Changeset 4549

Timestamp:

05/12/08 16:38:20 (12 years ago)

Author:

pjkersha

Message:

OpenID Provider Authentication interface:

• started work on porting Buffet based RenderingInterface? from Pylons project into openid.provider.renderinginterface sub-package.

Location:

TI12-security/trunk/python

Files:

• ndg.security.server/ndg/security/server/wsgi/openid/provider/__init__.py (modified) (1 diff)
• ndg.security.server/ndg/security/server/wsgi/openid/provider/renderinginterface/buffet.py (moved) (moved from TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/renderinginterface/openid_provider_util.py) (11 diffs)
• ndg.security.test/ndg/security/test/combinedservices/services.ini (modified) (1 diff)

TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/__init__.py

@@ -1118 +1118 @@
         return []
     
+    
+class RenderingInterfaceError(Exception):
+    """Base class for RenderingInterface exceptions
+    
+    A standard message is raised set by the msg class variable but the actual
+    exception details are logged to the error log.  The use of a standard 
+    message enables callers to use its content for user error messages.
+    
+    @type msg: basestring
+    @cvar msg: standard message to be raised for this exception"""
+    userMsg = ("An internal error occurred with the page layout,  Please "
+               "contact your system administrator")
+    errorMsg = "RenderingInterface error"
+    
+    def __init__(self, *arg, **kw):
+        if len(arg) > 0:
+            msg = arg[0]
+        else:
+            msg = self.__class__.errorMsg
+            
+        log.error(msg)
+        Exception.__init__(self, msg, **kw)
+        
+class RenderingInterfaceInitError(RenderingInterfaceError):
+    """Error with initialisation of RenderingInterface.  Raise from __init__"""
+    errorMsg = "RenderingInterface initialisation error"
+    
+class RenderingInterfaceConfigError(RenderingInterfaceError):
+    """Error with Authentication configuration.  Raise from __init__"""
+    errorMsg = "RenderingInterface configuration error"    
     
 class RenderingInterface(object):

TI12-security/trunk/python/ndg.security.server/ndg/security/server/wsgi/openid/provider/renderinginterface/buffet.py

@@ -1 @@
-"""NDG Security OpenID Provider Pylons utilities
-
-Includes Pylons based rendering interface for OpenIDProviderMiddleware
+"""NDG Security Pylons Buffet based Rendering Interface for 
+OpenIDProviderMiddleware
 
 NERC Data Grid Project
@@ -16 +15 @@
 from pylons.templating import Buffet
 from pylons import config
-import ndg.security.server.sso.sso.lib.helpers as h
 import logging
 log = logging.getLogger(__name__)
+
+from ndg.security.server.wsgi.openid.provider import RenderingInterface, \
+    AuthNInterfaceConfigError
 
 # Boiler plate to create renderer
@@ -73 +74 @@
 from ndg.security.server.wsgi.openid.provider import RenderingInterface
 
-class OpenIDProviderKidRendering(RenderingInterface):
-    """Provide Kid Templating for OpenID Provider Middleware via Buffet
+class BuffetRendering(RenderingInterface):
+    """Provide Templating for OpenID Provider Middleware via Buffet
     class"""
-    
-    @staticmethod
-    def _render(templateName, **kw):
+
+    propNames = ('templateType', 'templateRoot')
+    def __init__(self, **prop):
+        try:
+            for p in prop:
+                setattr(self, p, prop[p])
+        except KeyError, e:
+            raise AuthNInterfaceConfigError("Missing property: %s" % e)   
+         
+        self._buffet = OpenIDProviderRenderingBuffet(self.templateType, 
+                                                template_root=templateRoot)
+        
+    def _render(self, templateName, **kw):
         '''Wrapper for Buffet.render'''
-        rendering = buffet.render(template_name=templateName, namespace=kw)
+        rendering = self._buffet.render(template_name=templateName, 
+                                        namespace=kw)
         return rendering
     
     def login(self, environ, start_response, success_to=None, fail_to=None, 
               msg=''):
-        """Set-up Kid template for OpenID Provider Login"""
+        """Set-up template for OpenID Provider Login"""
         c = State(urls=self.urls, session=self.session)
         c.title = "OpenID Login"
@@ -92 +104 @@
         c.xml = msg
         
