source: TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/authninterface/__init__.py @ 5791

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/authninterface/__init__.py@5791
Revision 5791, 6.3 KB checked in by pjkersha, 11 years ago (diff)

Updates and fix for new ndg3beta release:

  • Change Attribute Authority SAML interface issuer format to saml.saml2.core.Issuer.X509_SUBJECT as agreed with Luca for ESG. Updated unit tests.
  • Fix Attribute Authority clockSkew attribute initialisation - create as a deltatime not a float.
Line 
1"""WSGI Middleware components - OpenID package Authentication Interface
2plugins sub-package
3
4NERC DataGrid Project"""
5__author__ = "P J Kershaw"
6__date__ = "05/12/08"
7__copyright__ = "(C) 2009 Science and Technology Facilities Council"
8__license__ = "BSD - see LICENSE file in top-level directory"
9__contact__ = "Philip.Kershaw@stfc.ac.uk"
10__revision__ = '$Id$'
11import logging
12log = logging.getLogger(__name__)
13
14class AuthNInterfaceError(Exception):
15    """Base class for AbstractAuthNInterface exceptions
16   
17    A standard message is raised set by the msg class variable but the actual
18    exception details are logged to the error log.  The use of a standard
19    message enables callers to use its content for user error messages.
20   
21    @type msg: basestring
22    @cvar msg: standard message to be raised for this exception"""
23    userMsg = ("An internal error occurred during login,  Please contact your "
24               "system administrator")
25    errorMsg = "AuthNInterface error"
26   
27    def __init__(self, *arg, **kw):
28        if len(arg) > 0:
29            msg = arg[0]
30        else:
31            msg = self.__class__.errorMsg
32           
33        log.error(msg)
34        Exception.__init__(self, msg, **kw)
35       
36       
37class AuthNInterfaceInvalidCredentials(AuthNInterfaceError):
38    """User has provided incorrect username/password.  Raise from logon"""
39    userMsg = ("Invalid username / password provided.  Please try again.  If "
40               "the problem persists please contact your system "
41               "administrator")
42    errorMsg = "Invalid username/password provided"
43
44
45class AuthNInterfaceUsername2IdentifierMismatch(AuthNInterfaceError): 
46    """User has provided a username which doesn't match the identifier from
47    the OpenID URL that they provided.  DOESN'T apply to ID Select mode where
48    the user has given a generic URL for their OpenID Provider."""
49    userMsg = ("Invalid username for the OpenID entered.  Please ensure you "
50               "have the correct OpenID and username and try again.  If the "
51               "problem persists contact your system administrator")
52    errorMsg = "invalid username / OpenID identifier combination"
53   
54   
55class AuthNInterfaceRetrieveError(AuthNInterfaceError):
56    """Error with retrieval of information to authenticate user e.g. error with
57    database look-up.  Raise from logon"""
58    errorMsg = ("An error occurred retrieving information to check the login "
59                "credentials")
60
61
62class AuthNInterfaceInitError(AuthNInterfaceError):
63    """Error with initialisation of AuthNInterface.  Raise from __init__"""
64    errorMsg = "AuthNInterface initialisation error"
65   
66   
67class AuthNInterfaceConfigError(AuthNInterfaceError):
68    """Error with Authentication configuration.  Raise from __init__"""
69    errorMsg = "AuthNInterface configuration error"
70   
71   
72class AbstractAuthNInterface(object):
73    '''OpenID Provider abstract base class for authentication configuration.
74    Derive from this class to define the authentication interface for users
75    logging into the OpenID Provider'''
76   
77    def __init__(self, **prop):
78        """Make any initial settings
79       
80        Settings are held in a dictionary which can be set from **prop,
81        a call to setProperties() or by passing settings in an XML file
82        given by propFilePath
83       
84        @type **prop: dict
85        @param **prop: set properties via keywords
86        @raise AuthNInterfaceInitError: error with initialisation
87        @raise AuthNInterfaceConfigError: error with configuration
88        @raise AuthNInterfaceError: generic exception not described by the
89        other specific exception types.
90        """
91   
92    def logon(self, environ, identityURI, username, password):
93        """Interface login method
94       
95        @type environ: dict
96        @param environ: standard WSGI environ parameter
97       
98        @type identityURI: basestring
99        @param identityURI: user's identity URL e.g.
100        'https://joebloggs.somewhere.ac.uk/'
101       
102        @type username: basestring
103        @param username: user identifier for authentication
104       
105        @type password: basestring
106        @param password: corresponding password for username givens
107       
108        @raise AuthNInterfaceInvalidCredentials: invalid username/password
109        @raise AuthNInterfaceUsername2IdentifierMismatch: username doesn't
110        match the OpenID URL provided by the user.  (Doesn't apply to ID Select
111        type requests).
112        @raise AuthNInterfaceRetrieveError: error with retrieval of information
113        to authenticate user e.g. error with database look-up.
114        @raise AuthNInterfaceError: generic exception not described by the
115        other specific exception types.
116        """
117        raise NotImplementedError()
118   
119    def username2UserIdentifiers(self, environ, username):
120        """Map the login username to an identifier which will become the
121        unique path suffix to the user's OpenID identifier.  The
122        OpenIDProviderMiddleware takes self.urls['id_url']/
123        self.urls['id_yadis'] and adds it to this identifier:
124       
125            identifier = self._authN.username2UserIdentifiers(environ,
126                                                              username)
127            identityURL = self.createIdentityURI(self.urls['url_id'],
128                                                 identifier)
129       
130        @type environ: dict
131        @param environ: standard WSGI environ parameter
132
133        @type username: basestring
134        @param username: user identifier
135       
136        @rtype: tuple
137        @return: one or more identifiers to be used to make OpenID user
138        identity URL(s).
139       
140        @raise AuthNInterfaceConfigError: problem with the configuration
141        @raise AuthNInterfaceRetrieveError: error with retrieval of information
142        to identifier e.g. error with database look-up.
143        @raise AuthNInterfaceError: generic exception not described by the
144        other specific exception types.
145        """
146        raise NotImplementedError()
147
148    def logout(self, authNInterface):
149        """Stub to enable custom actions for logout.
150       
151        @type authNInterface: AbstractAuthNInterface derived type
152        @param authNInterface: authentication interface object.  See
153        AbstractAuthNInterface class for details
154        """
155        raise NotImplementedError()
Note: See TracBrowser for help on using the repository browser.