forked from shaba/openuds
Updated authenticator callback, and added a few methods to Cryptomanager
This commit is contained in:
parent
0c4a86b560
commit
18a30e0068
@ -53,6 +53,7 @@ encoding//src/uds/core/managers/PublicationManager.py=utf-8
|
|||||||
encoding//src/uds/core/managers/TaskManager.py=utf-8
|
encoding//src/uds/core/managers/TaskManager.py=utf-8
|
||||||
encoding//src/uds/core/managers/UserPrefsManager.py=utf-8
|
encoding//src/uds/core/managers/UserPrefsManager.py=utf-8
|
||||||
encoding//src/uds/core/managers/UserServiceManager.py=utf-8
|
encoding//src/uds/core/managers/UserServiceManager.py=utf-8
|
||||||
|
encoding//src/uds/core/managers/__init__.py=utf-8
|
||||||
encoding//src/uds/core/osmanagers/BaseOsManager.py=utf-8
|
encoding//src/uds/core/osmanagers/BaseOsManager.py=utf-8
|
||||||
encoding//src/uds/core/osmanagers/OSManagersFactory.py=utf-8
|
encoding//src/uds/core/osmanagers/OSManagersFactory.py=utf-8
|
||||||
encoding//src/uds/core/osmanagers/__init__.py=utf-8
|
encoding//src/uds/core/osmanagers/__init__.py=utf-8
|
||||||
|
@ -48,3 +48,9 @@ class InvalidAuthenticatorException(Exception):
|
|||||||
Invalida authenticator has been specified
|
Invalida authenticator has been specified
|
||||||
'''
|
'''
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
class Redirect(Exception):
|
||||||
|
'''
|
||||||
|
This exception indicates that a redirect is required.
|
||||||
|
Used in authUrlCallback to indicate that no use has been authenticated, but redirect is needed
|
||||||
|
'''
|
@ -213,5 +213,5 @@ def webLogout(request, exit_url = None):
|
|||||||
if exit_url is None:
|
if exit_url is None:
|
||||||
exit_url = GlobalConfig.LOGIN_URL.get()
|
exit_url = GlobalConfig.LOGIN_URL.get()
|
||||||
# Try to delete session
|
# Try to delete session
|
||||||
return HttpResponseRedirect(exit_url)
|
return HttpResponseRedirect(request.build_absolute_uri(exit_url))
|
||||||
|
|
||||||
|
@ -33,6 +33,7 @@
|
|||||||
|
|
||||||
from server.settings import RSA_KEY
|
from server.settings import RSA_KEY
|
||||||
from Crypto.PublicKey import RSA
|
from Crypto.PublicKey import RSA
|
||||||
|
from OpenSSL import crypto
|
||||||
from Crypto.Random import atfork
|
from Crypto.Random import atfork
|
||||||
import hashlib, array
|
import hashlib, array
|
||||||
|
|
||||||
@ -70,6 +71,24 @@ class CryptoManager(object):
|
|||||||
s2 = array.array('B', s2 * mult)
|
s2 = array.array('B', s2 * mult)
|
||||||
return array.array('B', (s1[i] ^ s2[i] for i in range(len(s1)))).tostring()
|
return array.array('B', (s1[i] ^ s2[i] for i in range(len(s1)))).tostring()
|
||||||
|
|
||||||
|
def loadPrivateKey(self, rsaKey):
|
||||||
|
try:
|
||||||
|
pk = RSA.importKey(rsaKey)
|
||||||
|
except Exception as e:
|
||||||
|
raise e
|
||||||
|
return pk
|
||||||
|
|
||||||
|
def loadCertificate(self,certificate):
|
||||||
|
try:
|
||||||
|
cert = crypto.load_certificate(crypto.FILETYPE_PEM, certificate)
|
||||||
|
except crypto.Error as e:
|
||||||
|
raise Exception(e.message[0][2])
|
||||||
|
return cert
|
||||||
|
|
||||||
|
def certificateString(self, certificate):
|
||||||
|
return certificate.replace('-----BEGIN CERTIFICATE-----', '').replace('-----END CERTIFICATE-----', '').replace('\n', '')
|
||||||
|
|
||||||
|
|
||||||
def hash(self, string):
|
def hash(self, string):
|
||||||
if string is '' or string is None:
|
if string is '' or string is None:
|
||||||
return ''
|
return ''
|
||||||
|
@ -0,0 +1,39 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
#
|
||||||
|
# Copyright (c) 2012 Virtual Cable S.L.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# Redistribution and use in source and binary forms, with or without modification,
