BasicMultiAuthConfExternalAuthenticator.PersonAuthentication クラス

BasicMultiAuthConfExternalAuthenticator.PersonAuthentication の継承関係図

BasicMultiAuthConfExternalAuthenticator.PersonAuthentication 連携図

公開メンバ関数
def	__init__ (self, currentTimeMillis)
def	init (self, configurationAttributes)
def	destroy (self, authConfiguration)
def	getApiVersion (self)
def	isValidAuthenticationMethod (self, usageType, configurationAttributes)
def	getAlternativeAuthenticationMethod (self, usageType, configurationAttributes)
def	authenticate (self, configurationAttributes, requestParameters, step)
def	prepareForStep (self, configurationAttributes, requestParameters, step)
def	getExtraParametersForStep (self, configurationAttributes, step)
def	getCountAuthenticationSteps (self, configurationAttributes)
def	getPageForStep (self, configurationAttributes, step)
def	logout (self, configurationAttributes, requestParameters)
def	loadAuthConfiguration (self, authConfigurationFile)
def	validateAuthConfiguration (self, authConfiguration)
def	createLdapExtendedEntryManagers (self, authConfiguration)
def	createLdapExtendedConfigurations (self, authConfiguration)
def	containsAttributeString (self, dictionary, attribute)
def	containsAttributeArray (self, dictionary, attribute)

公開変数類
	currentTimeMillis
	ldapExtendedEntryManagers

詳解

構築子と解体子

__init__()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.__init__	(		self,
			currentTimeMillis
	)

    def __init__(self, currentTimeMillis):
        self.currentTimeMillis = currentTimeMillis

関数詳解

authenticate()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.authenticate	(		self,
			configurationAttributes,
			requestParameters,
			step
	)

    def authenticate(self, configurationAttributes, requestParameters, step):
        authenticationService = CdiUtil.bean(AuthenticationService)

        if (step == 1):
            print "Basic (multi auth conf). Authenticate for step 1"

            identity = CdiUtil.bean(Identity)
            credentials = identity.getCredentials()

            metricService = CdiUtil.bean(MetricService)
            timerContext = metricService.getTimer(MetricType.OXAUTH_USER_AUTHENTICATION_RATE).time()
            try:
                keyValue = credentials.getUsername()
                userPassword = credentials.getPassword()
    
                if (StringHelper.isNotEmptyString(keyValue) and StringHelper.isNotEmptyString(userPassword)):
                    for ldapExtendedEntryManager in self.ldapExtendedEntryManagers:
                        ldapConfiguration = ldapExtendedEntryManager["ldapConfiguration"]
                        ldapEntryManager = ldapExtendedEntryManager["ldapEntryManager"]
                        loginAttributes = ldapExtendedEntryManager["loginAttributes"]
                        localLoginAttributes = ldapExtendedEntryManager["localLoginAttributes"]
    
                        print "Basic (multi auth conf). Authenticate for step 1. Using configuration: " + ldapConfiguration.getConfigId()
    
                        idx = 0
                        count = len(loginAttributes)
                        while (idx < count):
                            primaryKey = loginAttributes[idx]
                            localPrimaryKey = localLoginAttributes[idx]
    
                            loggedIn = authenticationService.authenticate(ldapConfiguration, ldapEntryManager, keyValue, userPassword, primaryKey, localPrimaryKey)
                            if (loggedIn):
                                metricService.incCounter(MetricType.OXAUTH_USER_AUTHENTICATION_SUCCESS)
                                return True
                            idx += 1
            finally:
                timerContext.stop()
                
            metricService.incCounter(MetricType.OXAUTH_USER_AUTHENTICATION_FAILURES)

            return False
        else:
            return False

containsAttributeArray()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.containsAttributeArray	(		self,
			dictionary,
			attribute
	)

    def containsAttributeArray(self, dictionary, attribute):
        return ((attribute in dictionary) and (len(dictionary[attribute]) > 0))

containsAttributeString()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.containsAttributeString	(		self,
			dictionary,
			attribute
	)

    def containsAttributeString(self, dictionary, attribute):
        return ((attribute in dictionary) and StringHelper.isNotEmptyString(dictionary[attribute]))

createLdapExtendedConfigurations()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.createLdapExtendedConfigurations	(		self,
			authConfiguration
	)

    def createLdapExtendedConfigurations(self, authConfiguration):
        ldapExtendedConfigurations = []

        for ldapConfiguration in authConfiguration["ldap_configuration"]:
            configId = ldapConfiguration["configId"]
            
