Changeset 10509 for main


Ignore:
Timestamp:
19 Aug 2013, 09:14:04 (11 years ago)
Author:
Henrik Bettermann
Message:

Add authenticator which authenticate against a running Kofa instance and transfer data to Moodle. No test available. sample4.ini serves as an example configuration file and isn't used by any test.

Location:
main/waeup.cas/trunk
Files:
1 added
2 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.cas/trunk/setup.py

    r10462 r10509  
    6969    dummy = waeup.cas.authenticators:DummyAuthenticator
    7070    kofa1 = waeup.cas.authenticators:KofaAuthenticator
     71    kofa_moodle1 = waeup.cas.authenticators:KofaMoodleAuthenticator
    7172    """,
    7273)
  • main/waeup.cas/trunk/waeup/cas/authenticators.py

    r10506 r10509  
    170170                return (True, '')
    171171        return (False, 'Invalid username or password.')
     172
     173class KofaMoodleAuthenticator(KofaAuthenticator):
     174    """Authenticate against a running Kofa instance and transfer
     175    data to Moodle.
     176
     177    Configuration of Moodle:
     178    1. Set 'passwordpolicy' to No
     179    2. Create external web service 'Kofa' with the following functions:
     180      core_user_create_users, core_user_get_users,
     181      core_user_update_users, enrol_manual_enrol_users
     182    3. Create token for the admin user (no special web service user needed)
     183      and for service 'Kofa'
     184    4. Enable and configure CAS server authentication.
     185      CAS protocol version is 1.0. Moodle expects SSL/TLS protocol.
     186    """
     187
     188    name = 'kofa_moodle1'
     189
     190    def check_credentials(self, username='', password=''):
     191        """Do the real check.
     192        """
     193        for backend_name, backend in self.backends.items():
     194            if not re.match(backend['marker'], username):
     195                continue
     196            # remove school marker
     197            username = RE_SCHOOL_MARKER.sub('', username)
     198            proxy = xmlrpclib.ServerProxy(
     199                backend['url'], allow_none=True)
     200            moodle = xmlrpclib.ServerProxy(
     201                backend['moodle_url'], allow_none=True)
     202            principal = proxy.check_applicant_credentials(username, password)
     203            if principal is None:
     204                principal = proxy.check_student_credentials(username, password)
     205            if principal is not None:
     206                if principal['type'] == 'student':
     207                    student = proxy.get_moodle_data(username)
     208                    try:
     209                        # Usernames in Moodle must not contain uppercase
     210                        # letters even if extendedusernamechars is set True.
     211                        result = moodle.core_user_create_users([
     212                            {'username':username.lower(),
     213                             'password':'dummy',
     214                             'firstname':student['firstname'],
     215                             'lastname':student['lastname'],
     216                             'email':student['email']}])
     217                    except xmlrpclib.Fault:
     218                        # user exists
     219                        pass
     220                    result = moodle.core_user_get_users([
     221                        {'key':'username', 'value':username}])
     222                    user_id = result['users'][0]['id']
     223                    # Due to a lack of Moodle (Moodle requires an LDAP
     224                    # connection) the authentication method can't
     225                    # be set when the user is created. It must be updated
     226                    # after creation.
     227                    result = moodle.core_user_update_users([
     228                        {'id':user_id,'auth':'cas'}])
     229                return (True, '')
     230        return (False, 'Invalid username or password.')
Note: See TracChangeset for help on using the changeset viewer.