1 from six.moves.urllib import parse
2 from tornado import gen
3 from tornado import web
5 from opnfv_testapi.common.config import CONF
6 from opnfv_testapi.db import api as dbapi
7 from opnfv_testapi.ui.auth import base
8 from opnfv_testapi.ui.auth import constants as const
11 class SigninHandler(base.BaseHandler):
13 csrf_token = base.get_token()
14 return_endpoint = parse.urljoin(CONF.api_url,
15 CONF.osid_openid_return_to)
16 return_to = base.set_query_params(return_endpoint,
17 {const.CSRF_TOKEN: csrf_token})
20 const.OPENID_MODE: CONF.osid_openid_mode,
21 const.OPENID_NS: CONF.osid_openid_ns,
22 const.OPENID_RETURN_TO: return_to,
23 const.OPENID_CLAIMED_ID: CONF.osid_openid_claimed_id,
24 const.OPENID_IDENTITY: CONF.osid_openid_identity,
25 const.OPENID_REALM: CONF.api_url,
26 const.OPENID_NS_SREG: CONF.osid_openid_ns_sreg,
27 const.OPENID_NS_SREG_REQUIRED: CONF.osid_openid_sreg_required,
29 url = CONF.osid_openstack_openid_endpoint
30 url = base.set_query_params(url, params)
31 self.redirect(url=url, permanent=False)
34 class SigninReturnHandler(base.BaseHandler):
38 if self.get_query_argument(const.OPENID_MODE) == 'cancel':
39 self._auth_failure('Authentication canceled.')
41 openid = self.get_query_argument(const.OPENID_CLAIMED_ID)
42 role = const.DEFAULT_ROLE
45 'email': self.get_query_argument(const.OPENID_NS_SREG_EMAIL),
46 'fullname': self.get_query_argument(const.OPENID_NS_SREG_FULLNAME),
49 user = yield dbapi.db_find_one(self.table, {'openid': openid})
51 dbapi.db_save(self.table, new_user_info)
53 role = user.get(const.ROLE)
55 self.clear_cookie(const.OPENID)
56 self.clear_cookie(const.ROLE)
57 self.set_secure_cookie(const.OPENID, openid)
58 self.set_secure_cookie(const.ROLE, role)
59 self.redirect(url=CONF.ui_url)
61 def _auth_failure(self, message):
62 params = {'message': message}
63 url = parse.urljoin(CONF.ui_url,
64 '/#/auth_failure?' + parse.urlencode(params))
68 class SignoutHandler(base.BaseHandler):
70 """Handle signout request."""
71 self.clear_cookie(const.OPENID)
72 self.clear_cookie(const.ROLE)
73 params = {'openid_logout': CONF.osid_openid_logout_endpoint}
74 url = parse.urljoin(CONF.ui_url,
75 '/#/logout?' + parse.urlencode(params))