Merge pull request #117 from HaToHo/master

Some minor changes and a fix to make the raspberry install scripts work better.
2014-05-13 10:19:20 +02:00
parent fabb33be35 25eabadd68
commit a6ef5141a9
6 changed files with 60 additions and 16 deletions
--- a/example/idp2/idp.py
+++ b/example/idp2/idp.py
@@ -1,4 +1,5 @@
 #!/usr/bin/env python
+import importlib
 import argparse
 import base64
 import re
@@ -484,7 +485,9 @@ def do_authentication(environ, start_response, authn_context, key,

 # -----------------------------------------------------------------------------

-PASSWD = {"haho0032": "qwerty",
+PASSWD = {
+          "daev0001": "qwerty",
+          "haho0032": "qwerty",
          "roland": "dianakra",
          "babs": "howes",
          "upper": "crust"}
@@ -981,7 +984,7 @@ AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
                 "http://%s" % socket.gethostname())
 AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
                 "", 0, "http://%s" % socket.gethostname())
-
+CONFIG = importlib.import_module(args.config)
 IDP = server.Server(args.config, cache=Cache())
 IDP.ticket = {}

@@ -1011,8 +1014,8 @@ if __name__ == '__main__':
                            module_directory=_rot + 'modules',
                            input_encoding='utf-8', output_encoding='utf-8')

-    HOST = '127.0.0.1'
-    PORT = 8088
+    HOST = CONFIG.HOST
+    PORT = CONFIG.PORT

    SRV = make_server(HOST, PORT, application)
    print "IdP listening on %s:%s" % (HOST, PORT)
--- a/example/idp2/idp_conf.py.example
+++ b/example/idp2/idp_conf.py.example
@@ -25,9 +25,10 @@ BASEDIR = os.path.abspath(os.path.dirname(__file__))
 def full_path(local_file):
    return os.path.join(BASEDIR, local_file)

-#BASE = "http://lingon.ladok.umu.se:8088"
-#BASE = "http://lingon.catalogix.se:8088"
-BASE = "http://localhost:8088"
+HOST = 'localhost'
+PORT = 8088
+
+BASE = "http://%s:%s" % (HOST, PORT)

 CONFIG = {
    "entityid": "%s/idp.xml" % BASE,
--- a/example/idp2/idp_user.py
+++ b/example/idp2/idp_user.py
@@ -1,10 +1,47 @@
+#from dirg_util.dict import LDAPDict
+#ldap_settings = {
+#    "ldapuri": "ldaps://ldap.test.umu.se",
+#    "base": "dc=umu, dc=se",
+#    "filter_pattern": "(uid=%s)",
+#    "user": "",
+#    "passwd": "",
+#    "attr": [
+#        "eduPersonScopedAffiliation",
+#        "eduPersonAffiliation",
+#        "eduPersonPrincipalName",
+#        "givenName",
+#        "sn",
+#        "mail",
+#        "uid",
+#        "o",
+#        "c",
+#        "labeledURI",
+#        "ou",
+#        "displayName",
+#        "norEduPersonLIN"
+#    ],
+#    "keymap": {
+#        "mail": "email",
+#        "labeledURI": "labeledURL",
+#    },
+#    "static_values": {
+#        "eduPersonTargetedID": "one!for!all",
+#    },
+#    "exact_match": True,
+#    "firstonly_len1": True,
+#    "timeout": 15,
+#}
+#Uncomment to use a LDAP directory instead.
+#USERS = LDAPDict(**ldap_settings)
+
 USERS = {
    "haho0032": {
        "sn": "Hoerberg",
-        "givenName": "Hans",
-        "eduPersonScopedAffiliation": "staff@example.com",
+        "givenName": "Hasse",
+        "eduPersonAffiliation": "student",
+        "eduPersonScopedAffiliation": "student@example.com",
        "eduPersonPrincipalName": "haho@example.com",
-        "uid": "haho",
+        "uid": "haho0032",
        "eduPersonTargetedID": "one!for!all",
        "c": "SE",
        "o": "Example Co.",
--- a/example/sp-repoze/sp.py
+++ b/example/sp-repoze/sp.py
@@ -2,7 +2,7 @@
 from Cookie import SimpleCookie
 import logging
 import os
-
+import sp_conf
 from sp_conf import CONFIG
 import re
 import subprocess
@@ -268,8 +268,8 @@ app_with_auth = make_middleware_with_config(application, {"here": "."},
                                            log_file="repoze_who.log")

 # ----------------------------------------------------------------------------
-HOST = '127.0.0.1'
-PORT = 8087
+HOST = sp_conf.HOST
+PORT = sp_conf.PORT

 # allow uwsgi or gunicorn mount
 # by moving some initialization out of __name__ == '__main__' section.
--- a/example/sp-repoze/sp_conf.example
+++ b/example/sp-repoze/sp_conf.example
@@ -1,8 +1,10 @@
 from saml2 import BINDING_HTTP_REDIRECT
 from saml2.saml import NAME_FORMAT_URI

-BASE= "http://localhost:8087"
-#BASE= "http://lingon.catalogix.se:8087"
+HOST = 'localhost'
+PORT = 8087
+
+BASE = "http://%s:%s" % (HOST, PORT)

 CONFIG = {
    "entityid": "%s/sp.xml" % BASE,
--- a/src/saml2/server.py
+++ b/src/saml2/server.py
@@ -479,7 +479,8 @@ class Server(Entity):
                    if not verify_encrypt_cert(encrypt_cert):
                        raise CertificateError("Invalid certificate for encryption!")
            else:
-                raise CertificateError("No certificate for encryption!")
+                raise CertificateError("No SPCertEncType certificate for encryption contained in authentication "
+                                       "request.")
        else:
            encrypt_assertion = False