Skip to content

GitLab

Commit 136e8e2a authored by marcus-tun's avatar marcus-tun
Browse files

removed dead code; removed client specific behaviour; removed key upload

parent f09fd71e
Show whitespace changes
Inline Side-by-side
server/sso.py
View file @ 136e8e2a
...@@ -42,24 +42,6 @@ def handler(req): ...@@ -42,24 +42,6 @@ def handler(req):
# find out at which url we were called # find out at which url we were called
(none, none, location) = req.uri.split('/') (none, none, location) = req.uri.split('/')
# sso
if location == 'sso.py':
req.content_type = 'text/html'
req.write('''<!DOCTYPE html>
<html>
<head>
<meta http-equiv="refresh" content="1
URL=https://saml-delegation.data.kit.edu/sd/ecp.py">
<!-- URI: %s -->
</head>
<body>
<br/>
Save your assertion as "/tmp/samlup_uXXXX.tmp" where you replace
"XXXX" with your user id.<br>
</body>
</html>'''% req.uri)
return apache.OK
############################ ############################
# js: sso via javascript # # js: sso via javascript #
############################ ############################
...@@ -80,6 +62,8 @@ def handler(req): ...@@ -80,6 +62,8 @@ def handler(req):
<br/><p> You can now use this URL as a temporary password:<br/> <br/><p> You can now use this URL as a temporary password:<br/>
<b id="url"> Wait </b></p> <b id="url"> Wait </b></p>
<p> Or download the assertion <a id="url2" href="" > Wait for link </a> and save it to /tmp/samlup_uXXXX</p>
<script src="js-new.js"></script> <script src="js-new.js"></script>
<head> </head> <head> </head>
<body> </body> <body> </body>
...@@ -96,22 +80,6 @@ def handler(req): ...@@ -96,22 +80,6 @@ def handler(req):
req.write(assertion) req.write(assertion)
return apache.OK return apache.OK
########
# test #
########
if location in ( 'test_transport.py') :
buf = req.read()
write_var (req, buf, 'buf')
req.write('Transport test done')
return apache.OK
if location in ( 'test_assertion.py') :
req.content_type = 'text/plain'
form = util.FieldStorage(req)
b64_encrypted_assertion = form.get("encrypted_assertion", "Error: No assertion field sent").replace(' ', '+')
write_var (req, b64_encrypted_assertion, "b64_encrypted_assertion")
return apache.OK
############ ############
# upload # # upload #
############ ############
...@@ -131,23 +99,19 @@ def handler(req): ...@@ -131,23 +99,19 @@ def handler(req):
req.write ("Error: did not obtain the encrypted_assertion") req.write ("Error: did not obtain the encrypted_assertion")
return apache.OK return apache.OK
b64 = form.get("encrypted_assertion", "Error: no assertion present").replace(' ', '+') b64 = form.get("encrypted_assertion", "Error: no assertion present").replace(' ', '+')
write_var (req, b64, 'b64') #write_var (req, b64, 'b64')
client_version = form.get ("client_verions", "oops").replace(' ', '+') client_version = form.get ("client_verions", "oops").replace(' ', '+')
# decode assertion # decode assertion
if client == 'perl':
encrypted_assertion = b64decode(b64)
elif client == 'javascript':
encrypted_assertion = unhexlify(b64) encrypted_assertion = unhexlify(b64)
else:
req.write ('client not supported')
return apache.OK
write_var (req, encrypted_assertion, 'encrypted_assertion')
# create hash # create hash
assertion_hash = str(hashlib.md5(encrypted_assertion).hexdigest()) assertion_hash = str(hashlib.md5(encrypted_assertion).hexdigest())
assertion_url ='https://' + req.hostname + '/assertions/' + assertion_hash assertion_url ='https://' + req.hostname + '/assertions/' + assertion_hash
# Publish encrypted assertion on the web
write_var (req, encrypted_assertion, assertion_hash)
# return the url as key=value FIXME # return the url as key=value FIXME
req.write("url=%s" % assertion_url) req.write("url=%s" % assertion_url)
#req.write("%s" % assertion_url) #req.write("%s" % assertion_url)
...@@ -155,18 +119,13 @@ def handler(req): ...@@ -155,18 +119,13 @@ def handler(req):
######### #########
# debug # # debug #
######### #########
# decrypt assertion in case password is provided # decrypt assertion in case a key is uploaded by the client
if form.has_key("key"): if form.has_key("key"):
enc_key = form.get("key", "") enc_key = form.get("key", "")
write_var (req, enc_key, 'enc_key')
client = form.get("client","") client = form.get("client","")
if client == "perl":
key = b64decode(enc_key)
if client == "javascript":
iv = unhexlify(form.get("iv",""))
key = unhexlify(enc_key) key = unhexlify(enc_key)
enc_ass = encrypted_assertion
encrypted_assertion = iv + enc_ass
write_var(req,enc_key, "key") write_var(req,enc_key, "key")
write_var(req, encrypted_assertion, 'encrypted_assertion') write_var(req, encrypted_assertion, 'encrypted_assertion')
...@@ -187,19 +146,3 @@ def handler(req): ...@@ -187,19 +146,3 @@ def handler(req):
req.content_type = 'text/plain' req.content_type = 'text/plain'
req.write("Error: Your request was not understood") req.write("Error: Your request was not understood")
return apache.OK return apache.OK
#return apache.HTTP_BAD_REQUEST
# Some leftovers:
#bs = Blowfish.block_size
#iv = '12333123'
#cipher = Blowfish.new(key, Blowfish.MODE_ECB, iv)
#cipher = new Crypt::CBC (symmetric_key, 'Twofish');
#my plaintext = cipher->decrypt(encrypted_assertion);
#print ("\n".plaintext."\n");
##plaintext = b'docendo discimus '
##plen = bs - divmod(len(plaintext),bs)[1]
##padding = [plen]*plen
##padding = pack('b'*plen, *padding)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Imprint