diff --git a/ckan/Dockerfile.dev b/ckan/Dockerfile.dev index 4664db9..a7349cb 100644 --- a/ckan/Dockerfile.dev +++ b/ckan/Dockerfile.dev @@ -46,7 +46,9 @@ RUN apk add --virtual .build-deps \ linux-headers \ openssl-dev \ libffi-dev \ - cargo + cargo \ + xmlsec \ + rust ENV TZ America/New_York @@ -64,6 +66,8 @@ COPY requirement-setuptools.txt ${APP_DIR} COPY requirements-dev.txt ${APP_DIR} COPY requirements-noh.txt ${APP_DIR} COPY common/supervisord.conf /etc +COPY public.crt ${APP_DIR}/public.crt +COPY private.pem ${APP_DIR}/private.pem ### Install requirements RUN pip install -r ${APP_DIR}/requirement-setuptools.txt @@ -72,14 +76,28 @@ RUN pip install -r ${APP_DIR}/requirements-noh.txt RUN echo "over" >> ${SRC_DIR}/ckan/ckanext/datastore/allowed_functions.txt -ENV CKAN__PLUGINS envvars image_view text_view recline_view datastore harvest ckan_harvester googleanalytics resource_proxy pages showcase xloader +ENV CKAN__PLUGINS image_view text_view recline_view datastore harvest ckan_harvester googleanalytics resource_proxy pages showcase xloader envvars RUN cd ${SRC_DIR}/ckan && \ cp who.ini ${APP_DIR} # Create and update CKAN config RUN ckan generate config ${CKAN_INI} && \ ckan config-tool ${CKAN_INI} "ckan.plugins = ${CKAN__PLUGINS}" && \ - ckan config-tool ${CKAN_INI} "ckan.site_url = ${CKAN__SITE_URL}" + ckan config-tool ${CKAN_INI} "ckan.site_url = ${CKAN__SITE_URL}" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.idp_metadata.remote_url = https://idp.int.identitysandbox.gov/api/saml/metadata2022" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.user_firstname = first_name" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.user_lastname = last_name" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.user_email = email" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.key_file_path = /srv/app/private.pem" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.cert_file_path = /srv/app/public.crt" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.allow_unknown_attributes = true" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.sp.name_id_format = urn:oasis:names:tc:saml:2.0:nameid-format:persistent urn:oasis:names:tc:saml:2.0:nameid-format:transient urn:oasis:names:tc:saml:2.0:nameid-format:emailaddress" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.entity_id = urn:gov:gsa:SAML:2.0.profiles:sp:sso:department_of_education:open_data_platform" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.want_response_signed = false" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.want_assertions_signed = false" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.want_assertions_or_response_signed = true" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.enable_ckan_internal_login = true" && \ + ckan config-tool ${CKAN_INI} "ckanext.saml2auth.requested_authn_context = http://idmanagement.gov/ns/assurance/ial/1 http://idmanagement.gov/ns/requested_attributes?ReqAttr=email,first_name,last_name" # Create a local user and group to run the app RUN addgroup -g 92 -S ckan && \ diff --git a/ckan/private.pem b/ckan/private.pem new file mode 100644 index 0000000..1ded009 --- /dev/null +++ b/ckan/private.pem @@ -0,0 +1,3 @@ +-----BEGIN PRIVATE KEY----- + +-----END PRIVATE KEY----- diff --git a/ckan/public.crt b/ckan/public.crt new file mode 100644 index 0000000..c3b5998 --- /dev/null +++ b/ckan/public.