raise TypeError('Expecting %r for "keyName" attribute; got %r' %
138                            (basestring, type(val)))
139        self.__keyName = val
140       
141    keyName = property(fget=_getKeyName, 
142                       fset=_setKeyName, 
143                       doc="Key name used to index Attribute Authority in "
144                           "environ dictionary")
145
146    def _get_attributeQueryKeyName(self):
147        return self.__attributeQueryKeyName
148
149    def _set_attributeQueryKeyName(self, val):
150        if not isinstance(val, basestring):
151            raise TypeError('Expecting %r for "attributeQueryKeyName" '
152                            'attribute; got %r' % (basestring, type(val)))
153        self.__attributeQueryKeyName = val
154       
155    attributeQueryKeyName = property(fget=_get_attributeQueryKeyName, 
156                                     fset=_set_attributeQueryKeyName, 
157                                     doc="Key name used to index Attribute "
158                                         "Authority SAML attribute query "
159                                         "function in environ dictionary")
160   
161    def _get_attributeQuery(self):
162        return self.__attributeQuery
163
164    def _set_attributeQuery(self, val):
165        if not callable(val):
166            raise TypeError('Expecting a callable for "attributeQuery" '
167                            'attribute; got %r' % type(val))
168        self.__attributeQuery = val
169       
170    attributeQuery = property(fget=_get_attributeQuery, 
171                              fset=_set_attributeQuery, 
172                              doc="Attribute Authority SAML attribute query "
173                                  "function")
Note: See TracBrowser for help on using the repository browser.