Added Lorenzo's Django branch

2009-12-11 08:05:48 +01:00
parent 78c530b534
commit cc7c3e24f8
4 changed files with 175 additions and 0 deletions
--- a/src/djangosaml2/init.py
+++ b/src/djangosaml2/init.py
@@ -0,0 +1,43 @@
 # Copyright (C) 2009 Lorenzo Gil Sanchez
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #            http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 # Quick Intructions
 #
 # 1. Configure the authentication backend in the settings.py file:
 #
 # AUTHENTICATION_BACKENDS = (
 #    'djangosaml2.backends.Saml2Backend',
 #    'django.contrib.auth.backends.ModelBackend',
 #)
 #
 # 2. Set the login url in the settings.py and include the urls:
 #
 # settings.py:
 # ...
 # LOGIN_URL = '/saml2/login/'
 # ...
 #
 # urls.py:
 # ...
 # (r'^saml2/', include('djangosaml2.urls')),
 # ...
 #
 # 3. Set the SAML config file (see pysaml2 docs for more information
 # about this file)
 #
 # SAML_CONFIG_FILE = path.join(BASEDIR, 'sp.config')
 #
 # 4. Set the attribute that links the saml identity with the Django username
 #
 # SAML_USERNAME_ATTRIBUTE = 'uid'
--- a/src/djangosaml2/backends.py
+++ b/src/djangosaml2/backends.py
@@ -0,0 +1,49 @@
 # Copyright (C) 2009 Lorenzo Gil Sanchez
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #            http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 from django.conf import settings
 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth.models import User
 class Saml2Backend(ModelBackend):
    def authenticate(self, session_info=None):
        if session_info is None:
            return None
        if not session_info.has_key('ava'):
            return None
        ava = session_info['ava']
        username = ava[settings.SAML_USERNAME_ATTRIBUTE][0]
        modified = False
        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            user = User(username=username, password='')
            modified = True
        modified = modified or self._update_user_attributes(user, ava)
        if modified:
            user.save()
        return user
    def _update_user_attributes(self, user, attributes):
        """TODO"""
--- a/src/djangosaml2/urls.py
+++ b/src/djangosaml2/urls.py
@@ -0,0 +1,21 @@
 # Copyright (C) 2009 Lorenzo Gil Sanchez
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #            http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 from django.conf.urls.defaults import patterns
 urlpatterns = patterns(
    'djangosaml2.views',
    (r'^login/$', 'login'),
    (r'^acs/$', 'assertion_consumer_service'),
 )
--- a/src/djangosaml2/views.py
+++ b/src/djangosaml2/views.py
@@ -0,0 +1,62 @@
 # Copyright (C) 2009 Lorenzo Gil Sanchez
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #            http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 import cgi
 from django.conf import settings
 from django.contrib import auth
 from django.http import HttpResponse, HttpResponseRedirect
 from saml2.client import Saml2Client
 from saml2.config import Config
 def _load_conf():
    conf = Config()
    conf.load_file(settings.SAML_CONFIG_FILE)
    return conf
 def login(request):
    next = request.GET.get('next', '/')
    conf = _load_conf()
    srv = conf['service']['sp']
    idp_url = srv['idp'].values()[0]
    client = Saml2Client(None, conf)
    (session_id, result) = client.authenticate(
        conf['entityid'],
        idp_url,
        srv['url'],
        srv['name'],
        relay_state=next)
    redirect_url = result[1]
    return HttpResponseRedirect(redirect_url)
 def assertion_consumer_service(request):
    conf = _load_conf()
    response = cgi.MiniFieldStorage('SAMLResponse',
                                    request.POST['SAMLResponse'])
    post = {'SAMLResponse': response}
    client = Saml2Client(None, conf)
    session_info = client.response(post, conf['entityid'], None)
    user = auth.authenticate(session_info=session_info)
    if user is None:
        return HttpResponse("user not valid")
    auth.login(request, user)
    relay_state = request.POST.get('RelayState', '/')
    return HttpResponseRedirect(relay_state)