|
1
|
|
|
""" |
|
2
|
|
|
A Python Social backend base class that uses web server environment variables for authentication. |
|
3
|
|
|
This is intended to perform the same as Django's RemoteUser middleware, but with all |
|
4
|
|
|
the nice Python Social add-ons in the pipeline. |
|
5
|
|
|
|
|
6
|
|
|
This backend class expects the following configuration variables being set by a derived class: |
|
7
|
|
|
|
|
8
|
|
|
ENV_USERNAME - The name of the environment variable containing the authenticated user name (mandatory). |
|
9
|
|
|
ENV_EMAIL - The name of the environment variable containing the eMail address of the authenticated user. |
|
10
|
|
|
ENV_FIRST_NAME - The name of the environment variable containing the First name of the authenticated user. |
|
11
|
|
|
ENV_LAST_NAME - The name of the environment variable containing the Last name of the authenticated user. |
|
12
|
|
|
|
|
13
|
|
|
It also expects auth_url to be implemented by the derived class. |
|
14
|
|
|
|
|
15
|
|
|
Note: If you are using Apache + mod_wsgi, make sure to set 'WSGIPassAuthorization On'. |
|
16
|
|
|
""" |
|
17
|
|
|
|
|
18
|
|
|
from social_core.backends.base import BaseAuth |
|
19
|
|
|
from social_core.exceptions import AuthMissingParameter |
|
20
|
|
|
import os, logging |
|
21
|
|
|
|
|
22
|
|
|
logger = logging.getLogger('OpenSubmit') |
|
23
|
|
|
|
|
24
|
|
|
class ServerEnvAuth(BaseAuth): |
|
25
|
|
|
ENV_USERNAME = None |
|
26
|
|
|
ENV_EMAIL = None |
|
27
|
|
|
ENV_FIRST_NAME = None |
|
28
|
|
|
ENV_LAST_NAME = None |
|
29
|
|
|
|
|
30
|
|
|
def auth_url(self): |
|
31
|
|
|
"""Must return redirect URL to auth provider.""" |
|
32
|
|
|
raise NotImplementedError() |
|
33
|
|
|
|
|
34
|
|
|
def auth_complete(self, *args, **kwargs): |
|
35
|
|
|
"""Completes loging process, must return user instance""" |
|
36
|
|
|
if self.ENV_USERNAME in os.environ: |
|
37
|
|
|
response = os.environ |
|
38
|
|
|
elif type(self.strategy).__name__ == "DjangoStrategy" and self.ENV_USERNAME in self.strategy.request.META: |
|
39
|
|
|
# Looks like the Django strategy. In this case, it might by mod_wsgi, which stores |
|
40
|
|
|
# authentication environment variables in request.META |
|
41
|
|
|
response = self.strategy.request.META |
|
42
|
|
|
else: |
|
43
|
|
|
raise AuthMissingParameter(self, "%s, found only: %s"%(self.ENV_USERNAME, str(os.environ))) |
|
44
|
|
|
kwargs.update({'response': response, 'backend': self}) |
|
45
|
|
|
return self.strategy.authenticate(*args, **kwargs) |
|
46
|
|
|
|
|
47
|
|
|
def get_user_details(self, response): |
|
48
|
|
|
""" Complete with additional information from environment, as available. """ |
|
49
|
|
|
result = { |
|
50
|
|
|
'username': response[self.ENV_USERNAME], |
|
51
|
|
|
'email': response.get(self.ENV_EMAIL, None), |
|
52
|
|
|
'first_name': response.get(self.ENV_FIRST_NAME, None), |
|
53
|
|
|
'last_name': response.get(self.ENV_LAST_NAME, None) |
|
54
|
|
|
} |
|
55
|
|
|
if result['first_name'] and result['last_name']: |
|
56
|
|
|
result['fullname']=result['first_name']+' '+result['last_name'] |
|
57
|
|
|
logger.debug("Returning user details: "+str(result)) |
|
58
|
|
|
return result |
|
59
|
|
|
|
|
60
|
|
|
def get_user_id(self, details, response): |
|
61
|
|
|
"""Return a unique ID for the current user, by default from server response.""" |
|
62
|
|
|
return response[self.ENV_USERNAME] |
|
63
|
|
|
|
|
64
|
|
|
|
troeger /
opensubmit
