LGTM fixes

This commit is contained in:
Khanh Ngo 2019-12-14 08:31:23 +07:00
parent c0594b2c0b
commit ad6b04bd78
No known key found for this signature in database
GPG key ID: D5FAA6A16150E49E
2 changed files with 15 additions and 21 deletions

View file

@ -1,4 +1,3 @@
import os
import re import re
import json import json
import requests import requests
@ -9,8 +8,6 @@ from distutils.version import StrictVersion
from urllib.parse import urlparse from urllib.parse import urlparse
from datetime import datetime, timedelta from datetime import datetime, timedelta
from .certutil import KEY_FILE, CERT_FILE
def auth_from_url(url): def auth_from_url(url):
auth = None auth = None

View file

@ -10,37 +10,34 @@ class SAML(object):
if current_app.config['SAML_ENABLED']: if current_app.config['SAML_ENABLED']:
from onelogin.saml2.auth import OneLogin_Saml2_Auth from onelogin.saml2.auth import OneLogin_Saml2_Auth
from onelogin.saml2.idp_metadata_parser import OneLogin_Saml2_IdPMetadataParser from onelogin.saml2.idp_metadata_parser import OneLogin_Saml2_IdPMetadataParser
idp_timestamp = datetime(1970, 1, 1) self.idp_timestamp = datetime.now()
idp_data = None self.idp_data = None
if 'SAML_IDP_ENTITY_ID' in current_app.config: if 'SAML_IDP_ENTITY_ID' in current_app.config:
idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote( self.idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote(
current_app.config['SAML_METADATA_URL'], current_app.config['SAML_METADATA_URL'],
entity_id=current_app.config.get('SAML_IDP_ENTITY_ID', entity_id=current_app.config.get('SAML_IDP_ENTITY_ID',
None), None),
required_sso_binding=current_app. required_sso_binding=current_app.
config['SAML_IDP_SSO_BINDING']) config['SAML_IDP_SSO_BINDING'])
else: else:
idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote( self.idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote(
current_app.config['SAML_METADATA_URL'], current_app.config['SAML_METADATA_URL'],
entity_id=current_app.config.get('SAML_IDP_ENTITY_ID', entity_id=current_app.config.get('SAML_IDP_ENTITY_ID',
None)) None))
if idp_data is None: if self.idp_data is None:
current_app.logger.info( current_app.logger.info(
'SAML: IDP Metadata initial load failed') 'SAML: IDP Metadata initial load failed')
exit(-1) exit(-1)
idp_timestamp = datetime.now()
def get_idp_data(): def get_idp_data(self):
global idp_data, idp_timestamp
lifetime = timedelta( lifetime = timedelta(
minutes=current_app.config['SAML_METADATA_CACHE_LIFETIME']) minutes=current_app.config['SAML_METADATA_CACHE_LIFETIME'])
if idp_timestamp + lifetime < datetime.now(): if self.idp_timestamp + lifetime < datetime.now():
background_thread = Thread(target=retrieve_idp_data) background_thread = Thread(target=self.retrieve_idp_data)
background_thread.start() background_thread.start()
return idp_data return self.idp_data
def retrieve_idp_data(): def retrieve_idp_data(self):
global idp_data, idp_timestamp
if 'SAML_IDP_SSO_BINDING' in current_app.config: if 'SAML_IDP_SSO_BINDING' in current_app.config:
new_idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote( new_idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote(
current_app.config['SAML_METADATA_URL'], current_app.config['SAML_METADATA_URL'],
@ -52,8 +49,8 @@ class SAML(object):
current_app.config['SAML_METADATA_URL'], current_app.config['SAML_METADATA_URL'],
entity_id=current_app.config.get('SAML_IDP_ENTITY_ID', None)) entity_id=current_app.config.get('SAML_IDP_ENTITY_ID', None))
if new_idp_data is not None: if new_idp_data is not None:
idp_data = new_idp_data self.idp_data = new_idp_data
idp_timestamp = datetime.now() self.idp_timestamp = datetime.now()
current_app.logger.info( current_app.logger.info(
"SAML: IDP Metadata successfully retrieved from: " + "SAML: IDP Metadata successfully retrieved from: " +
current_app.config['SAML_METADATA_URL']) current_app.config['SAML_METADATA_URL'])
@ -61,7 +58,7 @@ class SAML(object):
current_app.logger.info( current_app.logger.info(
"SAML: IDP Metadata could not be retrieved") "SAML: IDP Metadata could not be retrieved")
def prepare_flask_request(request): def prepare_flask_request(self, request):
# If server is behind proxys or balancers use the HTTP_X_FORWARDED fields # If server is behind proxys or balancers use the HTTP_X_FORWARDED fields
url_data = urlparse(request.url) url_data = urlparse(request.url)
return { return {
@ -76,14 +73,14 @@ class SAML(object):
'query_string': request.query_string 'query_string': request.query_string
} }
def init_saml_auth(req): def init_saml_auth(self, req):
own_url = '' own_url = ''
if req['https'] == 'on': if req['https'] == 'on':
own_url = 'https://' own_url = 'https://'
else: else:
own_url = 'http://' own_url = 'http://'
own_url += req['http_host'] own_url += req['http_host']
metadata = get_idp_data() metadata = self.get_idp_data()
settings = {} settings = {}
settings['sp'] = {} settings['sp'] = {}
if 'SAML_NAMEID_FORMAT' in current_app.config: if 'SAML_NAMEID_FORMAT' in current_app.config: