本文整理汇总了Python中org.gluu.service.cdi.util.CdiUtil类的典型用法代码示例。如果您正苦于以下问题:Python CdiUtil类的具体用法?Python CdiUtil怎么用?Python CdiUtil使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了CdiUtil类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: sendPushNotificationImpl
def sendPushNotificationImpl(self, user, app_id, super_gluu_request):
if not self.pushNotificationsEnabled:
print "Super-Gluu-Push. Push notifications are disabled"
return None
user_name = user.getUserId()
print "Super-Gluu-Push. Sending push notification to user '%s' devices" % user_name
userService = CdiUtil.bean(UserService)
deviceRegistrationService = CdiUtil.bean(DeviceRegistrationService)
user_inum = userService.getUserInum(user_name)
u2f_device_list = deviceRegistrationService.findUserDeviceRegistrations(user_inum, app_id,
"oxId","oxDeviceData","oxDeviceNotificationConf")
send_ios = 0
send_android = 0
if u2f_device_list.size() > 0:
for u2f_device in u2f_device_list:
print "Super-Gluu-Push. Send device notification to device"
device_push_result = self.sendDevicePushNotification(user, app_id, u2f_device, super_gluu_request)
send_ios += device_push_result["send_ios"]
send_android += device_push_result["send_android"]
else:
print "Super-Gluu-Push. No device enrolled for user '%s'" % user_name
return 0
msg = """Super-Gluu-Push. Send push notification. send_android: '%s', send_ios: '%s' """
print msg % (send_android, send_ios)
return send_android + send_ios示例2: prepareForStep
def prepareForStep(self, configurationAttributes, requestParameters, step):
identity = CdiUtil.bean(Identity)
authenticationService = CdiUtil.bean(AuthenticationService)
duo_host = configurationAttributes.get("duo_host").getValue2()
if (step == 1):
print "Duo. Prepare for step 1"
return True
elif (step == 2):
print "Duo. Prepare for step 2"
user = authenticationService.getAuthenticatedUser()
if (user == None):
print "Duo. Prepare for step 2. Failed to determine user name"
return False
user_name = user.getUserId()
duo_sig_request = duo_web.sign_request(self.ikey, self.skey, self.akey, user_name)
print "Duo. Prepare for step 2. duo_sig_request: " + duo_sig_request
identity.setWorkingParameter("duo_host", duo_host)
identity.setWorkingParameter("duo_sig_request", duo_sig_request)
return True
else:
return False示例3: lockUser
def lockUser(self, user_name):
if StringHelper.isEmpty(user_name):
return None
userService = CdiUtil.bean(UserService)
cacheService= CdiUtil.bean(CacheService)
facesMessages = CdiUtil.bean(FacesMessages)
facesMessages.setKeepMessages()
find_user_by_uid = userService.getUser(user_name)
if (find_user_by_uid == None):
return None
status_attribute_value = userService.getCustomAttribute(find_user_by_uid, "gluuStatus")
if status_attribute_value != None:
user_status = status_attribute_value.getValue()
if StringHelper.equals(user_status, "inactive"):
print "Basic (lock account). Lock user. User '%s' locked already" % user_name
return
userService.setCustomAttribute(find_user_by_uid, "gluuStatus", "inactive")
updated_user = userService.updateUser(find_user_by_uid)
object_to_store = json.dumps({'locked': True, 'created': LocalDateTime.now().toString()}, separators=(',',':'))
cacheService.put(StringHelper.toString(self.lockExpirationTime), "lock_user_"+user_name, object_to_store);
facesMessages.add(FacesMessage.SEVERITY_ERROR, "Your account is locked. Please try again after " + StringHelper.toString(self.lockExpirationTime) + " secs")
print "Basic (lock account). Lock user. User '%s' locked" % user_name开发者ID:GluuFederation,项目名称:community-edition-setup,代码行数:29,代码来源:BasicLockAccountExternalAuthenticator.py
示例4: prepareForStep
def prepareForStep(self, configurationAttributes, requestParameters, step):