            servers = ldapConfiguration["servers"]

            bindDN = None
            bindPassword = None
            useAnonymousBind = True
            if (self.containsAttributeString(ldapConfiguration, "bindDN")):
                useAnonymousBind = False
                bindDN = ldapConfiguration["bindDN"]
                bindPassword = ldapConfiguration["bindPassword"]

            useSSL = ldapConfiguration["useSSL"]
            maxConnections = ldapConfiguration["maxConnections"]
            baseDNs = ldapConfiguration["baseDNs"]
            loginAttributes = ldapConfiguration["loginAttributes"]
            localLoginAttributes = ldapConfiguration["localLoginAttributes"]
            
            ldapConfiguration = GluuLdapConfiguration(configId, bindDN, bindPassword, Arrays.asList(servers),
                                                      maxConnections, useSSL, Arrays.asList(baseDNs),
                                                      loginAttributes[0], localLoginAttributes[0], useAnonymousBind)
            ldapExtendedConfigurations.append({ "ldapConfiguration" : ldapConfiguration, "loginAttributes" : loginAttributes, "localLoginAttributes" : localLoginAttributes })
        
        return ldapExtendedConfigurations

createLdapExtendedEntryManagers()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.createLdapExtendedEntryManagers	(		self,
			authConfiguration
	)

    def createLdapExtendedEntryManagers(self, authConfiguration):
        ldapExtendedConfigurations = self.createLdapExtendedConfigurations(authConfiguration)
        
        appInitializer = CdiUtil.bean(AppInitializer)

        ldapExtendedEntryManagers = []
        for ldapExtendedConfiguration in ldapExtendedConfigurations:
            ldapEntryManager = appInitializer.createLdapAuthEntryManager(ldapExtendedConfiguration["ldapConfiguration"])
            ldapExtendedEntryManagers.append({ "ldapConfiguration" : ldapExtendedConfiguration["ldapConfiguration"], "loginAttributes" : ldapExtendedConfiguration["loginAttributes"], "localLoginAttributes" : ldapExtendedConfiguration["localLoginAttributes"], "ldapEntryManager" : ldapEntryManager })
        
        return ldapExtendedEntryManagers

destroy()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.destroy	(		self,
			authConfiguration
	)

    def destroy(self, authConfiguration):
        print "Basic (multi auth conf). Destroy"
        
        result = True
        for ldapExtendedEntryManager in self.ldapExtendedEntryManagers:
            ldapConfiguration = ldapExtendedEntryManager["ldapConfiguration"]
            ldapEntryManager = ldapExtendedEntryManager["ldapEntryManager"]

            destoryResult = ldapEntryManager.destroy()
            result = result and destoryResult
            print "Basic (multi auth conf). Destroyed: " + ldapConfiguration.getConfigId() + ". Result: " + str(destoryResult) 

        print "Basic (multi auth conf). Destroyed successfully"

        return result

getAlternativeAuthenticationMethod()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.getAlternativeAuthenticationMethod	(		self,
			usageType,
			configurationAttributes
	)

    def getAlternativeAuthenticationMethod(self, usageType, configurationAttributes):
        return None

getApiVersion()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.getApiVersion

(

self

)

    def getApiVersion(self):
        return 1

getCountAuthenticationSteps()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.getCountAuthenticationSteps	(		self,
			configurationAttributes
	)

    def getCountAuthenticationSteps(self, configurationAttributes):
        return 1

getExtraParametersForStep()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.getExtraParametersForStep	(		self,
			configurationAttributes,
			step
	)

    def getExtraParametersForStep(self, configurationAttributes, step):
        return None

getPageForStep()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.getPageForStep	(		self,
			configurationAttributes,
			step
	)

    def getPageForStep(self, configurationAttributes, step):
        return ""

init()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.init	(		self,
			configurationAttributes
	)

    def init(self, configurationAttributes):
        print "Basic (multi auth conf). Initialization"

        if (not configurationAttributes.containsKey("auth_configuration_file")):
            print "Basic (multi auth conf). The property auth_configuration_file is empty"
            return False
            
        authConfigurationFile = configurationAttributes.get("auth_configuration_file").getValue2()
        authConfiguration = self.loadAuthConfiguration(authConfigurationFile)
        if (authConfiguration == None):
            print "Basic (multi auth conf). File with authentication configuration should be not empty"
            return False
        
        validationResult = self.validateAuthConfiguration(authConfiguration)
        if (not validationResult):
            return False

        ldapExtendedEntryManagers = self.createLdapExtendedEntryManagers(authConfiguration)
        if (ldapExtendedEntryManagers == None):
            return False
        
        self.ldapExtendedEntryManagers = ldapExtendedEntryManagers

        print "Basic (multi auth conf). Initialized successfully"
        return True     

isValidAuthenticationMethod()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.isValidAuthenticationMethod	(		self,
			usageType,
			configurationAttributes
	)

    def isValidAuthenticationMethod(self, usageType, configurationAttributes):
        return True

loadAuthConfiguration()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.loadAuthConfiguration	(		self,
			authConfigurationFile
	)

    def loadAuthConfiguration(self, authConfigurationFile):
        authConfiguration = None