-        response = OpenIDProviderKidRendering._render('ndg.security.login', 
-                                                      c=c, g=config, h=h)
+        response = BuffetRendering._render('ndg.security.login', 
+                                           c=c, g=config, h=h)
         start_response('200 OK', 
                        [('Content-type', 'text/html'+self.charset),
@@ -101 +113 @@
         
     def mainPage(self, environ, start_response):
-        """Set-up Kid template for OpenID Provider Login"""
+        """Set-up template for OpenID Provider Login"""
         c = State(urls=self.urls, session=self.session)
         c.title = "OpenID Provider"
@@ -107 +119 @@
                         self.urls['url_serveryadis']
     
-        response = OpenIDProviderKidRendering._render('ndg.security.mainPage', 
-                                                      c=c, g=config, h=h)
+        response = BuffetRendering._render('ndg.security.mainPage', 
+                                           c=c, g=config, h=h)
         start_response('200 OK', 
                        [('Content-type', 'text/html'+self.charset),
@@ -118 +130 @@
         path = environ['PATH_INFO'].rstrip('/')
         idPath = self.urls['url_id'].replace(self.base_url, '')
-        username = path[len(idPath)+1:]
-        if not username:
+        userIdentifier = path[len(idPath)+1:]
+        if not userIdentifier:
             h.redirect_to(self.urls['url_mainpage'])
             
@@ -129 +141 @@
               
         yadis_loc_tag = '<meta http-equiv="x-xrds-location" content="%s"/>' % \
-            (self.urls['url_yadis']+'/'+username)
+            (self.urls['url_yadis']+'/'+userIdentifier)
             
         c.headExtras = link_tag + yadis_loc_tag
@@ -135 +147 @@
         c.xml = "<b><pre>%s</pre></b>" % identityURL
         
-        response = OpenIDProviderKidRendering._render(
-                                                'ndg.security.identityPage', 
-                                                c=c, g=config, h=h)    
+        response = BuffetRendering._render('ndg.security.identityPage', 
+                                           c=c, g=config, h=h)    
         start_response("200 OK", 
                        [('Content-type', 'text/html'+self.charset),
@@ -152 +163 @@
         c.oidRequest = oidRequest
         
-        response=OpenIDProviderKidRendering._render('ndg.security.decidePage', 
-                                                    c=c, g=config, h=h)
+        response=BuffetRendering._render('ndg.security.decidePage', 
+                                         c=c, g=config, h=h)
         start_response("200 OK", 
                        [('Content-type', 'text/html'+self.charset),
@@ -167 +178 @@
                        [('Content-type', 'text/html'+self.charset),
                         ('Content-length', str(len(response)))])
-        response = OpenIDProviderKidRendering._render('ndg.security.error', 
-                                                      c=c, g=config, h=h)
+        response = BuffetRendering._render('ndg.security.error', 
+                                           c=c, g=config, h=h)
         return response
-    
-# Earth System Grid interoperability tests
-
-#esgAxAttr = {'urn:esg.security.gateway': 'BADC',
-#        'urn:esg.security.authority': 'group_IPCC_role_default',
-#        'http://axschema.org/namePerson/last': 'UserLastName',
-#        'http://axschema.org/contact/country/home': 'UK',
-#        'http://axschema.org/namePerson/middle': 'UserMiddleName',
-#        'urn:esg.security.uuid': '0123456789abcdef',
-#        'http://axschema.org/namePerson/first': 'UserFirstName',
-#        'http://axschema.org/namePerson/friendly': '',
-#        'http://axschema.org/contact/email': 'tester@test.com',
-#        'urn:esg.security.organization': 'British Atmospheric Data Centre',
-#}
-
-esgAxAttr = {
- 'http://openid.net/schema/contact/state/home': 'Oxfordshire', 
- 'http://openid.net/schema/namePerson/middle': 'George', 
- 'http://openid.net/schema/contact/city/home': 'Didcot', 
- 'http://openid.net/schema/person/guid': '0123456789abcdef', 
- 'http://openid.net/schema/namePerson/friendly': 'username', 
- 'http://openid.net/schema/company/name': 'The British Atmospheric Data Centre', 
- 'http://openid.net/schema/contact/country/home': 'UK', 
- 'http://openid.net/schema/namePerson/first': 'John', 
- 'http://openid.net/schema/namePerson/last': 'Smith', 
- 'http://openid.net/schema/contact/internet/email': 'testABC@rl.ac.uk',
- 'http://www.earthsystemgrid.org/authority': 'group_IPCC_role_default',
- 'http://www.earthsystemgrid.org/gateway': 'BADC',
-}
-esgAxAlias = {
- 'http://openid.net/schema/contact/state/home': 'state', 
- 'http://openid.net/schema/namePerson/middle': 'middlename', 
- 'http://openid.net/schema/contact/city/home': 'city', 
- 'http://openid.net/schema/person/guid': 'uuid', 
- 'http://openid.net/schema/namePerson/friendly': 'username', 
- 'http://openid.net/schema/company/name': 'organization', 
- 'http://openid.net/schema/contact/country/home': 'country', 
- 'http://openid.net/schema/namePerson/first': 'firstname', 
- 'http://openid.net/schema/namePerson/last': 'lastname', 
- 'http://openid.net/schema/contact/internet/email': 'email',
- 'http://www.earthsystemgrid.org/authority': 'authority',
- 'http://www.earthsystemgrid.org/gateway': 'gateway',
-              }
-
-esgSRegAttr = {
-    'nickname':'',
-    'email':'E-mail Address',
-    'country':'UK',
-    'language':'English',
-    'timezone':'BST',
-    }
-
-
-def esgSRegResponseHandler(username):
-    """Interface function to OpenIdProviderMiddleware to set custom attributes
-    """
-    attr = esgSRegAttr.copy()
-#    attr['username'] = username
-    attr['nickname'] = username
-    return attr
-
-def esgAXResponseHandler(axReq, axResp, username):  
-    """Respond to attributes requested by Relying Party via the Attribute
-    Exchange interface"""
-    attr = esgAxAttr.copy()
-    attr['http://openid.net/schema/namePerson/friendly'] = username
-    
-    for typeURI, attrInfo in axReq.requested_attributes.items():
-        # Value input must be list type
-        axResp.setValues(typeURI, [attr[typeURI]])