print "Cert. Prepare for step %d" % step
identity = CdiUtil.bean(Identity)
if step == 1:
if self.enabled_recaptcha:
identity.setWorkingParameter("recaptcha_site_key", self.recaptcha_creds['site_key'])
elif step == 2:
# Store certificate in session
facesContext = CdiUtil.bean(FacesContext)
externalContext = facesContext.getExternalContext()
request = externalContext.getRequest()
# Try to get certificate from header X-ClientCert
clientCertificate = externalContext.getRequestHeaderMap().get("X-ClientCert")
if clientCertificate != None:
x509Certificate = self.certFromPemString(clientCertificate)
identity.setWorkingParameter("cert_x509", self.certToString(x509Certificate))
print "Cert. Prepare for step 2. Storing user certificate obtained from 'X-ClientCert' header"
return True
# Try to get certificate from attribute javax.servlet.request.X509Certificate
x509Certificates = request.getAttribute('javax.servlet.request.X509Certificate')
if (x509Certificates != None) and (len(x509Certificates) > 0):
identity.setWorkingParameter("cert_x509", self.certToString(x509Certificates[0]))
print "Cert. Prepare for step 2. Storing user certificate obtained from 'javax.servlet.request.X509Certificate' attribute"
return True
if step < 4:
return True
else:
return False示例5: prepareForStep
def prepareForStep(self, configuration_attributes, request_parameters, step):
print "ThumbSignIn. Inside prepareForStep. Step %d" % step
identity = CdiUtil.bean(Identity)
authentication_service = CdiUtil.bean(AuthenticationService)
identity.setWorkingParameter("ts_host", ts_host)
identity.setWorkingParameter("ts_statusPath", ts_statusPath)
self.set_relying_party_login_url(identity)
if step == 1 or step == 3:
print "ThumbSignIn. Prepare for step 1"
self.initialize_thumbsignin(identity, AUTHENTICATE)
return True
elif step == 2:
print "ThumbSignIn. Prepare for step 2"
if identity.isSetWorkingParameter(USER_LOGIN_FLOW):
user_login_flow = identity.getWorkingParameter(USER_LOGIN_FLOW)
print "ThumbSignIn. Value of user_login_flow is %s" % user_login_flow
user = authentication_service.getAuthenticatedUser()
if user is None:
print "ThumbSignIn. Prepare for step 2. Failed to determine user name"
return False
user_name = user.getUserId()
print "ThumbSignIn. Prepare for step 2. user_name: " + user_name
if user_name is None:
return False
identity.setWorkingParameter(USER_ID, user_name)
self.initialize_thumbsignin(identity, REGISTER + "/" + user_name)
return True
else:
return False示例6: getPassportRedirectUrl
def getPassportRedirectUrl(self, provider):
# provider is assumed to exist in self.registeredProviders
url = None
try:
facesContext = CdiUtil.bean(FacesContext)
tokenEndpoint = "https://%s/passport/token" % facesContext.getExternalContext().getRequest().getServerName()
httpService = CdiUtil.bean(HttpService)
httpclient = httpService.getHttpsClient()
print "Passport. getPassportRedirectUrl. Obtaining token from passport at %s" % tokenEndpoint
resultResponse = httpService.executeGet(httpclient, tokenEndpoint, Collections.singletonMap("Accept", "text/json"))
httpResponse = resultResponse.getHttpResponse()
bytes = httpService.getResponseContent(httpResponse)
response = httpService.convertEntityToString(bytes)
print "Passport. getPassportRedirectUrl. Response was %s" % httpResponse.getStatusLine().getStatusCode()
tokenObj = json.loads(response)
url = "/passport/auth/%s/%s" % (provider, tokenObj["token_"])
except:
print "Passport. getPassportRedirectUrl. Error building redirect URL: ", sys.exc_info()[1]
return url示例7: resend_push_notification
def resend_push_notification(self,context):
print "Super-Gluu-RO resend_push_notification"
sessionIdService = CdiUtil.bean(SessionIdService)
session_id = context.getHttpRequest().getParameter(self.sessionIdParamName)
if session_id == None:
print "Super-Gluu-RO. No session_id was specified for resend_push_notification"
context.setUser(None)
return False
sessionId = sessionIdService.getSessionId(session_id)
if sessionId == None:
print "Super-Gluu-RO. Session '%s' does not exist or has expired" % session_id
context.setUser(None)
return False
client = CdiUtil.bean(Identity).getSessionClient().getClient()
if not self.verify_session_ownership(sessionId,context.getUser(),client):
print "Super-Gluu-RO. resend_push_notification_failed due to invalid session ownership"
context.setUser(None)
return False
self.send_push_notification_to_user(sessionId,context)
print "Super-Gluu-RO resend_push_notification complete"
return True示例8: prepareForStep
def prepareForStep(self, configurationAttributes, requestParameters, step):
identity = CdiUtil.bean(Identity)
credentials = identity.getCredentials()
self.setRequestScopedParameters(identity)
if step == 1:
print "OTP. Prepare for step 1"
return True
elif step == 2:
print "OTP. Prepare for step 2"
session_id_validation = self.validateSessionId(identity)
if not session_id_validation:
return False
otp_auth_method = identity.getWorkingParameter("otp_auth_method")
print "OTP. Prepare for step 2. otp_auth_method: '%s'" % otp_auth_method
if otp_auth_method == 'enroll':
authenticationService = CdiUtil.bean(AuthenticationService)
user = authenticationService.getAuthenticatedUser()
if user == None:
print "OTP. Prepare for step 2. Failed to load user enty"
return False
if self.otpType == "hotp":
otp_secret_key = self.generateSecretHotpKey()
otp_enrollment_request = self.generateHotpSecretKeyUri(otp_secret_key, self.otpIssuer, user.getAttribute("displayName"))
elif self.otpType == "totp":
otp_secret_key = self.generateSecretTotpKey()
otp_enrollment_request = self.generateTotpSecretKeyUri(otp_secret_key, self.otpIssuer, user.getAttribute("displayName"))
else:
print "OTP. Prepare for step 2. Unknown OTP type: '%s'" % self.otpType
return False
print "OTP. Prepare for step 2. Prepared enrollment request for user: '%s'" % user.getUserId()
identity.setWorkingParameter("otp_secret_key", self.toBase64Url(otp_secret_key))
identity.setWorkingParameter("otp_enrollment_request", otp_enrollment_request)
return True
elif step == 3:
print "OTP. Prepare for step 3"
session_id_validation = self.validateSessionId(identity)
if not session_id_validation:
return False
otp_auth_method = identity.getWorkingParameter("otp_auth_method")
print "OTP. Prepare for step 3. otp_auth_method: '%s'" % otp_auth_method
if otp_auth_method == 'enroll':
return True
return False示例9: __init__
def __init__(self, appId, superGluuRequest):
self.appId = appId
self.superGluuRequest = superGluuRequest
self.debugEnabled = False
self.deviceRegistrationService = CdiUtil.bean(DeviceRegistrationService)
self.pushSnsService = CdiUtil.bean(PushSnsService)
self.user = None
self.u2fDevice = None
self.devicePlatform = None
self.pushToken = None示例10: getNextStep
def getNextStep(self, configurationAttributes, requestParameters, step):
print "Casa. getNextStep called %s" % str(step)
if step > 1:
acr = ServerUtil.getFirstValue(requestParameters, "alternativeMethod")
if acr != None:
print "Casa. getNextStep. Use alternative method %s" % acr
CdiUtil.bean(Identity).setWorkingParameter("ACR", acr)
#retry step with different acr
return 2
return -1示例11: authenticate
def authenticate(self, configuration_attributes, request_parameters, step):
print "ThumbSignIn. Inside authenticate. Step %d" % step
authentication_service = CdiUtil.bean(AuthenticationService)
