+class NewSPAdminPage(AdminPage):
+
+ def __init__(self, site, parent):
+ super(NewSPAdminPage, self).__init__(site, form=True)
+ self.parent = parent
+ self.title = 'New Service Provider'
+ self.back = parent.url
+ self.url = '%s/new' % (parent.url,)
+
+ def form_new(self, message=None, message_type=None):
+ return self._template('admin/providers/saml2_sp_new.html',
+ title=self.title,
+ message=message,
+ message_type=message_type,
+ name='saml2_sp_new_form',
+ back=self.back, action=self.url)
+
+ def GET(self, *args, **kwargs):
+ return self.form_new()
+
+ def POST(self, *args, **kwargs):
+
+ if self.user.is_admin:
+ # TODO: allow authenticated user to create SPs on their own
+ # set the owner in that case
+ name = None
+ meta = None
+ description = None
+ splink = None
+ visible = False
+ imagefile = None
+ if 'content-type' not in cherrypy.request.headers:
+ self.debug("Invalid request, missing content-type")
+ message = "Malformed request"
+ message_type = ADMIN_STATUS_ERROR
+ return self.form_new(message, message_type)
+ ctype = cherrypy.request.headers['content-type'].split(';')[0]
+ if ctype != 'multipart/form-data':
+ self.debug("Invalid form type (%s), trying to cope" % (
+ cherrypy.request.content_type,))
+ for key, value in kwargs.iteritems():
+ if key == 'name':
+ name = value
+ elif key == 'description':
+ description = value
+ elif key == 'splink':
+ # pylint: disable=unused-variable
+ (scheme, netloc, path, params, query, frag) = urlparse(
+ value
+ )
+ # minimum URL validation
+ if (scheme not in ['http', 'https'] or not netloc):
+ message = "Invalid URL for Service Provider link"
+ message_type = ADMIN_STATUS_ERROR
+ return self.form_new(message, message_type)
+ splink = value
+ elif key == 'portalvisible' and value.lower() == 'on':
+ visible = True
+ elif key == 'imagefile':
+ if hasattr(value, 'content_type'):
+ imagefile = value.fullvalue()
+ if len(imagefile) == 0:
+ imagefile = None
+ else:
+ imagefile = base64.b64encode(imagefile)
+ else:
+ self.debug("Invalid format for 'imagefile'")
+ elif key == 'metatext':
+ if len(value) > 0:
+ meta = value
+ elif key == 'metafile':
+ if hasattr(value, 'content_type'):
+ meta = value.fullvalue()
+ else:
+ self.debug("Invalid format for 'meta'")
+ elif key == 'metaurl':
+ if len(value) > 0:
+ try:
+ r = requests.get(value)
+ r.raise_for_status()
+ meta = r.content
+ except Exception, e: # pylint: disable=broad-except
+ self.debug("Failed to fetch metadata: " + repr(e))
+ message = "Failed to fetch metadata: " + repr(e)
+ message_type = ADMIN_STATUS_ERROR
+ return self.form_new(message, message_type)
+
+ if name and meta:
+ try:
+ spc = ServiceProviderCreator(self.parent.cfg)
+ sp = spc.create_from_buffer(name, meta, description,
+ visible, imagefile, splink)
+ sp_page = self.parent.add_sp(name, sp)
+ message = "SP Successfully added"
+ message_type = ADMIN_STATUS_OK
+ return sp_page.root_with_msg(message, message_type)
+ except InvalidProviderId, e:
+ message = str(e)
+ message_type = ADMIN_STATUS_ERROR
+ except Exception, e: # pylint: disable=broad-except
+ self.debug(repr(e))
+ message = "Failed to create Service Provider!"
+ message_type = ADMIN_STATUS_ERROR
+ else:
+ message = "A name and a metadata file must be provided"
+ message_type = ADMIN_STATUS_ERROR
+ else:
+ message = "Unauthorized"
+ message_type = ADMIN_STATUS_ERROR
+
+ return self.form_new(message, message_type)
+
+
+class InvalidValueFormat(Exception):
+ pass
+
+
+class UnauthorizedUser(Exception):
+ pass
+
+
+class SPAdminPage(AdminPage):