more cleanup, remove supervisr imports

passbook/saml_idp/apps.py

@@ -1,7 +1,12 @@
 """passbook mod saml_idp app config"""
+from importlib import import_module
+from logging import getLogger
 
-from django.apps.config import AppConfig
+from django.apps import AppConfig
 
+from passbook.lib.config import CONFIG
+
+LOGGER = getLogger(__name__)
 
 class PassbookSAMLIDPConfig(AppConfig):
     """passbook saml_idp app config"""
@@ -9,3 +14,13 @@ class PassbookSAMLIDPConfig(AppConfig):
     name = 'passbook.saml_idp'
     label = 'passbook_saml_idp'
     verbose_name = 'passbook SAML IDP'
+
+    def ready(self):
+        """Load source_types from config file"""
+        source_types_to_load = CONFIG.y('saml_idp.types', [])
+        for source_type in source_types_to_load:
+            try:
+                import_module(source_type)
+                LOGGER.info("Loaded %s", source_type)
+            except ImportError as exc:
+                LOGGER.debug(exc)

passbook/saml_idp/base.py

@@ -6,7 +6,7 @@ from logging import getLogger
 
 from bs4 import BeautifulSoup
 
-# from passbook.core.models import Setting
+from passbook.lib.config import CONFIG
 from passbook.saml_idp import codex, exceptions, xml_render
 
 MINUTES = 60
@@ -53,7 +53,7 @@ class Processor:
     _subject = None
     _subject_format = 'urn:oasis:names:tc:SAML:2.0:nameid-format:email'
     _system_params = {
-        'ISSUER': Setting.get('issuer'),
+        'ISSUER': CONFIG.y('saml_idp.issuer'),
     }
 
     @property
@@ -84,7 +84,7 @@ class Processor:
             'AUTH_INSTANT': get_time_string(),
             'ISSUE_INSTANT': get_time_string(),
             'NOT_BEFORE': get_time_string(-1 * HOURS),  # TODO: Make these settings.
-            'NOT_ON_OR_AFTER': get_time_string(int(Setting.get('assertion_valid_for')) * MINUTES),
+            'NOT_ON_OR_AFTER': get_time_string(int(CONFIG.y('saml_idp.assertion_valid_for')) * MINUTES),
             'SESSION_INDEX': self._session_index,
             'SESSION_NOT_ON_OR_AFTER': get_time_string(8 * HOURS),
             'SP_NAME_QUALIFIER': self._audience,
@@ -175,7 +175,7 @@ class Processor:
 
     def _format_response(self):
         """Formats _response_params as _response_xml."""
-        sign_it = Setting.get_bool('signing')
+        sign_it = CONFIG.y('saml_idp.signing', True)
         assertion_id = self._assertion_params['ASSERTION_ID']
         self._response_xml = xml_render.get_response_xml(self._response_params,
                                                          signed=sign_it,
@@ -187,7 +187,7 @@ class Processor:
             'acs_url': self._request_params['ACS_URL'],
             'saml_response': self._saml_response,
             'relay_state': self._relay_state,
-            'autosubmit': Setting.get('autosubmit'),
+            'autosubmit': CONFIG.y('saml_idp.autosubmit', False),
         }
 
     def _parse_request(self):
@@ -228,7 +228,7 @@ class Processor:
         self._subject = sp_config
         self._subject_format = 'urn:oasis:names:tc:SAML:2.0:nameid-format:email'
         self._system_params = {
-            'ISSUER': Setting.get('issuer'),
+            'ISSUER': CONFIG.y('saml_idp.issuer'),
         }
 
     def _validate_request(self):

passbook/saml_idp/processors/demo.py

@@ -1,32 +0,0 @@
-"""
-Demo Processor
-"""
-
-from supervisr.mod.auth.saml.idp.base import Processor
-from supervisr.mod.auth.saml.idp.xml_render import get_assertion_xml
-
-
-class DemoProcessor(Processor):
-    """
-    Demo Response Handler Processor for testing against django-saml2-sp.
-    """
-
-    def _format_assertion(self):
-        # NOTE: This uses the SalesForce assertion for the demo.
-        self._assertion_xml = get_assertion_xml(
-            'saml/xml/assertions/salesforce.xml', self._assertion_params, signed=True)
-
-
-class DemoAttributeProcessor(Processor):
-    """
-    Demo Response Handler Processor for testing against django-saml2-sp;
-    Adds SAML attributes to the assertion.
-    """
-
-    def _format_assertion(self):
-        # NOTE: This uses the SalesForce assertion for the demo.
-        self._assertion_params['ATTRIBUTES'] = {
-            'foo': 'bar',
-        }
-        self._assertion_xml = get_assertion_xml(
-            'saml/xml/assertions/salesforce.xml', self._assertion_params, signed=True)

passbook/saml_idp/processors/generic.py

@@ -1,12 +1,8 @@
-"""
-Generic Processor
-"""
+"""Generic Processor"""
 
