forked from galaxyproject/galaxy
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Abstract OpenID providers to be defined outside of the Python code an…
…d to allow customization of actions. See individual examples in openid/ and the list of enabled OpenID providers in openid_conf.xml.sample. Feedback is welcomed.
- Loading branch information
1 parent
c0c286a
commit eed27b8
Showing
17 changed files
with
218 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| """ | ||
| OpenID functionality | ||
| """ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,118 @@ | ||
| """ | ||
| Contains OpenID provider functionality | ||
| """ | ||
|
|
||
| import logging, os | ||
| from galaxy.util import parse_xml, string_as_bool | ||
| from galaxy.util.odict import odict | ||
|
|
||
|
|
||
| log = logging.getLogger( __name__ ) | ||
|
|
||
| class OpenIDProvider( object ): | ||
| '''An OpenID Provider object.''' | ||
| @classmethod | ||
| def from_file( cls, filename ): | ||
| return cls.from_elem( parse_xml( filename ).getroot() ) | ||
| @classmethod | ||
| def from_elem( cls, xml_root ): | ||
| provider_elem = xml_root | ||
| provider_id = provider_elem.get( 'id', None ) | ||
| provider_name = provider_elem.get( 'name', provider_id ) | ||
| op_endpoint_url = provider_elem.find( 'op_endpoint_url' ) | ||
| if op_endpoint_url is not None: | ||
| op_endpoint_url = op_endpoint_url.text | ||
| assert (provider_id and provider_name and op_endpoint_url), Exception( "OpenID Provider improperly configured" ) | ||
| sreg_required = [] | ||
| sreg_optional = [] | ||
| use_for = {} | ||
| store_user_preference = {} | ||
| use_default_sreg = True | ||
| for elem in provider_elem.findall( 'sreg' ): | ||
| use_default_sreg = False | ||
| for field_elem in elem.findall( 'field' ): | ||
| sreg_name = field_elem.get( 'name' ) | ||
| assert sreg_name, Exception( 'A name is required for a sreg element' ) | ||
| if string_as_bool( field_elem.get( 'required' ) ): | ||
| sreg_required.append( sreg_name ) | ||
| else: | ||
| sreg_optional.append( sreg_name ) | ||
| for use_elem in field_elem.findall( 'use_for' ): | ||
| use_for[ use_elem.get( 'name' ) ] = sreg_name | ||
| for store_user_preference_elem in field_elem.findall( 'store_user_preference' ): | ||
| store_user_preference[ store_user_preference_elem.get( 'name' ) ] = sreg_name | ||
| if use_default_sreg: | ||
| sreg_required = None | ||
| sreg_optional = None | ||
| use_for = None | ||
| return cls( provider_id, provider_name, op_endpoint_url, sreg_required, sreg_optional, use_for, store_user_preference ) | ||
| def __init__( self, id, name, op_endpoint_url, sreg_required=None, sreg_optional=None, use_for=None, store_user_preference=None ): | ||
| '''When sreg options are not specified, defaults are used.''' | ||
| self.id = id | ||
| self.name = name | ||
| self.op_endpoint_url = op_endpoint_url | ||
| if sreg_optional is None: | ||
| self.sreg_optional = [ 'nickname', 'email' ] | ||
| else: | ||
| self.sreg_optional = sreg_optional | ||
| if sreg_required: | ||
| self.sreg_required = sreg_required | ||
| else: | ||
| self.sreg_required = [] | ||
| if use_for is not None: | ||
| self.use_for = use_for | ||
| else: | ||
| self.use_for = {} | ||
| if 'nickname' in ( self.sreg_optional + self.sreg_required ): | ||
| self.use_for[ 'username' ] = 'nickname' | ||
| if 'email' in ( self.sreg_optional + self.sreg_required ): | ||
| self.use_for[ 'email' ] = 'email' | ||
| if store_user_preference: | ||
| self.store_user_preference = store_user_preference | ||
| else: | ||
| self.store_user_preference = {} | ||
| def post_authentication( self, trans, openid_manager, info ): | ||
