privacyidea: address reviews

2 files changed, 78 insertions, 0 deletions

diff --git a/pkgs/development/python-modules/privacyidea/default.nix b/pkgs/development/python-modules/privacyidea/default.nix
new file mode 100644
index 00000000000..84cc4530b34
--- /dev/null
+++ b/pkgs/development/python-modules/privacyidea/default.nix
@@ -0,0 +1,51 @@
+{ lib, buildPythonPackage, fetchFromGitHub, cacert, openssl, python
+
+, cryptography, pyrad, pymysql, python-dateutil, flask-versioned, flask_script
+, defusedxml, croniter, flask_migrate, pyjwt, configobj, sqlsoup, pillow
+, python-gnupg, passlib, pyopenssl, beautifulsoup4, smpplib, flask-babel
+, ldap3, huey, pyyaml, qrcode, oauth2client, requests, lxml, cbor2, psycopg2
+
+, mock, pytest, responses, testfixtures
+}:
+
+buildPythonPackage rec {
+  pname = "privacyIDEA";
+  version = "3.3";
+
+  src = fetchFromGitHub {
+    owner = pname;
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "188ki924dig899wlih45xfsm0s7mjkya56vii26bg02h91izrb4b";
+  };
+
+  propagatedBuildInputs = [
+    cryptography pyrad pymysql python-dateutil flask-versioned flask_script
+    defusedxml croniter flask_migrate pyjwt configobj sqlsoup pillow
+    python-gnupg passlib pyopenssl beautifulsoup4 smpplib flask-babel
+    ldap3 huey pyyaml qrcode oauth2client requests lxml cbor2 psycopg2
+  ];
+
+  checkInputs = [ openssl mock pytest responses testfixtures ];
+  # issues with hardware token tests
+  doCheck = false;
+
+  pythonImportsCheck = [ "privacyidea" ];
+
+  postPatch = ''
+    substituteInPlace privacyidea/lib/resolvers/LDAPIdResolver.py --replace \
+      "/etc/privacyidea/ldap-ca.crt" \
+      "${cacert}/etc/ssl/certs/ca-bundle.crt"
+  '';
+
+  postInstall = ''
+    rm -rf $out/${python.sitePackages}/tests
+  '';
+
+  meta = with lib; {
+    description = "Multi factor authentication system (2FA, MFA, OTP Server)";
+    license = licenses.agpl3Plus;
+    homepage = "http://www.privacyidea.org";
+    maintainers = [ maintainers.globin ];
+  };
+}
diff --git a/pkgs/development/python-modules/privacyidea/ldap-proxy.nix b/pkgs/development/python-modules/privacyidea/ldap-proxy.nix
new file mode 100644
index 00000000000..ec87186a4fd
--- /dev/null
+++ b/pkgs/development/python-modules/privacyidea/ldap-proxy.nix
@@ -0,0 +1,27 @@
+{ lib, buildPythonPackage, fetchFromGitHub, twisted, ldaptor, configobj }:
+
+buildPythonPackage rec {
+  pname = "privacyidea-ldap-proxy";
+  version = "0.6.1";
+
+  src = fetchFromGitHub {
+    owner = "privacyidea";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "1kc1n9wr1a66xd5zvl6dq78xnkqkn5574jpzashc99pvm62dr24j";
+  };
+
+  propagatedBuildInputs = [ twisted ldaptor configobj ];
+
+  # python 2 zope.interface test import path issues
+  doCheck = false;
+
+  pythonImportsCheck = [ "pi_ldapproxy" ];
+
+  meta = with lib; {
+    description = "LDAP Proxy to intercept LDAP binds and authenticate against privacyIDEA";
+    homepage = "https://github.com/privacyidea/privacyidea-ldap-proxy";
+    license = licenses.agpl3;
+    maintainers = [ maintainers.globin ];
+  };
+}