-from supervisr.mod.auth.saml.idp.base import Processor
+from passbook.saml_idp.base import Processor
 
 
 class GenericProcessor(Processor):
-    """
-    Generic Response Handler Processor for testing against django-saml2-sp.
-    """
+    """Generic Response Handler Processor for testing against django-saml2-sp."""
     pass

passbook/saml_idp/processors/gitlab.py

@@ -1,14 +1,10 @@
-"""
-GitLab Processor
-"""
+"""GitLab Processor"""
 
-from supervisr.mod.auth.saml.idp.base import Processor
+from passbook.saml_idp.base import Processor
 
 
 class GitLabProcessor(Processor):
-    """
-    GitLab Response Handler Processor for testing against django-saml2-sp.
-    """
+    """GitLab Response Handler Processor for testing against django-saml2-sp."""
 
     def _determine_audience(self):
         # Nextcloud expects an audience in this format

passbook/saml_idp/processors/nextcloud.py

@@ -1,13 +1,9 @@
-"""
-NextCloud Processor
-"""
-from supervisr.mod.auth.saml.idp.base import Processor
+"""NextCloud Processor"""
+from passbook.saml_idp.base import Processor
 
 
 class NextCloudProcessor(Processor):
-    """
-    Nextcloud SAML 2.0 AuthnRequest to Response Handler Processor.
-    """
+    """Nextcloud SAML 2.0 AuthnRequest to Response Handler Processor."""
 
     def _determine_audience(self):
         # Nextcloud expects an audience in this format

passbook/saml_idp/processors/salesforce.py

@@ -1,15 +1,11 @@
-"""
-Salesforce Processor
-"""
+"""Salesforce Processor"""
 
-from supervisr.mod.auth.saml.idp.base import Processor
-from supervisr.mod.auth.saml.idp.xml_render import get_assertion_xml
+from passbook.saml_idp.base import Processor
+from passbook.saml_idp.xml_render import get_assertion_xml
 
 
 class SalesForceProcessor(Processor):
-    """
-    SalesForce.com-specific SAML 2.0 AuthnRequest to Response Handler Processor.
-    """
+    """SalesForce.com-specific SAML 2.0 AuthnRequest to Response Handler Processor."""
 
     def _determine_audience(self):
         self._audience = 'IAMShowcase'

passbook/saml_idp/processors/shibboleth.py

@@ -1,17 +1,11 @@
-"""
-Shib Processor
-"""
+"""Shibboleth Processor"""
 
 from supervisr.mod.auth.saml.idp.base import Processor
 
 
-class ShibProcessor(Processor):
-    """
-    Shib-specific Processor
-    """
+class ShibbolethProcessor(Processor):
+    """Shibboleth-specific Processor"""
 
     def _determine_audience(self):
-        """
-        Determines the _audience.
-        """
+        """Determines the _audience."""
         self._audience = "https://sp.testshib.org/shibboleth-sp"

passbook/saml_idp/processors/wordpress_orange.py

@@ -1,14 +1,10 @@
-"""
-WordpressOrange Processor
-"""
+"""WordpressOrange Processor"""
 
-from supervisr.mod.auth.saml.idp.base import Processor
+from passbook.saml_idp.base import Processor
 
 
 class WordpressOrangeProcessor(Processor):
-    """
-    WordpressOrange Response Handler Processor for testing against django-saml2-sp.
-    """
+    """WordpressOrange Response Handler Processor for testing against django-saml2-sp."""
 
     def _determine_audience(self):
         # Orange expects an audience in this format

