Added missing directory
This commit is contained in:
Roland Hedberg
55
src/saml2/userinfo/__init__.py
Normal file
55
src/saml2/userinfo/__init__.py
Normal file
@@ -0,0 +1,55 @@
|
|||||||
|
# Interface to external user info resources
|
||||||
|
|
||||||
|
import copy
|
||||||
|
|
||||||
|
|
||||||
|
class UserInfo(object):
|
||||||
|
""" Read only interface to a user info store """
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def __call__(self, **kwargs):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
class UserInfoDB(UserInfo):
|
||||||
|
""" Read only interface to a user info store """
|
||||||
|
|
||||||
|
def __init__(self, db=None):
|
||||||
|
self.db = db
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def filter(userinfo, user_info_claims=None):
|
||||||
|
"""
|
||||||
|
Return only those claims that are asked for.
|
||||||
|
It's a best effort task; if essential claims are not present
|
||||||
|
no error is flagged.
|
||||||
|
|
||||||
|
:param userinfo: A dictionary containing the available user info.
|
||||||
|
:param user_info_claims: A dictionary specifying the asked for claims
|
||||||
|
:return: A dictionary of filtered claims.
|
||||||
|
"""
|
||||||
|
|
||||||
|
if user_info_claims is None:
|
||||||
|
return copy.copy(userinfo)
|
||||||
|
else:
|
||||||
|
result = {}
|
||||||
|
missing = []
|
||||||
|
optional = []
|
||||||
|
for key, restr in user_info_claims.items():
|
||||||
|
try:
|
||||||
|
result[key] = userinfo[key]
|
||||||
|
except KeyError:
|
||||||
|
if restr == {"essential": True}:
|
||||||
|
missing.append(key)
|
||||||
|
else:
|
||||||
|
optional.append(key)
|
||||||
|
return result
|
||||||
|
|
||||||
|
def __call__(self, userid, user_info_claims=None, **kwargs):
|
||||||
|
try:
|
||||||
|
return self.filter(self.db[userid], user_info_claims)
|
||||||
|
except KeyError:
|
||||||
|
return {}
|
||||||
|
|
||||||
37
src/saml2/userinfo/ldapinfo.py
Normal file
37
src/saml2/userinfo/ldapinfo.py
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
import ldap
|
||||||
|
from ldap import SCOPE_SUBTREE
|
||||||
|
from saml2.userinfo import UserInfo
|
||||||
|
|
||||||
|
|
||||||
|
class UserInfoLDAP(UserInfo):
|
||||||
|
def __init__(self, uri, base, filter_pattern, scope=SCOPE_SUBTREE,
|
||||||
|
tls=False, user="", passwd="", attr=None, attrsonly=False):
|
||||||
|
UserInfo.__init__(self)
|
||||||
|
self.ldapuri = uri
|
||||||
|
self.base = base
|
||||||
|
self.filter_pattern = filter_pattern
|
||||||
|
self.scope = scope
|
||||||
|
self.tls = tls
|
||||||
|
self.attr = attr
|
||||||
|
self.attrsonly = attrsonly
|
||||||
|
self.ld = ldap.initialize(uri)
|
||||||
|
self.ld.protocol_version = ldap.VERSION3
|
||||||
|
self.ld.simple_bind_s(user, passwd)
|
||||||
|
|
||||||
|
def __call__(self, userid, base="", filter_pattern="", scope=SCOPE_SUBTREE,
|
||||||
|
tls=False, attr=None, attrsonly=False, **kwargs):
|
||||||
|
|
||||||
|
if filter_pattern:
|
||||||
|
_filter = filter_pattern % userid
|
||||||
|
else:
|
||||||
|
_filter = self.filter_pattern % userid
|
||||||
|
|
||||||
|
_base = base or self.base
|
||||||
|
_scope = scope or self.scope
|
||||||
|
_attr = attr or self.attr
|
||||||
|
_attrsonly = attrsonly or self.attrsonly
|
||||||
|
arg = [_base, _scope, _filter, _attr, _attrsonly]
|
||||||
|
res = self.ld.search_s(*arg)
|
||||||
|
# should only be one entry and the information per entry is
|
||||||
|
# the tuple (dn, ava)
|
||||||
|
return res[0][1]
|
||||||
Reference in New Issue
Block a user