1 from six.moves.urllib import parse
2 from tornado import gen
3 from tornado import web
6 from opnfv_testapi.common import config
7 from opnfv_testapi.ui.auth import base
8 from opnfv_testapi.ui.auth import constants as const
10 CONF = config.Config()
13 class SigninHandler(base.BaseHandler):
15 csrf_token = base.get_token()
16 return_endpoint = parse.urljoin(CONF.api_url,
17 CONF.osid_openid_return_to)
18 return_to = base.set_query_params(return_endpoint,
19 {const.CSRF_TOKEN: csrf_token})
22 const.OPENID_MODE: CONF.osid_openid_mode,
23 const.OPENID_NS: CONF.osid_openid_ns,
24 const.OPENID_RETURN_TO: return_to,
25 const.OPENID_CLAIMED_ID: CONF.osid_openid_claimed_id,
26 const.OPENID_IDENTITY: CONF.osid_openid_identity,
27 const.OPENID_REALM: CONF.api_url,
28 const.OPENID_NS_SREG: CONF.osid_openid_ns_sreg,
29 const.OPENID_NS_SREG_REQUIRED: CONF.osid_openid_sreg_required,
31 url = CONF.osid_openstack_openid_endpoint
32 url = base.set_query_params(url, params)
33 self.redirect(url=url, permanent=False)
36 class SigninReturnHandler(base.BaseHandler):
40 if self.get_query_argument(const.OPENID_MODE) == 'cancel':
41 self._auth_failure('Authentication canceled.')
43 openid = self.get_query_argument(const.OPENID_CLAIMED_ID)
44 role = const.DEFAULT_ROLE
47 'email': self.get_query_argument(const.OPENID_NS_SREG_EMAIL),
48 'fullname': self.get_query_argument(const.OPENID_NS_SREG_FULLNAME),
51 user = yield self.db_find_one({'openid': openid})
53 self.db_save(self.table, new_user_info)
54 logging.info('save to db:%s', new_user_info)
56 role = user.get(const.ROLE)
58 self.clear_cookie(const.OPENID)
59 self.clear_cookie(const.ROLE)
60 self.set_secure_cookie(const.OPENID, openid)
61 self.set_secure_cookie(const.ROLE, role)
62 self.redirect(url=CONF.ui_url)
64 def _auth_failure(self, message):
65 params = {'message': message}
66 url = parse.urljoin(CONF.ui_url,
67 '/#/auth_failure?' + parse.urlencode(params))
71 class SignoutHandler(base.BaseHandler):
73 """Handle signout request."""
74 self.clear_cookie(const.OPENID)
75 self.clear_cookie(const.ROLE)
76 params = {'openid_logout': CONF.osid_openid_logout_endpoint}
77 url = parse.urljoin(CONF.ui_url,
78 '/#/logout?' + parse.urlencode(params))