passbook/saml_idp/settings.py

@@ -1,57 +0,0 @@
-"""SAML2 IDP Default settings"""
-
-SAML2IDP_CONFIG = {
-    # Default metadata to configure this local IdP.
-    'autosubmit': True,
-    'certificate_data': """-----BEGIN CERTIFICATE-----
-MIIDrTCCApWgAwIBAgIJAMyu7G6V0HCtMA0GCSqGSIb3DQEBCwUAMGwxCzAJBgNV
-BAYTAkRFMQswCQYDVQQIDAJCVzEWMBQGA1UEBwwNV2VpbCBhbSBSaGVpbjETMBEG
-A1UECgwKQmVyeUp1Lm9yZzEjMCEGA1UEAwwaU3VwZXJ2aXNyIFNBTUwgSURQIERl
-ZmF1bHQwIBcNMTcwNjMwMTQzNjU2WhgPNDAxNjAzMDIxNDM2NTZaMGwxCzAJBgNV
-BAYTAkRFMQswCQYDVQQIDAJCVzEWMBQGA1UEBwwNV2VpbCBhbSBSaGVpbjETMBEG
-A1UECgwKQmVyeUp1Lm9yZzEjMCEGA1UEAwwaU3VwZXJ2aXNyIFNBTUwgSURQIERl
-ZmF1bHQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh+wp/kf2mSJd9
-s562gH6NUAZEFpMqeicKJLLrbt0qmovEej6HIKNTTrnQUyaq5L5u6FBALwrURpx7
-NztzwcNehfmKdl0n1AsHWaWuuaRSPwxv9F/YCEeq15KLC686DN0lG2MDaeFxF1xe
-23FnZUQ06/G7lSGO4tZUEvEFaYX48M1txydmeLxJHyQPfsADK9ozK6h9+daDD/uJ
-OSrN4kgh19hMIDg1BPJ0JldK3ohjgFNhQ+KZ9CvgfU9kVzHZ6ZbsKyG20HFCTu8D
-lV5QFi+CcTj9BgkXNE1pVc15P6Ef97dg3DYgLIZNBK8gWweQzMvtAJeqd9Oj9dGY
-PzONsHY5AgMBAAGjUDBOMB0GA1UdDgQWBBRgrJg/30Y1O4bgan+YJ0D0rf5s0DAf
-BgNVHSMEGDAWgBRgrJg/30Y1O4bgan+YJ0D0rf5s0DAMBgNVHRMEBTADAQH/MA0G
-CSqGSIb3DQEBCwUAA4IBAQBaITBSa75Y1dlDdvIp7/NgidRYgOx6xrVC5eYqf0X7
-GNBidh3PSqBeiuK9ARtzmoWKS/G5Ufr6dvS7SglcEIqhba33iIaRtB5P14yYb8j1
-lXKTy/plv+Z2DXeqcCVlFJqc9wSZx2Shkump5ctvkPIV5qW29fQA3IeM+bdNgqVr
-8mEagDJEnFIpbCkkKTFNIrWR8f72SXzc0jxPi89oFlMvINc+ogaFSxwbyPMIMoaI
-IPMtp3THfTObYBoLNeeWMug/ynKMcUNs4pzh97RNacAxMYSb/3rbblrnq0CYDcmG
-RHlwc9dbwx1rVaCt+dYznAoD8rvZw8iCaS2m4b75uzsn
------END CERTIFICATE-----""",
-    'private_key_data': """-----BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA4fsKf5H9pkiXfbOetoB+jVAGRBaTKnonCiSy627dKpqLxHo+
-hyCjU0650FMmquS+buhQQC8K1Eacezc7c8HDXoX5inZdJ9QLB1mlrrmkUj8Mb/Rf
-2AhHqteSiwuvOgzdJRtjA2nhcRdcXttxZ2VENOvxu5UhjuLWVBLxBWmF+PDNbccn
-Zni8SR8kD37AAyvaMyuoffnWgw/7iTkqzeJIIdfYTCA4NQTydCZXSt6IY4BTYUPi
-mfQr4H1PZFcx2emW7CshttBxQk7vA5VeUBYvgnE4/QYJFzRNaVXNeT+hH/e3YNw2
-ICyGTQSvIFsHkMzL7QCXqnfTo/XRmD8zjbB2OQIDAQABAoIBAQDUZ8JWZkKkKVc7
-L7nekKhi6vT4yr9JDcfkINqLsIjxopH8+2oKWQMrKrQ8u+t8dcUJOhM0QQNMw5IR
-vriC9X1NO2ByZQ7qgMRdBEZXFOb+54QpNulfhWjXjAiR6Umqpqy2VCec7ciZI/wO
-rPTK2sRheeSdDG+eflg2bhddnvHuKaSD0N27guhRYDg8e0NpqohuWHftzC0Z3OqQ
-2nTVYSNFev8V0cNN8ESK+r/S1MG0BlxuhPzdp3SolGdYvAQNp4RizZslnnYuBmMf
-SMoZY689v/v622xrQ0pHiPU72lgcSXRzlFD6p4+ecxHvhtZiPVEIUtCLXdmaOs1b
-6mlKZs6BAoGBAPjPdLVe9gSUB9s91RIpY7JsPyjABzH0WgLFAMat2VlZQM0b1o2y
-U65kd8HY/xxzDRxzsTuE+7fusipk5zlwfmyPhxEbwHyjT6xFUneBiHamKOR5F6Xk
-2HdOc4swMXitAFsHDl85ys+ovHV50nb6TilEW2vAIj7J178NdMGRbE2LAoGBAOiC
-tHNOyfuUVzYU34oOhQ4B1VVLB60LJSFnPdHoFss/nt73kLWuw0Z5iuX6f3PhybiA
-6qSLT53EzmcrtUUa6H9MNW2d4bGLMkGn3rku6XKBH4d4h7D3YVUQCCx0nDz30FNz
-90/9J0oZbrksnUlE5EpU+vpRmvriz1AFTljDrgvLAoGBAPiLbD990+5w3YRCOSWC
-WQg0H8eaQ9XADWZ02zidE+CwSw5Zf7Nebz9nN0ZaeUU3HOLOIz6cskNj23CECYMU
-gAX8PmV1vowDK6SgPygIKoSzqWfKGzhp6V8M7FkfVFwDHbbQzqeLeLCGE3SatAaM
-NiX9FgIGFW95e95rF7YBihnPAoGAAx8+LQ4xyB8FzMQa/E+VmcqMgsivIbO0m+42
-9kqXg8Mm7veECex+0sNvCgeDDptJiiCxBeSY/RVXcCs2E+d4l7z+OqqUDT5BPoBy
-jSoEGHWDZt5HdCjeNbYxZedq8aaiNXypJXnQvT36LqJaulEif50Egbf2zMee4QQx
-OR/nhmECgYEAwc7/woIMJFOSfo3IgsYU8a7KKQ0w2JSvXMND9IkMjo/Oc8mT08Z1
-hMv77bCX4zZr162Wg02BgA5rKPHu56ofjOBeQvabfmzB0d+H/mxv/V7PC50QBqLd
-zcepulF4OHOf+b2vKPmgN/HoQQyISw6l7SwuOH0gQI+SOxyBNuIIqN0=
------END RSA PRIVATE KEY-----""",
-    'issuer': 'http://localhost:8000',
-    'signing': True,
-}