        # Load authentication configuration from file
        f = open(authConfigurationFile, 'r')
        try:
            authConfiguration = json.loads(f.read())
        except:
            print "Basic (multi auth conf). Load auth configuration. Failed to load authentication configuration from file:", authConfigurationFile
            return None
        finally:
            f.close()
        
        return authConfiguration

logout()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.logout	(		self,
			configurationAttributes,
			requestParameters
	)

    def logout(self, configurationAttributes, requestParameters):
        return True

prepareForStep()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.prepareForStep	(		self,
			configurationAttributes,
			requestParameters,
			step
	)

    def prepareForStep(self, configurationAttributes, requestParameters, step):
        if (step == 1):
            print "Basic (multi auth conf). Prepare for Step 1"
            return True
        else:
            return False

validateAuthConfiguration()

def BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.validateAuthConfiguration	(		self,
			authConfiguration
	)

    def validateAuthConfiguration(self, authConfiguration):
        isValid = True

        if (not ("ldap_configuration" in authConfiguration)):
            print "Basic (multi auth conf). Validate auth configuration. There is no ldap_configuration section in configuration"
            return False
        
        idx = 1
        for ldapConfiguration in authConfiguration["ldap_configuration"]:
            if (not self.containsAttributeString(ldapConfiguration, "configId")):
                print "Basic (multi auth conf). Validate auth configuration. There is no 'configId' attribute in ldap_configuration section #" + str(idx)
                return False

            configId = ldapConfiguration["configId"]

            if (not self.containsAttributeArray(ldapConfiguration, "servers")):
                print "Basic (multi auth conf). Validate auth configuration. Property 'servers' in configuration '" + configId + "' is invalid"
                return False

            if (self.containsAttributeString(ldapConfiguration, "bindDN")):
                if (not self.containsAttributeString(ldapConfiguration, "bindPassword")):
                    print "Basic (multi auth conf). Validate auth configuration. Property 'bindPassword' in configuration '" + configId + "' is invalid"
                    return False

            if (not self.containsAttributeString(ldapConfiguration, "useSSL")):
                print "Basic (multi auth conf). Validate auth configuration. Property 'useSSL' in configuration '" + configId + "' is invalid"
                return False

            if (not self.containsAttributeString(ldapConfiguration, "maxConnections")):
                print "Basic (multi auth conf). Validate auth configuration. Property 'maxConnections' in configuration '" + configId + "' is invalid"
                return False
                
            if (not self.containsAttributeArray(ldapConfiguration, "baseDNs")):
                print "Basic (multi auth conf). Validate auth configuration. Property 'baseDNs' in configuration '" + configId + "' is invalid"
                return False

            if (not self.containsAttributeArray(ldapConfiguration, "loginAttributes")):
                print "Basic (multi auth conf). Validate auth configuration. Property 'loginAttributes' in configuration '" + configId + "' is invalid"
                return False

            if (not self.containsAttributeArray(ldapConfiguration, "localLoginAttributes")):
                print "Basic (multi auth conf). Validate auth configuration. Property 'localLoginAttributes' in configuration '" + configId + "' is invalid"
                return False

            if (len(ldapConfiguration["loginAttributes"]) != len(ldapConfiguration["localLoginAttributes"])):
                print "Basic (multi auth conf). Validate auth configuration. The number of attributes in 'loginAttributes' and 'localLoginAttributes' isn't equal in configuration '" + configId + "'"
                return False

            idx += 1

        return True

メンバ詳解

currentTimeMillis

BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.currentTimeMillis

ldapExtendedEntryManagers

BasicMultiAuthConfExternalAuthenticator.PersonAuthentication.ldapExtendedEntryManagers

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Server/integrations/basic.multi_auth_conf/BasicMultiAuthConfExternalAuthenticator.py

---

2018年09月30日(日) 14時45分02秒作成 - gluu / 構成:   1.8.13