identity = CdiUtil.bean(Identity)
identity.setWorkingParameter("ts_host", ts_host)
identity.setWorkingParameter("ts_statusPath", ts_statusPath)
if step == 1 or step == 3:
print "ThumbSignIn. Authenticate for Step %d" % step
login_flow = ServerUtil.getFirstValue(request_parameters, "login_flow")
print "ThumbSignIn. Value of login_flow parameter is %s" % login_flow
# Logic for ThumbSignIn Authentication Flow (Either step 1 or step 3)
if login_flow == THUMBSIGNIN_AUTHENTICATION or login_flow == THUMBSIGNIN_LOGIN_POST_REGISTRATION:
identity.setWorkingParameter(USER_LOGIN_FLOW, login_flow)
print "ThumbSignIn. Value of userLoginFlow is %s" % identity.getWorkingParameter(USER_LOGIN_FLOW)
logged_in_status = authentication_service.authenticate(self.get_user_id_from_thumbsignin(request_parameters))
print "ThumbSignIn. logged_in status : %r" % logged_in_status
return logged_in_status
# Logic for traditional login flow (step 1)
print "ThumbSignIn. User credentials login flow"
identity.setWorkingParameter(USER_LOGIN_FLOW, THUMBSIGNIN_REGISTRATION)
print "ThumbSignIn. Value of userLoginFlow is %s" % identity.getWorkingParameter(USER_LOGIN_FLOW)
logged_in = self.authenticate_user_credentials(identity, authentication_service)
print "ThumbSignIn. Status of User Credentials based Authentication : %r" % logged_in
# When the traditional login fails, reinitialize the ThumbSignIn data before sending error response to UI
if not logged_in:
self.initialize_thumbsignin(identity, AUTHENTICATE)
return False
print "ThumbSignIn. Authenticate successful for step %d" % step
return True
elif step == 2:
print "ThumbSignIn. Registration flow (step 2)"
self.verify_user_login_flow(identity)
user = self.get_authenticated_user_from_gluu(authentication_service)
if user is None:
print "ThumbSignIn. Registration flow (step 2). Failed to determine user name"
return False
user_name = user.getUserId()
print "ThumbSignIn. Registration flow (step 2) successful. user_name: %s" % user_name
return True
else:
return False示例12: prepareForStep
def prepareForStep(self, configurationAttributes, requestParameters, step):
identity = CdiUtil.bean(Identity)
if (step == 1):
return True
elif (step == 2):
print "Fido2. Prepare for step 2"
session_id = CdiUtil.bean(SessionIdService).getSessionIdFromCookie()
if StringHelper.isEmpty(session_id):
print "Fido2. Prepare for step 2. Failed to determine session_id"
return False
authenticationService = CdiUtil.bean(AuthenticationService)
user = authenticationService.getAuthenticatedUser()
if (user == None):
print "Fido2. Prepare for step 2. Failed to determine user name"
return False
userName = user.getUserId()
metaDataConfiguration = self.getMetaDataConfiguration()
# Check if user have registered devices
registrationPersistenceService = CdiUtil.bean(RegistrationPersistenceService)
assertionResponse = None
attestationResponse = None
userFido2Devices = registrationPersistenceService.findAllRegisteredByUsername(userName)
if (userFido2Devices.size() > 0):
print "Fido2. Prepare for step 2. Call Fido2 endpoint in order to start assertion flow"
try:
assertionService = Fido2ClientFactory.instance().createAssertionService(metaDataConfiguration)
assertionRequest = json.dumps({'username': userName}, separators=(',', ':'))
assertionResponse = assertionService.authenticate(assertionRequest).readEntity(java.lang.String)
except ClientResponseFailure, ex:
print "Fido2. Prepare for step 2. Failed to start assertion flow. Exception:", sys.exc_info()[1]
return False
else:
print "Fido2. Prepare for step 2. Call Fido2 endpoint in order to start attestation flow"
try:
attestationService = Fido2ClientFactory.instance().createAttestationService(metaDataConfiguration)
