Changeset 6246
- Timestamp:
- 04/01/10 11:22:32 (11 years ago)
- Location:
- TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/authn.py
r6245 r6246 536 536 if SessionHandlerMiddleware.USERNAME_SESSION_KEYNAME not in session\ 537 537 and SessionHandlerMiddleware.USERNAME_ENVIRON_KEYNAME in environ: 538 log.debug("SessionHandlerMiddleware : updating session "538 log.debug("SessionHandlerMiddleware.__call__: updating session " 539 539 "username=%s", environ[ 540 540 SessionHandlerMiddleware.USERNAME_ENVIRON_KEYNAME]) … … 548 548 SessionHandlerMiddleware.USERDATA_ENVIRON_KEYNAME, '') 549 549 if remoteUserData: 550 log.debug("SessionHandlerMiddleware: found REMOTE_USER_DATA=" 551 "%s, set from OpenID Relying Party signin", 550 log.debug("SessionHandlerMiddleware.__call__: found " 551 "REMOTE_USER_DATA=%s, set from OpenID Relying Party " 552 "signin", 552 553 environ[ 553 SessionHandlerMiddleware.USERDATA_ENVIRON_KEYNAME]) 554 SessionHandlerMiddleware.USERDATA_ENVIRON_KEYNAME 555 ]) 554 556 555 557 # eval is safe here because AuthKit cookie is signed and … … 570 572 ] = SessionHandlerMiddleware._parseOpenIdAX(ax) 571 573 572 log.debug("SessionHandlerMiddleware : updated session"573 " with OpenID AX values: %r" %574 log.debug("SessionHandlerMiddleware.__call__: updated " 575 "session with OpenID AX values: %r" % 574 576 session[ 575 577 SessionHandlerMiddleware.AX_SESSION_KEYNAME … … 590 592 session.save() 591 593 592 log.debug("SessionHandlerMiddleware: updated session " 594 log.debug("SessionHandlerMiddleware.__call__: updated " 595 "session " 593 596 "with sessionManagerURI=%s and " 594 597 "sessionId=%s", … … 601 604 setUser( 602 605 session[SessionHandlerMiddleware.USERNAME_SESSION_KEYNAME]) 606 else: 607 log.debug("SessionHandlerMiddleware.__call__: REMOTE_USER_DATA " 608 "is not set") 603 609 604 610 _start_response = start_response -
TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/__init__.py
r6244 r6246 83 83 84 84 # Place here to avoid circular import error with IdentityMapping class 85 from ndg.security.server.wsgi.openid.provider.authninterface import \86 AbstractAuthNInterface, AuthNInterfaceError 87 from ndg.security.server.wsgi.openid.provider.axinterface import AXInterface,\88 MissingRequiredAttrs, AXInterfaceReloginRequired 85 from ndg.security.server.wsgi.openid.provider.authninterface import ( 86 AbstractAuthNInterface, AuthNInterfaceError) 87 from ndg.security.server.wsgi.openid.provider.axinterface import (AXInterface, 88 MissingRequiredAttrs, AXInterfaceReloginRequired) 89 89 90 90 … … 95 95 doesn't apply to attributes that are optional""" 96 96 97 97 98 class OpenIDProviderReloginRequired(AXInterfaceReloginRequired): 98 99 pass … … 103 104 class OpenIDProviderMiddlewareError(Exception): 104 105 """OpenID Provider WSGI Middleware Error""" 106 105 107 106 108 class OpenIDProviderConfigError(OpenIDProviderMiddlewareError): … … 670 672 671 673 # Check for POST'ed user explicit setting of AX parameters 672 userAXSettings = [] 673 for fieldName in self.query: 674 if fieldName.startswith('ax.'): 675 userAXSettings.append(self.query[fieldName]) 676 677 if userAXSettings: 678 # Get all the content namespaced as AX type 679 axArgs = self.oidResponse.fields.getArgs(ax.AXMessage.ns_uri) 680 681 # Add to access object for convenient access based on type URI 682 axFetchResponse = ax.FetchResponse() 683 axFetchResponse.parseExtensionArgs(axArgs) 684 for i in axFetchResponse.data.keys(): 685 if i not in userAXSettings: 686 del axFetchResponse.data[i] 674 self._applyUserAXSelections() 687 675 688 676 return self._displayResponse(self.oidResponse) … … 704 692 'administrator.', 705 693 code=400) 706 694 695 def _applyUserAXSelections(self): 696 """Helper for do_allow method - process the query response checking 697 user Attribute Exchange settings deleting optional attributes if the 698 user has deselected them from the decide interface. All mandatory 699 attributes will be returned regardless if the user submitted and called 700 do_allow() 701 """ 702 703 # Process decide page AX POST'ed items 704 userAXSettings = {} 705 for fieldName in self.query: 706 if fieldName.startswith('ax.'): 707 alias = fieldName.rsplit('ax.', 1)[-1] 708 userAXSettings[alias] = self.query[fieldName] 709 710 # Apply user selections to the response 711 if userAXSettings: 712 # Get all the content namespaced as AX type 713 axArgs = self.oidResponse.fields.getArgs(ax.AXMessage.ns_uri) 714 for i in axArgs.keys(): 715 # Parse alias name but note not all keys are alias and so will 716 # not use the '.' delimiter 717 keyParts = i.split('.') 718 if len(keyParts) > 1 and not keyParts[1] in userAXSettings: 719 self.oidResponse.fields.delArg(ax.AXMessage.ns_uri, i) 720 707 721 def do_login(self, environ, start_response, **kw): 708 722 """Display Login form
Note: See TracChangeset
for help on using the changeset viewer.