passbook/saml_idp/templates/saml/idp/login.html

@@ -1,6 +1,6 @@
 {% extends "core/skel.html" %}
 
-{% load supervisr_utils %}
+{% load utils %}
 {% load i18n %}
 
 {% block title %}
@@ -15,8 +15,8 @@
     <input type="hidden" name="RelayState" value="{{ relay_state }}" />
     <input type="hidden" name="SAMLResponse" value="{{ saml_response }}" />
     <label class="title">
-      <clr-icon shape="supervisr" class="is-info" size="48"></clr-icon>
-      {% supervisr_setting 'branding' %}
+      <clr-icon shape="passbook" class="is-info" size="48"></clr-icon>
+      {% config 'passbook.branding' %}
     </label>
     <label class="subtitle">
       {% trans 'SSO - Authorize External Source' %}

passbook/saml_idp/templates/saml/idp/settings.html

@@ -1,7 +1,7 @@
 {% extends "_admin/module_default.html" %}
 
 {% load i18n %}
-{% load supervisr_utils %}
+{% load utils %}
 
 {% block title %}
 {% title "Overview" %}
@@ -39,7 +39,7 @@
         </section>
       </div>
       <div class="card-footer">
-        <a href="{% url 'supervisr_mod_auth_saml_idp:metadata_xml' %}" class="btn btn-primary"><clr-icon shape="download"></clr-icon>{% trans 'Download Metadata' %}</a>
+        <a href="{% url 'passbook_saml_idp:metadata_xml' %}" class="btn btn-primary"><clr-icon shape="download"></clr-icon>{% trans 'Download Metadata' %}</a>
       </div>
     </div>
   </div>

passbook/saml_idp/urls.py

@@ -1,4 +1,4 @@
-"""Supervisr SAML IDP URLs"""
+"""passbook SAML IDP URLs"""
 from django.conf.urls import url
 
 from passbook.saml_idp import views

passbook/saml_idp/xml_render.py

@@ -2,7 +2,7 @@
 
 from logging import getLogger
 
-from passbook.lib.utils import render_to_string
+from passbook.lib.utils.template import render_to_string
 from passbook.saml_idp.xml_signing import (get_signature_xml, load_certificate,
                                            load_private_key, sign_with_signxml)
 

passbook/saml_idp/xml_signing.py

@@ -7,15 +7,15 @@ from defusedxml import ElementTree
 from signxml import XMLSigner
 from signxml.util import strip_pem_header
 
-from passbook.core.models import Setting
-from passbook.lib.utils import render_to_string
+from passbook.lib.config import CONFIG
+from passbook.lib.utils.template import render_to_string
 
 LOGGER = getLogger(__name__)
 
 
 def load_certificate(strip=False):
     """Get Public key from config"""
-    cert = Setting.get('certificate')
+    cert = CONFIG.y('saml_idp.certificate', '')
     if strip:
         return strip_pem_header(cert.replace('\r', '')).replace('\n', '')
     return cert
@@ -23,7 +23,7 @@ def load_certificate(strip=False):
 
 def load_private_key():
     """Get Private Key from config"""
-    return Setting.get('private_key')
+    return CONFIG.y('saml_idp.key', '')
 
 
 def sign_with_signxml(private_key, data, cert, reference_uri=None):