source: TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/attributeauthority.py @ 7077

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/TI12-security/trunk/NDGSecurity/python/ndg_security_server/ndg/security/server/wsgi/attributeauthority.py@7077
Revision 7077, 6.7 KB checked in by pjkersha, 11 years ago (diff)
  • Property svn:keywords set to Id
Line 
1"""WSGI Middleware to set an Attribute Authority instance in tyhe WSGI environ
2
3NERC DataGrid Project
4"""
5__author__ = "P J Kershaw"
6__date__ = "19/08/09"
7__copyright__ = "(C) 2009 Science and Technology Facilities Council"
8__contact__ = "Philip.Kershaw@stfc.ac.uk"
9__license__ = "BSD - see LICENSE file in top-level directory"
10__revision__ = "$Id$"
11import logging
12log = logging.getLogger(__name__)
13import os
14
15from ndg.security.server.attributeauthority import AttributeAuthority
16from ndg.security.server.wsgi import NDGSecurityMiddlewareBase
17
18
19class AttributeAuthorityMiddleware(NDGSecurityMiddlewareBase):
20    '''WSGI to add an NDG Security Attribute Authority in the environ.  This
21    enables multiple WSGI filters to access the same underlying Attribute
22    Authority instance e.g. provide SAML SOAP and WSDL SOAP based interfaces
23    to the same Attribute Authority
24    '''
25    DEFAULT_KEYNAME = 'ndg.security.server.wsgi.attributeauthority'
26    ENVIRON_KEYNAME_CFG_OPTNAME = 'environKeyName'
27   
28    DEFAULT_ATTR_QUERY_IFACE_KEYNAME = \
29        'ndg.security.server.wsgi.attributeauthority.attributeQuery'
30    ENVIRON_KEYNAME_ATTR_QUERY_IFACE_CFG_OPT_NAME = \
31        'environKeyNameAttributeQueryInterface'
32       
33    def __init__(self, app):
34        '''Set-up an Attribute Authority instance
35        '''
36        # Stop in debugger at beginning of SOAP stub if environment variable
37        # is set
38        self.__debug = bool(os.environ.get('NDGSEC_INT_DEBUG'))
39        if self.__debug:
40            import pdb
41            pdb.set_trace()
42       
43        self._app = app
44        self.__aa = None
45        self.__attributeQuery = None
46        self.__keyName = None
47        self.__attributeQueryKeyName = None
48
49    def initialise(self, global_conf, prefix='attributeauthority.',
50                   **app_conf):
51        """Set-up Attribute authority middleware using a Paste app factory
52        pattern.  Overloaded base class method to enable custom settings from
53        app_conf
54       
55        @type app: callable following WSGI interface
56        @param app: next middleware application in the chain     
57        @type global_conf: dict       
58        @param global_conf: PasteDeploy global configuration dictionary
59        @type prefix: basestring
60        @param prefix: prefix for configuration items
61        @type app_conf: dict       
62        @param app_conf: PasteDeploy application specific configuration
63        dictionary
64        """
65        # Set key name for attribute authority set in environ
66        environKeyOptName = prefix + \
67                    AttributeAuthorityMiddleware.ENVIRON_KEYNAME_CFG_OPTNAME
68                   
69        self.keyName = app_conf.pop(environKeyOptName,
70                                AttributeAuthorityMiddleware.DEFAULT_KEYNAME)
71
72        attrQueryIfaceEnvironKeyOptName = prefix + \
73            AttributeAuthorityMiddleware.\
74            ENVIRON_KEYNAME_ATTR_QUERY_IFACE_CFG_OPT_NAME
75           
76        self.attributeQueryKeyName = app_conf.pop(
77            attrQueryIfaceEnvironKeyOptName,
78            AttributeAuthorityMiddleware.DEFAULT_ATTR_QUERY_IFACE_KEYNAME)
79       
80        self.aa = AttributeAuthority.fromProperties(prefix=prefix, **app_conf)
81        self.attributeQuery = self.aa.samlAttributeQueryFactory()
82
83    @classmethod
84    def filter_app_factory(cls, app, global_conf, **app_conf):
85        '''Wrapper to enable instantiation compatible with Paste Deploy
86        filter application factory function signature
87       
88        @type app: callable following WSGI interface
89        @param app: next middleware application in the chain     
90        @type global_conf: dict       
91        @param global_conf: PasteDeploy global configuration dictionary
92        @type prefix: basestring
93        @param prefix: prefix for configuration items
94        @type app_conf: dict       
95        @param app_conf: PasteDeploy application specific configuration
96        dictionary
97        '''
98        app = cls(app)
99        app.initialise(global_conf, **app_conf)
100       
101        return app
102   
103    def __call__(self, environ, start_response):
104        '''Set the Attribute Authority instantiated at initialisation in
105        environ
106       
107        @type environ: dict
108        @param environ: WSGI environment variables dictionary
109        @type start_response: function
110        @param start_response: standard WSGI start response function
111        @rtype: iterable
112        @return: next application in the WSGI stack
113        '''
114        environ[self.keyName] = self.aa
115        environ[self.attributeQueryKeyName] = self.attributeQuery
116        return self._app(environ, start_response)
117   
118    def _get_aa(self):
119        return self.__aa
120   
121    def _set_aa(self, val):
122        if not isinstance(val, AttributeAuthority):
123            raise TypeError('Expecting %r for "aa" attribute; got %r' %
124                            (AttributeAuthority, type(val)))
125        self.__aa = val
126           
127    aa = property(fget=_get_aa,
128                  fset=_set_aa,
129                  doc="Attribute Authority instance")
130
131    def _getKeyName(self):
132        return self.__keyName
133
134    def _setKeyName(self, val):
135        if not isinstance(val, basestring):
136            raise TypeError('Expecting %r for "keyName" attribute; got %r' %
137                            (basestring, type(val)))
138        self.__keyName = val
139       
140    keyName = property(fget=_getKeyName, 
141                       fset=_setKeyName, 
142                       doc="Key name used to index Attribute Authority in "
143                           "environ dictionary")
144
145    def _get_attributeQueryKeyName(self):
146        return self.__attributeQueryKeyName
147
148    def _set_attributeQueryKeyName(self, val):
149        if not isinstance(val, basestring):
150            raise TypeError('Expecting %r for "attributeQueryKeyName" '
151                            'attribute; got %r' % (basestring, type(val)))
152        self.__attributeQueryKeyName = val
153       
154    attributeQueryKeyName = property(fget=_get_attributeQueryKeyName, 
155                                     fset=_set_attributeQueryKeyName, 
156                                     doc="Key name used to index Attribute "
157                                         "Authority SAML attribute query "
158                                         "function in environ dictionary")
159   
160    def _get_attributeQuery(self):
161        return self.__attributeQuery
162
163    def _set_attributeQuery(self, val):
164        if not callable(val):
165            raise TypeError('Expecting a callable for "attributeQuery" '
166                            'attribute; got %r' % type(val))
167        self.__attributeQuery = val
168       
169    attributeQuery = property(fget=_get_attributeQuery, 
170                              fset=_set_attributeQuery, 
171                              doc="Attribute Authority SAML attribute query "
172                                  "function")
Note: See TracBrowser for help on using the repository browser.