X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=portal%2Faccountview.py;h=4f4ecbfd916e4c3898f3efcf9dad03b6eeb0f128;hb=4956db5b73c760e061c517f93f2329cd2f7b5bbc;hp=20c2b05c26e4062df81c34d60482b094e05f8156;hpb=0361b6aee2d576761a379ec0c50f2397f903de76;p=unfold.git diff --git a/portal/accountview.py b/portal/accountview.py index 20c2b05c..4f4ecbfd 100644 --- a/portal/accountview.py +++ b/portal/accountview.py @@ -1,5 +1,8 @@ from unfold.loginrequired import LoginRequiredAutoLogoutView # +from sfa.trust.credential import Credential +from sfa.trust.certificate import Keypair +# from manifold.core.query import Query from manifoldapi.manifoldapi import execute_query from portal.actions import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account, sfa_update_user, sfa_get_user @@ -15,6 +18,8 @@ from myslice.theme import ThemeView # import json, os, re, itertools +from OpenSSL import crypto +from Crypto.PublicKey import RSA # requires login class AccountView(LoginRequiredAutoLogoutView, ThemeView): @@ -24,7 +29,7 @@ class AccountView(LoginRequiredAutoLogoutView, ThemeView): def get_context_data(self, **kwargs): - + self.template_name = self.template page = Page(self.request) page.add_js_files ( [ "js/jquery.validate.js", "js/my_account.register.js", "js/my_account.edit_profile.js" ] ) page.add_css_files ( [ "css/onelab.css", "css/account_view.css","css/plugin.css" ] ) @@ -179,7 +184,6 @@ class AccountView(LoginRequiredAutoLogoutView, ThemeView): # we could use zip. this one is used if columns have unequal rows platform_list = [{'platform_no_access': t[0]} for t in itertools.izip_longest(total_platform_list)] - context = super(AccountView, self).get_context_data(**kwargs) context['principal_acc'] = principal_acc_list context['ref_acc'] = ref_acc_list @@ -327,7 +331,6 @@ def account_process(request): for platform_detail in platform_details: if platform_detail['platform_id'] == account_detail['platform_id']: if 'myslice' in platform_detail['platform']: - from Crypto.PublicKey import RSA private = RSA.generate(1024) private_key = json.dumps(private.exportKey()) public = private.publickey() @@ -512,9 +515,77 @@ def account_process(request): response['Content-Disposition'] = 'attachment; filename="user_cred.txt"' return response else: - messages.error(request, 'Download error: User credential is not stored in the server') + messages.error(request, 'Download error: User credential is not stored in the server') return HttpResponseRedirect("/portal/account/") - + + # Download user_cert + elif 'dl_user_cert' in request.POST: + if 'user_credential' in account_config: + user_cred = account_config['user_credential'] + obj_cred = Credential(string=user_cred) + obj_gid = obj_cred.get_gid_object() + str_cert = obj_gid.save_to_string() + response = HttpResponse(str_cert, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="user_certificate.pem"' + return response + + elif 'delegated_user_credential' in account_config: + user_cred = account_config['delegated_user_credential'] + obj_cred = Credential(string=user_cred) + obj_gid = obj_cred.get_gid_object() + str_cert = obj_gid.save_to_string() + response = HttpResponse(str_cert, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="user_certificate.pem"' + return response + else: + messages.error(request, 'Download error: User credential is not stored in the server') + return HttpResponseRedirect("/portal/account/") + + # Download user p12 = private_key + Certificate + elif 'dl_user_p12' in request.POST: + if 'user_credential' in account_config and 'user_private_key' in account_config: + user_cred = account_config['user_credential'] + obj_cred = Credential(string=user_cred) + obj_gid = obj_cred.get_gid_object() + str_cert = obj_gid.save_to_string() + cert = crypto.load_certificate(crypto.FILETYPE_PEM, str_cert) + + user_private_key = account_config['user_private_key'].encode('ascii') + pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, user_private_key) + + p12 = crypto.PKCS12() + p12.set_privatekey(pkey) + p12.set_certificate(cert) + pkcs12 = p12.export() + + response = HttpResponse(pkcs12, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="user_pkcs.p12"' + return response + + elif 'delegated_user_credential' in account_config and 'user_private_key' in account_config: + user_cred = account_config['delegated_user_credential'] + obj_cred = Credential(string=user_cred) + obj_gid = obj_cred.get_gid_object() + str_cert = obj_gid.save_to_string() + cert = crypto.load_certificate(crypto.FILETYPE_PEM, str_cert) + + user_private_key = account_config['user_private_key'].encode('ascii') + pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, user_private_key) + + p12 = crypto.PKCS12() + p12.set_privatekey(pkey) + p12.set_certificate(cert) + pkcs12 = p12.export() + + response = HttpResponse(pkcs12, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="user_pkcs.p12"' + return response + else: + messages.error(request, 'Download error: User private key or credential is not stored in the server') + return HttpResponseRedirect("/portal/account/") + + + else: messages.info(request, 'Under Construction. Please try again later!') return HttpResponseRedirect("/portal/account/")