| sreg_attributes = openid_manager.get_sreg( info ) | ||
| for store_pref_name, store_pref_value_name in self.store_user_preference.iteritems(): | ||
| if store_pref_value_name in ( self.sreg_optional + self.sreg_required ): | ||
| trans.user.preferences[ store_pref_name ] = sreg_attributes.get( store_pref_value_name ) | ||
| print 'setting',store_pref_name,'to',trans.user.preferences[ store_pref_name ] | ||
| else: | ||
| raise Exception( 'Only sreg is currently supported.' ) | ||
| trans.sa_session.add( trans.user ) | ||
| trans.sa_session.flush() | ||
|
|
||
| class OpenIDProviders( object ): | ||
| '''Collection of OpenID Providers''' | ||
| @classmethod | ||
| def from_file( cls, filename ): | ||
| try: | ||
| return cls.from_elem( parse_xml( filename ).getroot() ) | ||
| except Exception, e: | ||
| log.error( 'Failed to load OpenID Providers: %s' % ( e ) ) | ||
| return cls() | ||
| @classmethod | ||
| def from_elem( cls, xml_root ): | ||
| oid_elem = xml_root | ||
| providers = odict() | ||
| for elem in oid_elem.findall( 'provider' ): | ||
| try: | ||
| provider = OpenIDProvider.from_file( os.path.join( 'openid', elem.get( 'file' ) ) ) | ||
| providers[ provider.id ] = provider | ||
| log.debug( 'Loaded OpenID provider: %s (%s)' % ( provider.name, provider.id ) ) | ||
| except Exception, e: | ||
| log.error( 'Failed to add OpenID provider: %s' % ( e ) ) | ||
| return cls( providers ) | ||
| def __init__( self, providers=None ): | ||
| if providers: | ||
| self.providers = providers | ||
| else: | ||
| self.providers = odict() | ||
| def __iter__( self ): | ||
| for provider in self.providers.itervalues(): | ||
| yield provider | ||
| def get( self, name, default=None ): | ||
| if name in self.providers: | ||
| return self.providers[ name ] | ||
| else: | ||
| return default |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| <?xml version="1.0"?> | ||
| <provider id="aol" name="AOL/AIM"> | ||
| <op_endpoint_url>http://openid.aol.com</op_endpoint_url> | ||
| </provider> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <?xml version="1.0"?> | ||
| <provider id="genomespace" name="GenomeSpace"> | ||
| <op_endpoint_url>https://identity.genomespace.org/identityServer/xrd.jsp</op_endpoint_url> | ||
| <sreg> | ||
| <field name="nickname" required="True"> | ||
| <use_for name="username"/> | ||
| <store_user_preference name="genomespace_username"/> | ||
| </field> | ||
| <field name="email" required="False"> | ||
| <use_for name="email"/> | ||
| </field> | ||
| <field name="gender" required="True"> | ||
| <store_user_preference name="genomespace_token"/> | ||
| </field> | ||
| </sreg> | ||
| </provider> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| <?xml version="1.0"?> | ||
| <provider id="google" name="Google"> | ||
| <op_endpoint_url>https://www.google.com/accounts/o8/id</op_endpoint_url> | ||
| </provider> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| <?xml version="1.0"?> | ||
| <provider id="launchpad" name="Launchpad"> | ||
| <op_endpoint_url>http://login.launchpad.net</op_endpoint_url> | ||
| </provider> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| <?xml version="1.0"?> | ||
| <provider id="yahoo" name="Yahoo!"> | ||
| <op_endpoint_url>http://yahoo.com</op_endpoint_url> | ||
| </provider> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| <?xml version="1.0"?> | ||
| <openid> | ||
| <provider file="google.xml" /> | ||
| <provider file="yahoo.xml" /> | ||
| <provider file="aol.xml" /> | ||
| <provider file="launchpad.xml" /> | ||
| <provider file="genomespace.xml" /> | ||
| </openid> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.