|
||||||
|
# are permitted provided that the following conditions are met:
|
||||||
|
#
|
||||||
|
# * Redistributions of source code must retain the above copyright notice,
|
||||||
|
# this list of conditions and the following disclaimer.
|
||||||
|
# * Redistributions in binary form must reproduce the above copyright notice,
|
||||||
|
# this list of conditions and the following disclaimer in the documentation
|
||||||
|
# and/or other materials provided with the distribution.
|
||||||
|
# * Neither the name of Virtual Cable S.L. nor the names of its contributors
|
||||||
|
# may be used to endorse or promote products derived from this software
|
||||||
|
# without specific prior written permission.
|
||||||
|
#
|
||||||
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||||
|
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||||
|
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
|
||||||
|
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
||||||
|
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
||||||
|
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
||||||
|
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||||
|
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
|
||||||
|
'''
|
||||||
|
UDS managers (downloads, users preferences, publications, ...)
|
||||||
|
|
||||||
|
.. moduleauthor:: Adolfo Gómez, dkmaster at dkmon dot com
|
||||||
|
'''
|
||||||
|
|
||||||
|
def cryptoManager():
|
||||||
|
from CryptoManager import CryptoManager
|
||||||
|
return CryptoManager.manager()
|
||||||
|
|
@ -64,7 +64,7 @@ strings = [
|
|||||||
_('You need to enable cookies to let this application work'),
|
_('You need to enable cookies to let this application work'),
|
||||||
_('User service not found'),
|
_('User service not found'),
|
||||||
_('Authenticator not found'),
|
_('Authenticator not found'),
|
||||||
_('Invalid authenticator callback')
|
_('Invalid authenticator')
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
|
@ -61,7 +61,6 @@ def __authLog(request, authenticator, userName, java, os, log):
|
|||||||
javaStr = java and 'Java' or 'No Java'
|
javaStr = java and 'Java' or 'No Java'
|
||||||
authLogger.info('|'.join([authenticator.name, userName, javaStr, os['OS'], log, request.META['HTTP_USER_AGENT']]))
|
authLogger.info('|'.join([authenticator.name, userName, javaStr, os['OS'], log, request.META['HTTP_USER_AGENT']]))
|
||||||
|
|
||||||
|
|
||||||
def login(request):
|
def login(request):
|
||||||
#request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt())
|
#request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt())
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
@ -269,7 +268,7 @@ def authCallback(request, authName):
|
|||||||
This will invoke authCallback of the requested idAuth and, if this represents
|
This will invoke authCallback of the requested idAuth and, if this represents
|
||||||
an authenticator that has an authCallback
|
an authenticator that has an authCallback
|
||||||
'''
|
'''
|
||||||
from uds.core.auths.Exceptions import InvalidUserException
|
from uds.core import auths
|
||||||
try:
|
try:
|
||||||
authenticator = Authenticator.objects.get(name=authName)
|
authenticator = Authenticator.objects.get(name=authName)
|
||||||
params = request.GET.copy()
|
params = request.GET.copy()
|
||||||
@ -283,7 +282,7 @@ def authCallback(request, authName):
|
|||||||
|
|
||||||
if user is None:
|
if user is None:
|
||||||
__authLog(request, authenticator, '{0}'.format(params), False, os, 'Invalid at auth callback')
|
__authLog(request, authenticator, '{0}'.format(params), False, os, 'Invalid at auth callback')
|
||||||
raise InvalidUserException()
|
raise auths.Exceptions.InvalidUserException()
|
||||||
|
|
||||||
# Redirect to main page through java detection process, so UDS know the availability of java
|
# Redirect to main page through java detection process, so UDS know the availability of java
|
||||||
response = render_to_response('uds/detectJava.html', { 'idAuth' : scrambleId(request, authenticator.id)},
|
response = render_to_response('uds/detectJava.html', { 'idAuth' : scrambleId(request, authenticator.id)},
|
||||||
@ -295,6 +294,8 @@ def authCallback(request, authName):
|
|||||||
# It will only detect java, and them redirect to Java
|
# It will only detect java, and them redirect to Java
|
||||||
|
|
||||||
return response
|
return response
|
||||||
|
except auths.Exceptions.Redirect as e:
|
||||||
|
return HttpResponseRedirect(request.build_absolute_uri(str(e)))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
return errors.exceptionView(request, e)
|
return errors.exceptionView(request, e)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user