3 # Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
5 from __future__ import absolute_import
7 from ipsilon.providers.common import ProviderBase
8 from ipsilon.providers.openid.store import OpenIDStore
9 from ipsilon.providers.openid.auth import OpenID
10 from ipsilon.providers.openid.extensions.common import LoadExtensions
11 from ipsilon.util.plugin import PluginObject
12 from ipsilon.util import config as pconfig
13 from ipsilon.info.common import InfoMapping
15 from openid.server.server import Server
18 class IdpProvider(ProviderBase):
20 def __init__(self, *pargs):
21 super(IdpProvider, self).__init__('openid', 'openid', *pargs)
22 self.mapping = InfoMapping()
26 self.extensions = LoadExtensions()
27 print self.extensions.available()
28 print self.extensions.available().keys()
29 self.description = """
30 Provides OpenID 2.0 authentication infrastructure. """
36 'Database URL for OpenID temp storage',
39 'default email domain',
40 'Used for users missing the email property.',
44 'The Absolute URL of the OpenID provider',
45 'http://localhost:8080/idp/openid/'),
47 'identity url template',
48 'The templated URL where identities are exposed.',
49 'http://localhost:8080/idp/openid/id/%(username)s'),
52 'List of trusted relying parties.'),
55 'List of untrusted relying parties.'),
58 'Choose the extensions to enable',
59 self.extensions.available().keys()),
63 def endpoint_url(self):
64 url = self.get_config_value('endpoint url')
71 def default_email_domain(self):
72 return self.get_config_value('default email domain')
75 def identity_url_template(self):
76 url = self.get_config_value('identity url template')
83 def trusted_roots(self):
84 return self.get_config_value('trusted roots')
87 def untrusted_roots(self):
88 return self.get_config_value('untrusted roots')
91 def enabled_extensions(self):
92 return self.get_config_value('enabled extensions')
94 def get_tree(self, site):
96 self.page = OpenID(site, self)
97 # self.admin = AdminPage(site, self)
102 self.server = Server(
103 OpenIDStore(self.get_config_value('database url')),
104 op_endpoint=self.endpoint_url)
106 # Expose OpenID presence in the root
107 headers = self._root.default_headers
108 headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
110 html_heads = self._root.html_heads
111 HEAD_LINK = '<link rel="%s" href="%s">'
112 openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
113 HEAD_LINK % ('openid.server', self.endpoint_url)]
114 html_heads['openid'] = openid_heads
117 super(IdpProvider, self).on_enable()
119 self.extensions.enable(self._config['enabled extensions'].get_value())
122 class Installer(object):
124 def __init__(self, *pargs):
126 self.ptype = 'provider'
129 def install_args(self, group):
130 group.add_argument('--openid', choices=['yes', 'no'], default='yes',
131 help='Configure OpenID Provider')
133 def configure(self, opts):
134 if opts['openid'] != 'yes':
138 if opts['secure'].lower() == 'no':
140 url = '%s://%s/%s/openid/' % (
141 proto, opts['hostname'], opts['instance'])
143 # Add configuration data to database
144 po = PluginObject(*self.pargs)
147 po.wipe_config_values()
148 config = {'endpoint url': url,
149 'identity_url_template': '%sid/%%(username)s' % url}
150 po.save_plugin_config(config)
152 # Update global config to add login plugin
154 po.save_enabled_state()