diff --git a/src/djangosaml2/__init__.py b/src/djangosaml2/__init__.py deleted file mode 100644 index 611c7f8..0000000 --- a/src/djangosaml2/__init__.py +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright (C) 2009 Lorenzo Gil Sanchez -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Quick Intructions -# -# 1. Configure the authentication backend in the settings.py file: -# -# AUTHENTICATION_BACKENDS = ( -# 'djangosaml2.backends.Saml2Backend', -# 'django.contrib.auth.backends.ModelBackend', -#) -# -# 2. Set the login url in the settings.py and include the urls: -# -# settings.py: -# ... -# LOGIN_URL = '/saml2/login/' -# ... -# -# urls.py: -# ... -# (r'^saml2/', include('djangosaml2.urls')), -# ... -# -# 3. Set the SAML config file (see pysaml2 docs for more information -# about this file) -# -# SAML_CONFIG_FILE = path.join(BASEDIR, 'sp.config') -# -# 4. Set the attribute that links the saml identity with the Django username -# -# SAML_USERNAME_ATTRIBUTE = 'uid' diff --git a/src/djangosaml2/backends.py b/src/djangosaml2/backends.py deleted file mode 100644 index ace0b7b..0000000 --- a/src/djangosaml2/backends.py +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright (C) 2009 Lorenzo Gil Sanchez -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from django.conf import settings -from django.contrib.auth.backends import ModelBackend -from django.contrib.auth.models import User - - -class Saml2Backend(ModelBackend): - - def authenticate(self, session_info=None): - if session_info is None: - return None - - if not session_info.has_key('ava'): - return None - - ava = session_info['ava'] - username = ava[settings.SAML_USERNAME_ATTRIBUTE][0] - - modified = False - try: - user = User.objects.get(username=username) - except User.DoesNotExist: - user = User(username=username, password='') - modified = True - - modified = modified or self._update_user_attributes(user, ava) - - if modified: - user.save() - - return user - - def _update_user_attributes(self, user, attributes): - """TODO""" - - diff --git a/src/djangosaml2/urls.py b/src/djangosaml2/urls.py deleted file mode 100644 index 1d7a3ab..0000000 --- a/src/djangosaml2/urls.py +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright (C) 2009 Lorenzo Gil Sanchez -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from django.conf.urls.defaults import patterns - -urlpatterns = patterns( - 'djangosaml2.views', - (r'^login/$', 'login'), - (r'^acs/$', 'assertion_consumer_service'), -) diff --git a/src/djangosaml2/views.py b/src/djangosaml2/views.py deleted file mode 100644 index 4fc5333..0000000 --- a/src/djangosaml2/views.py +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright (C) 2009 Lorenzo Gil Sanchez -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import cgi - -from django.conf import settings -from django.contrib import auth -from django.http import HttpResponse, HttpResponseRedirect - -from saml2.client import Saml2Client -from saml2.config import Config - - -def _load_conf(): - conf = Config() - conf.load_file(settings.SAML_CONFIG_FILE) - return conf - - -def login(request): - next = request.GET.get('next', '/') - conf = _load_conf() - srv = conf['service']['sp'] - idp_url = srv['idp'].values()[0] - client = Saml2Client(None, conf) - (session_id, result) = client.authenticate( - conf['entityid'], - idp_url, - srv['url'], - srv['name'], - relay_state=next) - - redirect_url = result[1] - return HttpResponseRedirect(redirect_url) - - -def assertion_consumer_service(request): - conf = _load_conf() - response = cgi.MiniFieldStorage('SAMLResponse', - request.POST['SAMLResponse']) - post = {'SAMLResponse': response} - client = Saml2Client(None, conf) - session_info = client.response(post, conf['entityid'], None) - - user = auth.authenticate(session_info=session_info) - if user is None: - return HttpResponse("user not valid") - - auth.login(request, user) - relay_state = request.POST.get('RelayState', '/') - return HttpResponseRedirect(relay_state)