attestationRequest = json.dumps({'username': userName, 'displayName': userName}, separators=(',', ':'))
attestationResponse = attestationService.register(attestationRequest).readEntity(java.lang.String)
except ClientResponseFailure, ex:
print "Fido2. Prepare for step 2. Failed to start attestation flow. Exception:", sys.exc_info()[1]
return False示例13: initiate_authentication
def initiate_authentication(self, context):
print "Super-Gluu-RO initiatate_authentication"
client = CdiUtil.bean(Identity).getSessionClient().getClient()
sessionId = self.new_unauthenticated_session(context.getUser(),client)
# set session id in identity object
# this will be used by our dynamic scope script
identity = CdiUtil.bean(Identity)
identity.setSessionId(sessionId)
if not self.send_push_notification_to_user(sessionId,context):
context.setUser(None)
print "Send push notification to user '%s' failed " % context.getUser().getUserId()
return False
print "Super-Gluu-RO initiate_authentication complete"
return True示例14: getCountAuthenticationSteps
def getCountAuthenticationSteps(self, configurationAttributes):
print "Casa. getCountAuthenticationSteps called"
if CdiUtil.bean(Identity).getWorkingParameter("skip2FA"):
return 1
acr = CdiUtil.bean(Identity).getWorkingParameter("ACR")
if acr in self.authenticators:
module = self.authenticators[acr]
return module.getCountAuthenticationSteps(module.configAttrs)
else:
return 2
print "Casa. getCountAuthenticationSteps. Could not determine the step count for acr %s" % acr示例15: prepareForStep
def prepareForStep(self, configurationAttributes, requestParameters, step):
identity = CdiUtil.bean(Identity)
if (step == 1):
return True
elif (step == 2):
print "U2F. Prepare for step 2"
session_id = CdiUtil.bean(SessionIdService).getSessionIdFromCookie()
if StringHelper.isEmpty(session_id):
print "U2F. Prepare for step 2. Failed to determine session_id"
return False
authenticationService = CdiUtil.bean(AuthenticationService)
user = authenticationService.getAuthenticatedUser()
if (user == None):
print "U2F. Prepare for step 2. Failed to determine user name"
return False
u2f_application_id = configurationAttributes.get("u2f_application_id").getValue2()
# Check if user have registered devices
deviceRegistrationService = CdiUtil.bean(DeviceRegistrationService)
userInum = user.getAttribute("inum")
registrationRequest = None
authenticationRequest = None
deviceRegistrations = deviceRegistrationService.findUserDeviceRegistrations(userInum, u2f_application_id)
if (deviceRegistrations.size() > 0):
print "U2F. Prepare for step 2. Call FIDO U2F in order to start authentication workflow"
try:
authenticationRequestService = FidoU2fClientFactory.instance().createAuthenticationRequestService(self.metaDataConfiguration)
authenticationRequest = authenticationRequestService.startAuthentication(user.getUserId(), None, u2f_application_id, session_id)
except ClientResponseFailure, ex:
if (ex.getResponse().getResponseStatus() != Response.Status.NOT_FOUND):
print "U2F. Prepare for step 2. Failed to start authentication workflow. Exception:", sys.exc_info()[1]
return False
else:
print "U2F. Prepare for step 2. Call FIDO U2F in order to start registration workflow"
registrationRequestService = FidoU2fClientFactory.instance().createRegistrationRequestService(self.metaDataConfiguration)
registrationRequest = registrationRequestService.startRegistration(user.getUserId(), u2f_application_id, session_id)
identity.setWorkingParameter("fido_u2f_authentication_request", ServerUtil.asJson(authenticationRequest))
identity.setWorkingParameter("fido_u2f_registration_request", ServerUtil.asJson(registrationRequest))
return True