redo models again

passbook/saml_idp/views.py

@@ -17,22 +17,19 @@ from OpenSSL.crypto import FILETYPE_PEM
 from OpenSSL.crypto import Error as CryptoError
 from OpenSSL.crypto import load_certificate
 
-from passbook.core.models import Event, Setting, UserAcquirableRelationship
-from passbook.core.utils import render_to_string
-from passbook.core.views.common import ErrorResponseView
-from passbook.core.views.settings import GenericSettingView
-from passbook.mod.auth.saml.idp import exceptions, registry, xml_signing
-from passbook.mod.auth.saml.idp.forms.settings import IDPSettingsForm
+# from passbook.core.models import Event, Setting, UserAcquirableRelationship
+from passbook.lib.utils.template import render_to_string
+# from passbook.core.views.common import ErrorResponseView
+# from passbook.core.views.settings import GenericSettingView
+from passbook.saml_idp import exceptions, registry, xml_signing
 
 LOGGER = getLogger(__name__)
 URL_VALIDATOR = URLValidator(schemes=('http', 'https'))
 
 
 def _generate_response(request, processor, remote):
-    """
-    Generate a SAML response using processor and return it in the proper Django
-    response.
-    """
+    """Generate a SAML response using processor and return it in the proper Django
+    response."""
     try:
         ctx = processor.generate_response()
         ctx['remote'] = remote
@@ -49,10 +46,8 @@ def render_xml(request, template, ctx):
 
 @csrf_exempt
 def login_begin(request):
-    """
-    Receives a SAML 2.0 AuthnRequest from a Service Provider and
-    stores it in the session prior to enforcing login.
-    """
+    """Receives a SAML 2.0 AuthnRequest from a Service Provider and
+    stores it in the session prior to enforcing login."""
     if request.method == 'POST':
         source = request.POST
     else:
@@ -65,13 +60,11 @@ def login_begin(request):
         return HttpResponseBadRequest('the SAML request payload is missing')
 
     request.session['RelayState'] = source.get('RelayState', '')
-    return redirect(reverse('passbook_mod_auth_saml_idp:saml_login_process'))
+    return redirect(reverse('passbook_saml_idp:saml_login_process'))
 
 
 def redirect_to_sp(request, acs_url, saml_response, relay_state):
-    """
-    Return autosubmit form
-    """
+    """Return autosubmit form"""
     return render(request, 'core/autosubmit_form.html', {
         'url': acs_url,
         'attrs': {
@@ -83,10 +76,8 @@ def redirect_to_sp(request, acs_url, saml_response, relay_state):
 
 @login_required
 def login_process(request):
-    """
-    Processor-based login continuation.
-    Presents a SAML 2.0 Assertion for POSTing back to the Service Provider.
-    """
+    """Processor-based login continuation.
+    Presents a SAML 2.0 Assertion for POSTing back to the Service Provider."""
     LOGGER.debug("Request: %s", request)
     proc, remote = registry.find_processor(request)
     # Check if user has access
@@ -141,11 +132,9 @@ def login_process(request):
 
 @csrf_exempt
 def logout(request):
-    """
-    Allows a non-SAML 2.0 URL to log out the user and
+    """Allows a non-SAML 2.0 URL to log out the user and
     returns a standard logged-out page. (SalesForce and others use this method,
-    though it's technically not SAML 2.0).
-    """
+    though it's technically not SAML 2.0)."""
     auth.logout(request)
 
     redirect_url = request.GET.get('redirect_to', '')
@@ -163,10 +152,8 @@ def logout(request):
 @login_required
 @csrf_exempt
 def slo_logout(request):
-    """
-    Receives a SAML 2.0 LogoutRequest from a Service Provider,
-    logs out the user and returns a standard logged-out page.
-    """
+    """Receives a SAML 2.0 LogoutRequest from a Service Provider,
+    logs out the user and returns a standard logged-out page."""
     request.session['SAMLRequest'] = request.POST['SAMLRequest']
     # TODO: Parse SAML LogoutRequest from POST data, similar to login_process().
     # TODO: Add a URL dispatch for this view.
@@ -179,12 +166,10 @@ def slo_logout(request):
 
 
 def descriptor(request):
-    """
-    Replies with the XML Metadata IDSSODescriptor.
-    """
-    entity_id = Setting.get('issuer')
-    slo_url = request.build_absolute_uri(reverse('passbook_mod_auth_saml_idp:saml_logout'))
-    sso_url = request.build_absolute_uri(reverse('passbook_mod_auth_saml_idp:saml_login_begin'))
+    """Replies with the XML Metadata IDSSODescriptor."""
+    entity_id = CONFIG.y('saml_idp.issuer')
+    slo_url = request.build_absolute_uri(reverse('passbook_saml_idp:saml_logout'))
+    sso_url = request.build_absolute_uri(reverse('passbook_saml_idp:saml_login_begin'))
     pubkey = xml_signing.load_certificate(strip=True)
     ctx = {
         'entity_id': entity_id,
@@ -194,25 +179,25 @@ def descriptor(request):
     }
     metadata = render_to_string('saml/xml/metadata.xml', ctx)
     response = HttpResponse(metadata, content_type='application/xml')
-    response['Content-Disposition'] = 'attachment; filename="sv_metadata.xml'
+    response['Content-Disposition'] = 'attachment; filename="passbook_metadata.xml'
     return response
 
 
-class IDPSettingsView(GenericSettingView):
-    """IDP Settings"""
+# class IDPSettingsView(GenericSettingView):
+#     """IDP Settings"""
 
-    form = IDPSettingsForm
-    template_name = 'saml/idp/settings.html'
+#     form = IDPSettingsForm
+#     template_name = 'saml/idp/settings.html'
 
-    def dispatch(self, request, *args, **kwargs):
-        self.extra_data['metadata'] = escape(descriptor(request).content.decode('utf-8'))
+#     def dispatch(self, request, *args, **kwargs):
+#         self.extra_data['metadata'] = escape(descriptor(request).content.decode('utf-8'))
 
-        # Show the certificate fingerprint
-        sha1_fingerprint = _('<failed to parse certificate>')
-        try:
-            cert = load_certificate(FILETYPE_PEM, Setting.get('certificate'))
-            sha1_fingerprint = cert.digest("sha1")
-        except CryptoError:
-            pass
-        self.extra_data['fingerprint'] = sha1_fingerprint
-        return super().dispatch(request, *args, **kwargs)
+#         # Show the certificate fingerprint
+#         sha1_fingerprint = _('<failed to parse certificate>')
+#         try:
+#             cert = load_certificate(FILETYPE_PEM, CONFIG.y('saml_idp.certificate'))
+#             sha1_fingerprint = cert.digest("sha1")
+#         except CryptoError:
+#             pass
+#         self.extra_data['fingerprint'] = sha1_fingerprint
+#         return super().dispatch(request, *args, **kwargs)