TI12-security/trunk/python/ndg.security.test/ndg/security/test/combinedservices/services.ini

@@ -326 +326 @@
 #openid.provider.consumer_store_dirpath=./
 openid.provider.trace=False
-#openid.provider.renderingClass=ndg.security.server.pylons.container.lib.openid_provider_util.OpenIDProviderKidRendering
-openid.provider.renderingClass=ndg.security.server.wsgi.openid.provider.DemoRenderingInterface
-openid.provider.sregResponseHandler=ndg.security.server.pylons.container.lib.openid_provider_util:esgSRegResponseHandler
-openid.provider.axResponseHandler=ndg.security.server.pylons.container.lib.openid_provider_util:esgAXResponseHandler
+openid.provider.renderingClass=ndg.security.server.wsgi.openid.provider.renderinginterface.buffet.BuffetRendering
+#openid.provider.renderingClass=ndg.security.server.wsgi.openid.provider.DemoRenderingInterface
+
+openid.provider.rendering.templateType = kid
+openid.provider.rendering.templateRoot = ndg.security.server.pylons.container.templates
+
+# Layout
+openid.provider.rendering.server = http://localhost:8000
+openid.provider.rendering.LeftLogo = %(server)s/layout/NERC_Logo.gif
+openid.provider.rendering.LeftAlt = Natural Environment Research Council
+openid.provider.rendering.ndgLink = http://ndg.nerc.ac.uk/
+openid.provider.rendering.ndgImage = %(server)s/layout/ndg_logo_circle.gif
+openid.provider.rendering.disclaimer = This site is for test purposes only and is under active development.
+openid.provider.rendering.stfcLink = http://ceda.stfc.ac.uk/
+openid.provider.rendering.stfcImage = %(server)s/layout/stfc-circle-sm.gif
+openid.provider.rendering.helpIcon = %(server)s/layout/icons/help.png
+
+
+#openid.provider.sregResponseHandler=ndg.security.server.pylons.container.lib.openid_provider_util:esgSRegResponseHandler
+#openid.provider.axResponseHandler=ndg.security.server.pylons.container.lib.openid_provider_util:esgAXResponseHandler
 
 # Basic Authentication interface to demonstrate capabilities