auf/django/saml/backends.py

   1 # -*- coding: utf-8 -*-
   2
   3 import logging
   4
   5 from django.contrib.auth.models import User
   6 from django.contrib.auth.backends import RemoteUserBackend, ModelBackend
   7 from auf.django.saml import settings
   8
   9
  10 logger = logging.getLogger('SAML')
  11
  12
  13 class _BackendMixin:
  14
  15     def clean_username(self, username):
  16         logger.info(u"\nClean username")
  17         logger.info(u"==============")
  18         logger.info(u"username original : %s" % username)
  19         clean_username = username.replace('@auf.org', '')
  20         logger.info(u"username clean : %s" % clean_username)
  21
  22
  23 class FakeSPBackend(ModelBackend, _BackendMixin):
  24     """
  25     On autentifie uniquement sur le username
  26     """
  27
  28     def authenticate(self, username=None, password=None):
  29         try:
  30             return User.objects.get(username=username)
  31         except User.DoesNotExist:
  32             return None
  33
  34
  35 class RealSPBackend(RemoteUserBackend, _BackendMixin):
  36     """
  37     Backend reposant sur le id.auf.org
  38     """
  39     create_unknown_user = getattr(settings, 'SAML_AUTO_CREATION', True)
  40
  41
  42 if settings.SAML_AUTH:
  43     _SPBackend = RealSPBackend
  44 else:
  45     _SPBackend = FakeSPBackend
  46
  47
  48 class SPBackend(_SPBackend):
  49     """
  50     Backend selon la conf
  51     """
  52
  53     def authenticate(self, **kwargs):
  54         logger.info(u"\nauth challenge")
  55         logger.info(u"==============")
  56         for k, v in kwargs.items():
  57             if k == 'password':
  58                 v = '****'
  59             logger.info("* %s : %s" % (k, v))
  60
  61         user = super(SPBackend, self).authenticate(**kwargs)
  62         logger.info(u"Django user authentifié : %s" % user)
  63         return user