source: TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/authninterface/__init__.py @ 5786

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/authninterface/__init__.py@5786
Revision 5786, 6.3 KB checked in by pjkersha, 10 years ago (diff)

Updated OpenID AX (Attribute Exchange) interface. Attributes passed over this interface are now stored in the authentication session at the Relying Party.

Line 
1"""WSGI Middleware components - OpenID package Authentication Interface
2plugins sub-package
3
4NERC DataGrid Project"""
5__author__ = "P J Kershaw"
6__date__ = "05/12/08"
7__copyright__ = "(C) 2009 Science and Technology Facilities Council"
8__license__ = "BSD - see LICENSE file in top-level directory"
9__contact__ = "Philip.Kershaw@stfc.ac.uk"
10__revision__ = '$Id$'
11
12class AuthNInterfaceError(Exception):
13    """Base class for AbstractAuthNInterface exceptions
14   
15    A standard message is raised set by the msg class variable but the actual
16    exception details are logged to the error log.  The use of a standard
17    message enables callers to use its content for user error messages.
18   
19    @type msg: basestring
20    @cvar msg: standard message to be raised for this exception"""
21    userMsg = ("An internal error occurred during login,  Please contact your "
22               "system administrator")
23    errorMsg = "AuthNInterface error"
24   
25    def __init__(self, *arg, **kw):
26        if len(arg) > 0:
27            msg = arg[0]
28        else:
29            msg = self.__class__.errorMsg
30           
31        log.error(msg)
32        Exception.__init__(self, msg, **kw)
33       
34       
35class AuthNInterfaceInvalidCredentials(AuthNInterfaceError):
36    """User has provided incorrect username/password.  Raise from logon"""
37    userMsg = ("Invalid username / password provided.  Please try again.  If "
38               "the problem persists please contact your system "
39               "administrator")
40    errorMsg = "Invalid username/password provided"
41
42
43class AuthNInterfaceUsername2IdentifierMismatch(AuthNInterfaceError): 
44    """User has provided a username which doesn't match the identifier from
45    the OpenID URL that they provided.  DOESN'T apply to ID Select mode where
46    the user has given a generic URL for their OpenID Provider."""
47    userMsg = ("Invalid username for the OpenID entered.  Please ensure you "
48               "have the correct OpenID and username and try again.  If the "
49               "problem persists contact your system administrator")
50    errorMsg = "invalid username / OpenID identifier combination"
51   
52   
53class AuthNInterfaceRetrieveError(AuthNInterfaceError):
54    """Error with retrieval of information to authenticate user e.g. error with
55    database look-up.  Raise from logon"""
56    errorMsg = ("An error occurred retrieving information to check the login "
57                "credentials")
58
59
60class AuthNInterfaceInitError(AuthNInterfaceError):
61    """Error with initialisation of AuthNInterface.  Raise from __init__"""
62    errorMsg = "AuthNInterface initialisation error"
63   
64   
65class AuthNInterfaceConfigError(AuthNInterfaceError):
66    """Error with Authentication configuration.  Raise from __init__"""
67    errorMsg = "AuthNInterface configuration error"
68   
69   
70class AbstractAuthNInterface(object):
71    '''OpenID Provider abstract base class for authentication configuration.
72    Derive from this class to define the authentication interface for users
73    logging into the OpenID Provider'''
74   
75    def __init__(self, **prop):
76        """Make any initial settings
77       
78        Settings are held in a dictionary which can be set from **prop,
79        a call to setProperties() or by passing settings in an XML file
80        given by propFilePath
81       
82        @type **prop: dict
83        @param **prop: set properties via keywords
84        @raise AuthNInterfaceInitError: error with initialisation
85        @raise AuthNInterfaceConfigError: error with configuration
86        @raise AuthNInterfaceError: generic exception not described by the
87        other specific exception types.
88        """
89   
90    def logon(self, environ, identityURI, username, password):
91        """Interface login method
92       
93        @type environ: dict
94        @param environ: standard WSGI environ parameter
95       
96        @type identityURI: basestring
97        @param identityURI: user's identity URL e.g.
98        'https://joebloggs.somewhere.ac.uk/'
99       
100        @type username: basestring
101        @param username: user identifier for authentication
102       
103        @type password: basestring
104        @param password: corresponding password for username givens
105       
106        @raise AuthNInterfaceInvalidCredentials: invalid username/password
107        @raise AuthNInterfaceUsername2IdentifierMismatch: username doesn't
108        match the OpenID URL provided by the user.  (Doesn't apply to ID Select
109        type requests).
110        @raise AuthNInterfaceRetrieveError: error with retrieval of information
111        to authenticate user e.g. error with database look-up.
112        @raise AuthNInterfaceError: generic exception not described by the
113        other specific exception types.
114        """
115        raise NotImplementedError()
116   
117    def username2UserIdentifiers(self, environ, username):
118        """Map the login username to an identifier which will become the
119        unique path suffix to the user's OpenID identifier.  The
120        OpenIDProviderMiddleware takes self.urls['id_url']/
121        self.urls['id_yadis'] and adds it to this identifier:
122       
123            identifier = self._authN.username2UserIdentifiers(environ,
124                                                              username)
125            identityURL = self.createIdentityURI(self.urls['url_id'],
126                                                 identifier)
127       
128        @type environ: dict
129        @param environ: standard WSGI environ parameter
130
131        @type username: basestring
132        @param username: user identifier
133       
134        @rtype: tuple
135        @return: one or more identifiers to be used to make OpenID user
136        identity URL(s).
137       
138        @raise AuthNInterfaceConfigError: problem with the configuration
139        @raise AuthNInterfaceRetrieveError: error with retrieval of information
140        to identifier e.g. error with database look-up.
141        @raise AuthNInterfaceError: generic exception not described by the
142        other specific exception types.
143        """
144        raise NotImplementedError()
145
146    def logout(self, authNInterface):
147        """Stub to enable custom actions for logout.
148       
149        @type authNInterface: AbstractAuthNInterface derived type
150        @param authNInterface: authentication interface object.  See
151        AbstractAuthNInterface class for details
152        """
153        raise NotImplementedError()
Note: See TracBrowser for help on using the repository browser.