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- + +-----END CERTIFICATE----- diff --git a/ckan/requirements-dev.txt b/ckan/requirements-dev.txt index 2ede642..366ede7 100644 --- a/ckan/requirements-dev.txt +++ b/ckan/requirements-dev.txt @@ -74,7 +74,7 @@ certifi==2021.5.30 \ # via # -r ../ckan/requirements-dev.txt # requests -cffi==1.15.1 ; python_version >= "3.6" \ +cffi==1.15.1 ; python_version >= "3.6" and python_version < "4" \ --hash=sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5 \ --hash=sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef \ --hash=sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104 \ @@ -225,7 +225,7 @@ coveralls==3.3.1 ; python_version >= "3.5" \ --hash=sha256:b32a8bb5d2df585207c119d6c01567b81fba690c9c10a753bfe27a335bfc43ea \ --hash=sha256:f42015f31d386b351d4226389b387ae173207058832fbf5c8ec4b40e27b16026 # via -r ../ckan/requirements-dev.txt -cryptography==37.0.4 ; python_version >= "3.6" \ +cryptography==37.0.4 ; python_version >= "3.6" and python_version < "4" \ --hash=sha256:190f82f3e87033821828f60787cfa42bff98404483577b591429ed99bed39d59 \ --hash=sha256:2be53f9f5505673eeda5f2736bea736c40f051a739bfae2f92d18aed1eb54596 \ --hash=sha256:30788e070800fec9bbcf9faa71ea6d8068f5136f60029759fd8c3efec3c9dcb3 \ @@ -251,6 +251,7 @@ cryptography==37.0.4 ; python_version >= "3.6" \ # via # -r ../ckan/requirements-dev.txt # pyopenssl + # pysaml2 decorator==5.1.1 ; python_version >= "3.6" \ --hash=sha256:637996211036b6385ef91435e4fae22989472f9d571faba8927ba8253acbc330 \ --hash=sha256:b8c3f85900b9dc423225913c5aace94729fe1fa9763b38939a95226f02d37186 @@ -258,6 +259,12 @@ decorator==5.1.1 ; python_version >= "3.6" \ # -r ../ckan/requirements-dev.txt # ipython # traitlets +defusedxml==0.7.1 ; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4" or python_version >= "3.6" and python_version < "4" and python_full_version >= "3.5.0" \ + --hash=sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69 \ + --hash=sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61 + # via + # -r ../ckan/requirements-dev.txt + # pysaml2 docopt==0.6.2 ; python_version >= "3.5" \ --hash=sha256:49b3a825280bd66b3aa83585ef59c4a8c82f2c8a522dbe754a8bc8d08c85c491 # via @@ -274,6 +281,12 @@ dominate==2.4.0 ; (python_version >= "2.7" and python_full_version < "3.0.0") or --hash=sha256:6e833aea505f0236a9fc692326bac575f8bd38ae0f3a1bdc73d20ca606ac75d5 \ --hash=sha256:a92474b4312bd8b4c1789792f3ec8c571cd8afa8e7502a2b1c64dd48cd67e59c # via -r ../ckan/requirements-dev.txt +elementpath==2.4.0 ; python_version >= "3.6" and python_version < "4" \ + --hash=sha256:1e98a4f5e8ccb5fe147074adda751c648d4a752973212298b6c9fc18c3a8c3e6 \ + --hash=sha256:5b6801b3be94d48d213beb7b8ebad96addb35c95fc6a9c062c80e033b4a32fe8 + # via + # -r ../ckan/requirements-dev.txt + # xmlschema et-xmlfile==1.1.0 ; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" \ --hash=sha256:8eb9e2bc2f8c97e37a2dc85a09ecdcdec9d8a396530a6d5a33b30b9a92da0c5c \ --hash=sha256:a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada @@ -375,6 +388,10 @@ importlib-metadata==0.12 ; (python_version >= "2.7" and python_version < "3.0") # via # -r ../ckan/requirements-dev.txt # pytest +importlib-resources==5.4.0 ; python_version >= "3.6" \ + --hash=sha256:33a95faed5fc19b4bc16b29a6eeae248a3fe69dd55d4d229d2b480e23eeaad45 \ + --hash=sha256:d756e2f85dd4de2ba89be0b21dba2a3bbec2e871a42a3a16719258a11f87506b + # via -r ../ckan/requirements-dev.txt incremental==21.3.0 \ --hash=sha256:02f5de5aff48f6b9f665d99d48bfc7ec03b6e3943210de7cfc88856d755d6f57 \ --hash=sha256:92014aebc6a20b78a8084cdd5645eeaa7f74b8933f70fa3ada2cfbd1e3b54321 @@ -713,7 +730,7 @@ pyasn1-modules==0.2.8 \ # via # -r ../ckan/requirements-dev.txt # oauth2client -pycparser==2.21 ; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" \ +pycparser==2.21 ; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4" or python_version >= "3.6" and python_version < "4" and python_full_version >= "3.4.0" \ --hash=sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9 \ --hash=sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206 # via @@ -737,7 +754,9 @@ pyjwt==1.7.1 \ pyopenssl==18.0.0 \ --hash=sha256:26ff56a6b5ecaf3a2a59f132681e2a80afcc76b4f902f612f518f92c2a1bf854 \ --hash=sha256:6488f1423b00f73b7ad5167885312bb0ce410d3312eb212393795b53c8caa580 - # via -r ../ckan/requirements-dev.txt + # via + # -r ../ckan/requirements-dev.txt + # pysaml2 pyparsing==3.0.9 ; python_full_version >= "3.6.8" and python_version >= "3.6" \ --hash=sha256:2b020ecf7d21b687f219b71ecad3631f644a47f01403fa1d1036b0c6416d70fb \ --hash=sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc @@ -745,6 +764,10 @@ pyparsing==3.0.9 ; python_full_version >= "3.6.8" and python_version >= "3.6" \ # -r ../ckan/requirements-dev.txt # httplib2 # packaging +pysaml2==7.2.0 ; python_version >= "3.6" and python_version < "4" \ + --hash=sha256:256bcea8e2a26e5bd06efc501e18254439fa96e4ff08cff7d64063ed29e21ba6 \ + --hash=sha256:538c9e51609d5102007d408ec1361daf404ae4ab8a4b82edbed8b3ec1f9c282c + # via -r ../ckan/requirements-dev.txt pysolr==3.6.0 \ --hash=sha256:f94292c1002dbbbfaecaad18fec39cc4bff843b459c8851a2234f2799788ac6f \ --hash=sha256:fd1233e80dcfb7405ca5a33982f485f2ab2f8dffc675c52eff3b33eec950c060 @@ -788,6 +811,7 @@ python-dateutil==2.8.2 ; (python_version >= "2.7" and python_full_version < "3.0 # faker # feedgen # freezegun + # pysaml2 python-editor==1.0.4 \ --hash=sha256:1bf6e860a8ad52a14c3ee1252d5dc25b2030618ed80c022598f00176adc8367d \ --hash=sha256:51fda6bcc5ddbbb7063b2af7509e43bd84bfc32a4ff71349ec7847713882327b \ @@ -825,6 +849,7 @@ pytz==2016.7 \ # -r ../ckan/requirements-dev.txt # babel # flask-babel + # pysaml2 # tzlocal pyutilib==5.7.1 ; (python_version >= "2.7" and python_full_version < "3.0.0") or python_full_version >= "3.4.0" \ --hash=sha256:22d6aa4dd9225448e23f1bc4e2fd2a2a61215447c6f18a0e44e94fbe5bf66756 \ @@ -886,6 +911,7 @@ requests==2.25.1 ; (python_version >= "2.7" and python_full_version < "3.0.0") o # ckanapi # cookiecutter # coveralls + # pysaml2 # pysolr # responses # sphinx @@ -949,6 +975,7 @@ six==1.16.0 ; (python_version >= "2.7" and python_full_version < "3.0.0") or pyt # oauth2client # pip-tools # pyopenssl + # pysaml2 # pytest # python-dateutil # pyutilib @@ -1116,6 +1143,12 @@ xlrd==2.0.1 ; (python_version >= "2.7" and python_full_version < "3.0.0") or pyt --hash=sha256:6a33ee89877bd9abc1158129f6e94be74e2679636b8a205b43b85206c3f0bbdd \ --hash=sha256:f72f148f54442c6b056bf931dbc34f986fd0c3b0b6b5a58d013c9aef274d0c88 # via -r ../ckan/requirements-dev.txt +xmlschema==1.9.2 ; python_version >= "3.6" and python_version < "4" \ + --hash=sha256:3ce6fe408a8c0a0ca5917cbe6181a933dfb5cfade9714eeb07b6335f9aff7b10 \ + --hash=sha256:a7ba52b774a87b59c6428cd9e3601210cbb226552208015bd40800698a6500ad + # via + # -r ../ckan/requirements-dev.txt + # pysaml2 zipp==3.6.0 \ --hash=sha256:71c644c5369f4a6e07636f0aa966270449561fcea2e3d6747b8d23efaa9d7832 \ --hash=sha256:9fe5ea21568a0a70e50f273397638d39b03353731e6cbbb3fd8502a33fec40bc diff --git a/ckan/requirements-noh.txt b/ckan/requirements-noh.txt index 492d9a7..24f749a 100644 --- a/ckan/requirements-noh.txt +++ b/ckan/requirements-noh.txt @@ -10,4 +10,5 @@ -e git+https://github.com/ckan/ckanext-xloader.git@ef300955001d2d51088697013dae24c3ff4d39fd#egg=ckanext-xloader -e git+https://github.com/datopian/messytables.git@d9504d6a294e87e679707de96262072c7d332dfb#egg=messytables -e git+https://github.com/datopian/ckanext-dataexplorer-react.git@73173a1e831dd417a7b252826b0e7ec75cf3459c#egg=ckanext-dataexplorer-react +-e git+https://github.com/datopian/ckanext-saml2auth.git@a012c6aeb997182c5364e82ea8882d530ca86dfa#egg=ckanext-saml2auth #-e git+https://github.com/CivicActions/ckanext-ed.git#egg=ckanext-ed diff --git a/ckan/requirements.txt b/ckan/requirements.txt index 33839b1..65485ee 100644 --- a/ckan/requirements.txt +++ b/ckan/requirements.txt @@ -27,7 +27,7 @@ certifi==2021.5.30 \ # via # -r ../ckan/requirements.txt # requests -cffi==1.15.1 ; python_version >= "3.6" \ +cffi==1.15.1 ; python_version >= "3.6" and python_version < "4" \ --hash=sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5 \ --hash=sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef \ --hash=sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104 \ @@ -114,7 +114,7 @@ click==7.1.2 ; (python_version >= "2.7" and python_full_version < "3.0.0") or py # -r ../ckan/requirements.txt # flask # rq -cryptography==37.0.4 ; python_version >= "3.6" \ +cryptography==37.0.4 ; python_version >= "3.6" and python_version < "4" \ --hash=sha256:190f82f3e87033821828f60787cfa42bff98404483577b591429ed99bed39d59 \ --hash=sha256:2be53f9f5505673eeda5f2736bea736c40f051a739bfae2f92d18aed1eb54596 \ --hash=sha256:30788e070800fec9bbcf9faa71ea6d8068f5136f60029759fd8c3efec3c9dcb3 \ @@ -140,6 +140,13 @@ cryptography==37.0.4 ; python_version >= "3.6" \ # via # -r ../ckan/requirements.txt # pyopenssl + # pysaml2 +defusedxml==0.7.1 ; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4" or python_version >= "3.6" and python_version < "4" and python_full_version >= "3.5.0" \ + --hash=sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69 \ + --hash=sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61 + # via + # -r ../ckan/requirements.txt + # pysaml2 docopt==0.6.2 \ --hash=sha256:49b3a825280bd66b3aa83585ef59c4a8c82f2c8a522dbe754a8bc8d08c85c491 # via @@ -149,6 +156,12 @@ dominate==2.4.0 ; (python_version >= "2.7" and python_full_version < "3.0.0") or --hash=sha256:6e833aea505f0236a9fc692326bac575f8bd38ae0f3a1bdc73d20ca606ac75d5 \ --hash=sha256:a92474b4312bd8b4c1789792f3ec8c571cd8afa8e7502a2b1c64dd48cd67e59c # via -r ../ckan/requirements.txt +elementpath==2.4.0 ; python_version >= "3.6" and python_version < "4" \ + --hash=sha256:1e98a4f5e8ccb5fe147074adda751c648d4a752973212298b6c9fc18c3a8c3e6 \ + --hash=sha256:5b6801b3be94d48d213beb7b8ebad96addb35c95fc6a9c062c80e033b4a32fe8 + # via + # -r ../ckan/requirements.txt + # xmlschema et-xmlfile==1.1.0 ; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" \ --hash=sha256:8eb9e2bc2f8c97e37a2dc85a09ecdcdec9d8a396530a6d5a33b30b9a92da0c5c \ --hash=sha256:a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada @@ -208,6 +221,10 @@ importlib-metadata==0.12 ; (python_version >= "2.7" and python_version < "3.0") --hash=sha256:2f2e54cbf6b06b16351e4c40a6adb0860cab6cfb95a0c0fcb58bb789c4b450f5 \ --hash=sha256:37bbea81dec44d1ff72d58a1b5c1599a9f3436537f33e9e26f276610064c4830 # via -r ../ckan/requirements.txt +importlib-resources==5.4.0 ; python_version >= "3.6" \ + --hash=sha256:33a95faed5fc19b4bc16b29a6eeae248a3fe69dd55d4d229d2b480e23eeaad45 \ + --hash=sha256:d756e2f85dd4de2ba89be0b21dba2a3bbec2e871a42a3a16719258a11f87506b + # via -r ../ckan/requirements.txt itsdangerous==1.1.0 ; (python_version >= "2.7" and python_full_version < "3.0.0") or python_full_version >= "3.4.0" \ --hash=sha256:321b033d07f2a4136d3ec762eac9f16a10ccd60f53c0c91af90217ace7ba1f19 \ --hash=sha256:b12271b2047cb23eeb98c8b5622e2e5c5e9abd9784a153e9d8ef9cb4dd09d749 @@ -437,7 +454,7 @@ pyasn1-modules==0.2.8 \ # via # -r ../ckan/requirements.txt # oauth2client -pycparser==2.21 ; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" \ +pycparser==2.21 ; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4" or python_version >= "3.6" and python_version < "4" and python_full_version >= "3.4.0" \ --hash=sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9 \ --hash=sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206 # via @@ -450,13 +467,19 @@ pyjwt==1.7.1 \ pyopenssl==18.0.0 \ --hash=sha256:26ff56a6b5ecaf3a2a59f132681e2a80afcc76b4f902f612f518f92c2a1bf854 \ --hash=sha256:6488f1423b00f73b7ad5167885312bb0ce410d3312eb212393795b53c8caa580 - # via -r ../ckan/requirements.txt + # via + # -r ../ckan/requirements.txt + # pysaml2 pyparsing==3.0.9 ; python_full_version >= "3.6.8" and python_version > "3.0" \ --hash=sha256:2b020ecf7d21b687f219b71ecad3631f644a47f01403fa1d1036b0c6416d70fb \ --hash=sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc # via # -r ../ckan/requirements.txt # httplib2 +pysaml2==7.2.0 ; python_version >= "3.6" and python_version < "4" \ + --hash=sha256:256bcea8e2a26e5bd06efc501e18254439fa96e4ff08cff7d64063ed29e21ba6 \ + --hash=sha256:538c9e51609d5102007d408ec1361daf404ae4ab8a4b82edbed8b3ec1f9c282c + # via -r ../ckan/requirements.txt pysolr==3.6.0 \ --hash=sha256:f94292c1002dbbbfaecaad18fec39cc4bff843b459c8851a2234f2799788ac6f \ --hash=sha256:fd1233e80dcfb7405ca5a33982f485f2ab2f8dffc675c52eff3b33eec950c060 @@ -468,6 +491,7 @@ python-dateutil==2.8.2 ; (python_version >= "2.7" and python_full_version < "3.0 # -r ../ckan/requirements.txt # alembic # feedgen + # pysaml2 python-editor==1.0.4 \ --hash=sha256:1bf6e860a8ad52a14c3ee1252d5dc25b2030618ed80c022598f00176adc8367d \ --hash=sha256:51fda6bcc5ddbbb7063b2af7509e43bd84bfc32a4ff71349ec7847713882327b \ @@ -505,6 +529,7 @@ pytz==2016.7 \ # -r ../ckan/requirements.txt # babel # flask-babel + # pysaml2 # tzlocal pyutilib==5.7.1 ; (python_version >= "2.7" and python_full_version < "3.0.0") or python_full_version >= "3.4.0" \ --hash=sha256:22d6aa4dd9225448e23f1bc4e2fd2a2a61215447c6f18a0e44e94fbe5bf66756 \ @@ -564,6 +589,7 @@ requests==2.25.1 ; (python_version >= "2.7" and python_full_version < "3.0.0") o # via # -r ../ckan/requirements.txt # ckanapi + # pysaml2 # pysolr rfc3987==1.3.8 \ --hash=sha256:10702b1e51e5658843460b189b185c0366d2cf4cff716f13111b0ea9fd2dce53 \ @@ -619,6 +645,7 @@ six==1.16.0 ; (python_version >= "2.7" and python_full_version < "3.0.0") or pyt # html5lib # oauth2client # pyopenssl + # pysaml2 # python-dateutil # pyutilib sqlalchemy==1.3.5 ; (python_version >= "2.7" and python_full_version < "3.0.0") or python_full_version >= "3.4.0" \ @@ -710,6 +737,12 @@ xlrd==2.0.1 ; (python_version >= "2.7" and python_full_version < "3.0.0") or pyt --hash=sha256:6a33ee89877bd9abc1158129f6e94be74e2679636b8a205b43b85206c3f0bbdd \ --hash=sha256:f72f148f54442c6b056bf931dbc34f986fd0c3b0b6b5a58d013c9aef274d0c88 # via -r ../ckan/requirements.txt +xmlschema==1.9.2 ; python_version >= "3.6" and python_version < "4" \ + --hash=sha256:3ce6fe408a8c0a0ca5917cbe6181a933dfb5cfade9714eeb07b6335f9aff7b10 \ + --hash=sha256:a7ba52b774a87b59c6428cd9e3601210cbb226552208015bd40800698a6500ad + # via + # -r ../ckan/requirements.txt + # pysaml2 zipp==3.6.0 \ --hash=sha256:71c644c5369f4a6e07636f0aa966270449561fcea2e3d6747b8d23efaa9d7832 \ --hash=sha256:9fe5ea21568a0a70e50f273397638d39b03353731e6cbbb3fd8502a33fec40bc diff --git a/requirements/poetry.lock b/requirements/poetry.lock index 17f63c4..5af205a 100644 --- a/requirements/poetry.lock +++ b/requirements/poetry.lock @@ -320,6 +320,24 @@ url = "https://github.com/ckan/ckanext-pages.git" reference = "b9f7e49db5c036c602b1bff7050e91eccdc00b53" resolved_reference = "b9f7e49db5c036c602b1bff7050e91eccdc00b53" +[[package]] +name = "ckanext-saml2auth" +version = "1.2.2" +description = "" +category = "main" +optional = false +python-versions = "*" +develop = false + +[package.dependencies] +pysaml2 = ">=6.5.1" + +[package.source] +type = "git" +url = "https://github.com/datopian/ckanext-saml2auth.git" +reference = "a012c6aeb997182c5364e82ea8882d530ca86dfa" +resolved_reference = "a012c6aeb997182c5364e82ea8882d530ca86dfa" + [[package]] name = "ckanext-showcase" version = "1.5.0" @@ -470,6 +488,14 @@ category = "dev" optional = false python-versions = ">=3.5" +[[package]] +name = "defusedxml" +version = "0.7.1" +description = "XML bomb protection for Python stdlib modules" +category = "main" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" + [[package]] name = "docopt" version = "0.6.2" @@ -494,6 +520,17 @@ category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" +[[package]] +name = "elementpath" +version = "2.4.0" +description = "XPath 1.0/2.0 parsers and selectors for ElementTree and lxml" +category = "main" +optional = false +python-versions = ">=3.6" + +[package.extras] +dev = ["mypy (==0.910)", "flake8", "memory-profiler", "sphinx", "xmlschema (>=1.8.0)", "lxml", "coverage", "tox"] + [[package]] name = "et-xmlfile" version = "1.1.0" @@ -730,6 +767,21 @@ zipp = ">=0.5" [package.extras] docs = ["rst.linker", "docutils (==0.12)", "sphinx"] +[[package]] +name = "importlib-resources" +version = "5.4.0" +description = "Read resources from Python packages" +category = "main" +optional = false +python-versions = ">=3.6" + +[package.dependencies] +zipp = {version = ">=3.1.0", markers = "python_version < \"3.10\""} + +[package.extras] +docs = ["sphinx", "jaraco.packaging (>=8.2)", "rst.linker (>=1.9)"] +testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.0.1)", "pytest-black (>=0.3.7)", "pytest-mypy"] + [[package]] name = "incremental" version = "21.3.0" @@ -1227,6 +1279,28 @@ python-versions = ">=3.6.8" [package.extras] diagrams = ["railroad-diagrams", "jinja2"] +[[package]] +name = "pysaml2" +version = "7.2.0" +description = "Python implementation of SAML Version 2 Standard" +category = "main" +optional = false +python-versions = "<4,>=3.6" + +[package.dependencies] +cryptography = ">=3.1" +defusedxml = "*" +importlib-resources = {version = "*", markers = "python_version < \"3.9\""} +pyOpenSSL = "*" +python-dateutil = "*" +pytz = "*" +requests = ">=1.0.0" +six = "*" +xmlschema = ">=1.2.1" + +[package.extras] +s2repoze = ["repoze.who", "zope.interface", "paste"] + [[package]] name = "pysolr" version = "3.6.0" @@ -1837,6 +1911,22 @@ build = ["wheel", "twine"] docs = ["sphinx"] test = ["pytest", "pytest-cov"] +[[package]] +name = "xmlschema" +version = "1.9.2" +description = "An XML Schema validator and decoder" +category = "main" +optional = false +python-versions = ">=3.6" + +[package.dependencies] +elementpath = ">=2.4.0,<3.0.0" + +[package.extras] +docs = ["jinja2", "sphinx-rtd-theme", "sphinx", "elementpath (>=2.4.0,<3.0.0)"] +dev = ["lxml-stubs", "mypy", "flake8", "jinja2", "sphinx-rtd-theme", "sphinx", "memory-profiler", "elementpath (>=2.4.0,<3.0.0)", "lxml", "coverage", "tox"] +codegen = ["jinja2", "elementpath (>=2.4.0,<3.0.0)"] + [[package]] name = "zipp" version = "3.6.0" @@ -1865,7 +1955,7 @@ testing = ["zope.event", "nose", "coverage"] [metadata] lock-version = "1.1" python-versions = "3.6.8" -content-hash = "2d004175c6ac636204d21553ae7865e79fc7befcbf2bbe518823798b587f8723" +content-hash = "28db5421a0a86749240cca191491defc6f165911dd0c4a2dbfda69f9b0d75a26" [metadata.files] alabaster = [ @@ -1916,6 +2006,7 @@ ckanext-envvars = [] ckanext-googleanalytics = [] ckanext-harvest = [] ckanext-pages = [] +ckanext-saml2auth = [] ckanext-showcase = [] ckanext-xloader = [] ckantoolkit = [] @@ -1981,6 +2072,10 @@ coveralls = [] cryptography = [] deadoralive = [] decorator = [] +defusedxml = [ + {file = "defusedxml-0.7.1-py2.py3-none-any.whl", hash = "sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61"}, + {file = "defusedxml-0.7.1.tar.gz", hash = "sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69"}, +] docopt = [ {file = "docopt-0.6.2.tar.gz", hash = "sha256:49b3a825280bd66b3aa83585ef59c4a8c82f2c8a522dbe754a8bc8d08c85c491"}, ] @@ -1992,6 +2087,10 @@ dominate = [ {file = "dominate-2.4.0-py2.py3-none-any.whl", hash = "sha256:6e833aea505f0236a9fc692326bac575f8bd38ae0f3a1bdc73d20ca606ac75d5"}, {file = "dominate-2.4.0.tar.gz", hash = "sha256:a92474b4312bd8b4c1789792f3ec8c571cd8afa8e7502a2b1c64dd48cd67e59c"}, ] +elementpath = [ + {file = "elementpath-2.4.0-py3-none-any.whl", hash = "sha256:1e98a4f5e8ccb5fe147074adda751c648d4a752973212298b6c9fc18c3a8c3e6"}, + {file = "elementpath-2.4.0.tar.gz", hash = "sha256:5b6801b3be94d48d213beb7b8ebad96addb35c95fc6a9c062c80e033b4a32fe8"}, +] et-xmlfile = [ {file = "et_xmlfile-1.1.0-py3-none-any.whl", hash = "sha256:a2ba85d1d6a74ef63837eed693bcb89c3f752169b0e3e7ae5b16ca5e1b3deada"}, {file = "et_xmlfile-1.1.0.tar.gz", hash = "sha256:8eb9e2bc2f8c97e37a2dc85a09ecdcdec9d8a396530a6d5a33b30b9a92da0c5c"}, @@ -2057,6 +2156,7 @@ importlib-metadata = [ {file = "importlib_metadata-0.12-py2.py3-none-any.whl", hash = "sha256:37bbea81dec44d1ff72d58a1b5c1599a9f3436537f33e9e26f276610064c4830"}, {file = "importlib_metadata-0.12.tar.gz", hash = "sha256:2f2e54cbf6b06b16351e4c40a6adb0860cab6cfb95a0c0fcb58bb789c4b450f5"}, ] +importlib-resources = [] incremental = [] inflection = [] ipdb = [ @@ -2276,6 +2376,10 @@ pyopenssl = [ {file = "pyOpenSSL-18.0.0.tar.gz", hash = "sha256:6488f1423b00f73b7ad5167885312bb0ce410d3312eb212393795b53c8caa580"}, ] pyparsing = [] +pysaml2 = [ + {file = "pysaml2-7.2.0-py2.py3-none-any.whl", hash = "sha256:538c9e51609d5102007d408ec1361daf404ae4ab8a4b82edbed8b3ec1f9c282c"}, + {file = "pysaml2-7.2.0.tar.gz", hash = "sha256:256bcea8e2a26e5bd06efc501e18254439fa96e4ff08cff7d64063ed29e21ba6"}, +] pysolr = [ {file = "pysolr-3.6.0-py2.py3-none-any.whl", hash = "sha256:fd1233e80dcfb7405ca5a33982f485f2ab2f8dffc675c52eff3b33eec950c060"}, {file = "pysolr-3.6.0.tar.gz", hash = "sha256:f94292c1002dbbbfaecaad18fec39cc4bff843b459c8851a2234f2799788ac6f"}, @@ -2504,6 +2608,10 @@ xlrd = [ {file = "xlrd-2.0.1-py2.py3-none-any.whl", hash = "sha256:6a33ee89877bd9abc1158129f6e94be74e2679636b8a205b43b85206c3f0bbdd"}, {file = "xlrd-2.0.1.tar.gz", hash = "sha256:f72f148f54442c6b056bf931dbc34f986fd0c3b0b6b5a58d013c9aef274d0c88"}, ] +xmlschema = [ + {file = "xmlschema-1.9.2-py3-none-any.whl", hash = "sha256:a7ba52b774a87b59c6428cd9e3601210cbb226552208015bd40800698a6500ad"}, + {file = "xmlschema-1.9.2.tar.gz", hash = "sha256:3ce6fe408a8c0a0ca5917cbe6181a933dfb5cfade9714eeb07b6335f9aff7b10"}, +] zipp = [ {file = "zipp-3.6.0-py3-none-any.whl", hash = "sha256:9fe5ea21568a0a70e50f273397638d39b03353731e6cbbb3fd8502a33fec40bc"}, {file = "zipp-3.6.0.tar.gz", hash = "sha256:71c644c5369f4a6e07636f0aa966270449561fcea2e3d6747b8d23efaa9d7832"}, diff --git a/requirements/pyproject.toml b/requirements/pyproject.toml index 71325f5..653e21e 100644 --- a/requirements/pyproject.toml +++ b/requirements/pyproject.toml @@ -21,6 +21,7 @@ ckanext-pages = {git = "https://github.com/ckan/ckanext-pages.git", rev = "b9f7e ckanext-xloader = {git = "https://github.com/ckan/ckanext-xloader.git", tag = "0.10.0"} messytables = {git = "https://github.com/datopian/messytables.git", rev = "d9504d6a294e87e679707de96262072c7d332dfb"} ckanext-dataexplorer-react = {git = "https://github.com/datopian/ckanext-dataexplorer-react.git", rev = "73173a1e831dd417a7b252826b0e7ec75cf3459c"} +ckanext-saml2auth = {git = "https://github.com/datopian/ckanext-saml2auth.git", rev = "a012c6aeb997182c5364e82ea8882d530ca86dfa"} # CKAN core alembic="1.0.0" @@ -102,6 +103,10 @@ pika="1.2.1" # ckanext-xloader unidecode="1.0.22" +# ckanext-saml2auth +pysaml2="7.2.0" +importlib-resources="5.4.0" + # for deployments setuptools="44.1.0" psycopg2-binary="2.8.4"