Ignore:
Timestamp:
20/01/10 10:53:02 (10 years ago)
Author:
pjkersha
Message:

Old Pylons SSO code moved to separate branch in trunk

Location:
TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server
Files:
1 deleted
4 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/__init__.py

    r6276 r6354  
    202202        ''' 
    203203        super(OpenIDProviderMiddleware, self).__init__(app, {}) 
    204 #        self._app = app 
    205 #        self._environ = {} 
    206 #        self._start_response = None 
    207 #        self._pathInfo = None 
    208 #        self._path = None 
    209 #        self.mountPath = '/' 
    210204         
    211205        self.__charset = None 
     
    14611455        hdr += [('Content-type', 'text/html' + self.charset), 
    14621456                ('Content-length', str(len(response)))] 
     1457         
     1458        log.debug("Sending response to Relying Party:\n\nheader=%r\nbody=%r", 
     1459                  hdr, response) 
    14631460             
    14641461        self.start_response('%d %s' % (webresponse.code, 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/axinterface/csv.py

    r6276 r6354  
    1616import re 
    1717 
    18 from ndg.security.server.wsgi.openid.provider.axinterface import AXInterface, \ 
    19     AXInterfaceConfigError, MissingRequiredAttrs 
    20 from ndg.security.server.wsgi.openid.provider import AbstractAuthNInterface, \ 
    21     OpenIDProviderMiddleware 
     18from ndg.security.server.wsgi.openid.provider.axinterface import (AXInterface,  
     19    AXInterfaceConfigError, MissingRequiredAttrs) 
     20from ndg.security.server.wsgi.openid.provider import (AbstractAuthNInterface,  
     21    OpenIDProviderMiddleware) 
     22 
    2223 
    2324class CSVFileAXInterface(AXInterface): 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/provider/renderinginterface/buffet/templates/ndg/security/decidePage.kid

    r5080 r6354  
    3434                                <tr> 
    3535                                        <td align="right"> 
    36                                                 <input type="submit" name="Yes" value="Yes" /> 
    37                                                 <input type="submit" name="No" value="No" /> 
     36                                                <input type="submit" name="ApproveRelyingParty" value="Yes" /> 
     37                                                <input type="submit" name="RejectRelyingParty" value="No" /> 
    3838                                        </td> 
    3939                                </tr> 
  • TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/openid/relyingparty/__init__.py

    r6276 r6354  
    249249        idPValidationDriver = SSLIdPValidationDriver( 
    250250                                idpConfigFilePath=idpWhitelistConfigFilePath) 
    251          
    252 #        def verifySSLPeerCertCallback(preVerifyOK, x509StoreCtx): 
    253 #            '''SSL verify callback function used to control the behaviour when  
    254 #            the SSL_VERIFY_PEER flag is set 
    255 #             
    256 #            http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html 
    257 #             
    258 #            @type preVerifyOK: int 
    259 #            @param preVerifyOK: If a verification error is found, this  
    260 #            parameter will be set to 0 
    261 #            @type x509StoreCtx: M2Crypto.X509_Store_Context 
    262 #            @param x509StoreCtx: locate the certificate to be verified and  
    263 #            perform additional verification steps as needed 
    264 #            @rtype: int 
    265 #            @return: controls the strategy of the further verification process.  
    266 #            - If verify_callback returns 0, the verification process is  
    267 #            immediately stopped with "verification failed" state. If  
    268 #            SSL_VERIFY_PEER is set, a verification failure alert is sent to the 
    269 #            peer and the TLS/SSL handshake is terminated.  
    270 #            - If verify_callback returns 1, the verification process is  
    271 #            continued.  
    272 #            If verify_callback always returns 1, the TLS/SSL handshake will not 
    273 #            be terminated with respect to verification failures and the  
    274 #            connection  
    275 #            will be established. The calling process can however retrieve the  
    276 #            error code of the last verification error using  
    277 #            SSL_get_verify_result or by maintaining its own error storage  
    278 #            managed by verify_callback. 
    279 #            ''' 
    280 #            if preVerifyOK == 0: 
    281 #                # Something is wrong with the certificate don't bother  
    282 #                # proceeding any further 
    283 #                log.error("verifyCallback: pre-verify OK flagged an error " 
    284 #                          "with the peer certificate, returning error state " 
    285 #                          "to caller ...") 
    286 #                return preVerifyOK 
    287 #             
    288 #            x509Cert = x509StoreCtx.get_current_cert() 
    289 #            x509Cert.get_subject() 
    290 #            x509CertChain = x509StoreCtx.get1_chain() 
    291 #            for cert in x509CertChain: 
    292 #                subject = cert.get_subject() 
    293 #                dn = subject.as_text() 
    294 #                log.debug("verifyCallback: dn = %r", dn) 
    295 #                 
    296 #            # If all is OK preVerifyOK will be 1.  Return this to the caller to 
    297 #            # that it's OK to proceed 
    298 #            return preVerifyOK 
    299 #            
    300 #         
    301 #        # Create a context specifying verification of the peer but with an 
    302 #        # additional callback function 
    303 #        ctx = SSL.Context() 
    304 #        ctx.set_verify(SSL.verify_peer|SSL.verify_fail_if_no_peer_cert,  
    305 #                       9,  
    306 #                       callback=verifySSLPeerCertCallback) 
    307 # 
    308 #        # Point to a directory containing CA certificates.  These must be named 
    309 #        # in their hashed form as expected by the OpenSSL API.  Use c_rehash 
    310 #        # utility to generate names or in the CA directory: 
    311 #        # 
    312 #        # $ for i in *.crt *.pem; do ln -s $i $(openssl x509 -hash -noout -in $i).0; done 
    313 #        ctx.load_verify_locations(capath=self.caCertDirPath) 
    314 #         
    315 #        # Load this client's certificate and private key to enable the peer  
    316 #        # OpenID Provider to authenticate it 
    317 #        ctx.load_cert(self.certFilePath,  
    318 #                      keyfile=self.priKeyFilePath,  
    319 #                      callback=lambda *arg, **kw: self.priKeyPwd) 
    320      
     251             
    321252        # Force Python OpenID library to use Urllib2 fetcher instead of the  
    322253        # Curl based one otherwise the M2Crypto SSL handler will be ignored. 
    323254        setDefaultFetcher(Urllib2Fetcher()) 
    324255         
    325 #        log.debug("Adding the M2Crypto SSL handler to urllib2's list of " 
    326 #                  "handlers...") 
    327 #        urllib2.install_opener(build_opener(ssl_context=ctx)) 
    328256        log.debug("Setting the M2Crypto SSL handler ...") 
    329257         
Note: See TracChangeset for help on using the changeset viewer.