mirror of
https://github.com/dkmstr/openuds.git
synced 2025-01-08 21:18:00 +03:00
Updated authenticator callback, and added a few methods to Cryptomanager
This commit is contained in:
parent
0c4a86b560
commit
18a30e0068
@ -53,6 +53,7 @@ encoding//src/uds/core/managers/PublicationManager.py=utf-8
|
||||
encoding//src/uds/core/managers/TaskManager.py=utf-8
|
||||
encoding//src/uds/core/managers/UserPrefsManager.py=utf-8
|
||||
encoding//src/uds/core/managers/UserServiceManager.py=utf-8
|
||||
encoding//src/uds/core/managers/__init__.py=utf-8
|
||||
encoding//src/uds/core/osmanagers/BaseOsManager.py=utf-8
|
||||
encoding//src/uds/core/osmanagers/OSManagersFactory.py=utf-8
|
||||
encoding//src/uds/core/osmanagers/__init__.py=utf-8
|
||||
|
@ -47,4 +47,10 @@ class InvalidAuthenticatorException(Exception):
|
||||
'''
|
||||
Invalida authenticator has been specified
|
||||
'''
|
||||
pass
|
||||
pass
|
||||
|
||||
class Redirect(Exception):
|
||||
'''
|
||||
This exception indicates that a redirect is required.
|
||||
Used in authUrlCallback to indicate that no use has been authenticated, but redirect is needed
|
||||
'''
|
@ -213,5 +213,5 @@ def webLogout(request, exit_url = None):
|
||||
if exit_url is None:
|
||||
exit_url = GlobalConfig.LOGIN_URL.get()
|
||||
# Try to delete session
|
||||
return HttpResponseRedirect(exit_url)
|
||||
return HttpResponseRedirect(request.build_absolute_uri(exit_url))
|
||||
|
||||
|
@ -33,6 +33,7 @@
|
||||
|
||||
from server.settings import RSA_KEY
|
||||
from Crypto.PublicKey import RSA
|
||||
from OpenSSL import crypto
|
||||
from Crypto.Random import atfork
|
||||
import hashlib, array
|
||||
|
||||
@ -70,6 +71,24 @@ class CryptoManager(object):
|
||||
s2 = array.array('B', s2 * mult)
|
||||
return array.array('B', (s1[i] ^ s2[i] for i in range(len(s1)))).tostring()
|
||||
|
||||
def loadPrivateKey(self, rsaKey):
|
||||
try:
|
||||
pk = RSA.importKey(rsaKey)
|
||||
except Exception as e:
|
||||
raise e
|
||||
return pk
|
||||
|
||||
def loadCertificate(self,certificate):
|
||||
try:
|
||||
cert = crypto.load_certificate(crypto.FILETYPE_PEM, certificate)
|
||||
except crypto.Error as e:
|
||||
raise Exception(e.message[0][2])
|
||||
return cert
|
||||
|
||||
def certificateString(self, certificate):
|
||||
return certificate.replace('-----BEGIN CERTIFICATE-----', '').replace('-----END CERTIFICATE-----', '').replace('\n', '')
|
||||
|
||||
|
||||
def hash(self, string):
|
||||
if string is '' or string is None:
|
||||
return ''
|
||||
|
@ -0,0 +1,39 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
#
|
||||
# Copyright (c) 2012 Virtual Cable S.L.
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without modification,
|
||||
# are permitted provided that the following conditions are met:
|
||||
#
|
||||
# * Redistributions of source code must retain the above copyright notice,
|
||||
# this list of conditions and the following disclaimer.
|
||||
# * Redistributions in binary form must reproduce the above copyright notice,
|
||||
# this list of conditions and the following disclaimer in the documentation
|
||||
# and/or other materials provided with the distribution.
|
||||
# * Neither the name of Virtual Cable S.L. nor the names of its contributors
|
||||
# may be used to endorse or promote products derived from this software
|
||||
# without specific prior written permission.
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
|
||||
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
||||
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
||||
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
||||
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
'''
|
||||
UDS managers (downloads, users preferences, publications, ...)
|
||||
|
||||
.. moduleauthor:: Adolfo Gómez, dkmaster at dkmon dot com
|
||||
'''
|
||||
|
||||
def cryptoManager():
|
||||
from CryptoManager import CryptoManager
|
||||
return CryptoManager.manager()
|
||||
|
@ -64,7 +64,7 @@ strings = [
|
||||
_('You need to enable cookies to let this application work'),
|
||||
_('User service not found'),
|
||||
_('Authenticator not found'),
|
||||
_('Invalid authenticator callback')
|
||||
_('Invalid authenticator')
|
||||
]
|
||||
|
||||
|
||||
|
@ -61,7 +61,6 @@ def __authLog(request, authenticator, userName, java, os, log):
|
||||
javaStr = java and 'Java' or 'No Java'
|
||||
authLogger.info('|'.join([authenticator.name, userName, javaStr, os['OS'], log, request.META['HTTP_USER_AGENT']]))
|
||||
|
||||
|
||||
def login(request):
|
||||
#request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt())
|
||||
if request.method == 'POST':
|
||||
@ -269,7 +268,7 @@ def authCallback(request, authName):
|
||||
This will invoke authCallback of the requested idAuth and, if this represents
|
||||
an authenticator that has an authCallback
|
||||
'''
|
||||
from uds.core.auths.Exceptions import InvalidUserException
|
||||
from uds.core import auths
|
||||
try:
|
||||
authenticator = Authenticator.objects.get(name=authName)
|
||||
params = request.GET.copy()
|
||||
@ -283,7 +282,7 @@ def authCallback(request, authName):
|
||||
|
||||
if user is None:
|
||||
__authLog(request, authenticator, '{0}'.format(params), False, os, 'Invalid at auth callback')
|
||||
raise InvalidUserException()
|
||||
raise auths.Exceptions.InvalidUserException()
|
||||
|
||||
# Redirect to main page through java detection process, so UDS know the availability of java
|
||||
response = render_to_response('uds/detectJava.html', { 'idAuth' : scrambleId(request, authenticator.id)},
|
||||
@ -295,6 +294,8 @@ def authCallback(request, authName):
|
||||
# It will only detect java, and them redirect to Java
|
||||
|
||||
return response
|
||||
except auths.Exceptions.Redirect as e:
|
||||
return HttpResponseRedirect(request.build_absolute_uri(str(e)))
|
||||
except Exception as e:
|
||||
return errors.exceptionView(request, e)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user