~jcsackett/charmworld/bac-tag-constraints

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Copyright 2012, 2013 Canonical Ltd.  This software is licensed under the
# GNU Affero General Public License version 3 (see the file LICENSE).

from charmworld.teams import TeamsRequest
from velruse.api import register_provider
from velruse.providers.openid import OpenIDConsumer
from pyramid.security import NO_PERMISSION_REQUIRED


UBUNTU_SSO = 'ubuntu_sso'


class UbuntuSSOConsumer(OpenIDConsumer):

    def _update_authrequest(self, request, authrequest):
        super(UbuntuSSOConsumer, self)._update_authrequest(request,
                                                           authrequest)
        teams = request.registry.settings.get('openid_teams')
        teams_request = TeamsRequest(teams)
        authrequest.addExtension(teams_request)

    def _lookup_identifier(self, request, identifier):
        return 'http://login.ubuntu.com'


def add_ubuntu_sso_login(config,
                         realm=None,
                         storage=None,
                         login_path='/login/openid',
                         callback_path='/login/openid/callback'):
    """
    Add an Ubuntu SSO login provider to the application.

    `storage` should be an object conforming to the
    `openid.store.interface.OpenIDStore` protocol. This will default
    to `openid.store.memstore.MemoryStore`.
    """
    provider = UbuntuSSOConsumer(UBUNTU_SSO, realm, storage)

    config.add_route(provider.login_route, login_path)
    config.add_view(provider, attr='login', route_name=provider.login_route,
                    permission=NO_PERMISSION_REQUIRED)

    config.add_route(provider.callback_route, callback_path,
                     use_global_views=True,
                     factory=provider.callback)

    register_provider(config, UBUNTU_SSO, provider)