You are here: Products > Federated Login > main.py

main.py

Note: This topic applies to the Leeds Release.

main.py is the authentication script that handles the federated login for the Google App Engine application.

You can either create your own main.py file with a text editor using the example shown below, or request a copy of the main.py file from your Smoothwall representative.

main.py example:

import webapp2

from google.appengine.api import users

import hashlib

import urllib2

 

#Edit this section####

psk='this is a secret'

######################

 

class RequestHandler(webapp2.RequestHandler):

#retrieve params from GET

def get_params(self):

params = {'id': self.request.get('id'),

'clientid': self.request.get('clientid'),

'timestamp': self.request.get('timestamp'),

'loginurl': self.request.get('loginurl'),

'targeturl': self.request.get('targeturl'),

'hash': self.request.get('hash')}

return params

 

def validate_hash(self, params):

h = hashlib.md5(params['id'] + params['clientid'] +

params['timestamp'] + params['loginurl'] +

params['targeturl'] + psk).hexdigest()

if h == params['hash']:

return True

else:

return False

 

def encode_url(self, s):

return urllib2.quote(s.encode("utf8"))

 

#genearate federated token

def generate_hash(self, return_params):

return return_params['id'] + ',' + return_params['timestamp'] + \

',' + hashlib.md5(return_params['clientid'] + \

return_params['email'] + return_params['userdata'] + \

return_params['timestamp'] + psk).hexdigest()

 

#prepare parameters to send back

def get_return_params(self, params):

return_params = {'id': params['id'],

'email': str(users.get_current_user().email()),

'targeturl': params['targeturl'],

'userdata': '',

'timestamp': params['timestamp'],

'clientid': params['clientid']}

return_params['f'] = self.generate_hash(return_params)

for i in return_params:

return_params[i] = self.encode_url(return_params[i])

return return_params

 

#Send confirmation back to Smoothwall

def send_params(self, return_params, goto):

url = "%s?u=%s&o=%s&d=%s&f=%s" % (goto, return_params['email'],

return_params['targeturl'], return_params['userdata'],

return_params['f'])

self.redirect(str(url))

 

def get(self):

params = self.get_params()

if self.validate_hash(params):

return_params = self.get_return_params(params)

self.send_params(return_params, params['loginurl'])

else:

#throw error 403 ( Forbidden )

self.abort(403)

 

app = webapp2.WSGIApplication([('/ourlogin', RequestHandler), ], debug=True)