diff options
author | Simo Sorce <simo@redhat.com> | 2014-10-09 14:44:04 -0400 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-10-24 18:03:18 +0200 |
commit | d274763d8dc06b42f70014b14fcb2e852c086751 (patch) | |
tree | d27d9caa5ea65440325fbb94c454f4ab1e5b0172 /ipsilon/login | |
parent | f461a713ce28e434a34dca4e4d1abbfe255ef1ff (diff) | |
download | ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.tar.gz ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.tar.xz ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.zip |
Add attribute mapping for user information
When user information is retrieved we map any wellknown data to a
standardized set of names.
A ne InfoMapping class takes cares of helping the info modules to
map the data they retrieve so that providers can find it in wellknown
attribute names for further use.
Mapping of attribute names for diplay purposes is also provided.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/login')
-rwxr-xr-x | ipsilon/login/authldap.py | 10 | ||||
-rwxr-xr-x | ipsilon/login/authtest.py | 3 | ||||
-rwxr-xr-x | ipsilon/login/common.py | 12 |
3 files changed, 21 insertions, 4 deletions
diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py index 0d70479..a41d167 100755 --- a/ipsilon/login/authldap.py +++ b/ipsilon/login/authldap.py @@ -64,7 +64,15 @@ class LDAP(LoginFormBase, Log): if username and password: try: - userattrs = self._authenticate(username, password) + userdata = self._authenticate(username, password) + if userdata: + userattrs = dict() + for d, v in userdata.get('userdata', {}).items(): + userattrs[d] = v + if 'groups' in userdata: + userattrs['groups'] = userdata['groups'] + if 'extras' in userdata: + userattrs['extras'] = userdata['extras'] authed = True except Exception, e: # pylint: disable=broad-except errmsg = "Authentication failed" diff --git a/ipsilon/login/authtest.py b/ipsilon/login/authtest.py index 55b30a4..44492a4 100755 --- a/ipsilon/login/authtest.py +++ b/ipsilon/login/authtest.py @@ -33,8 +33,9 @@ class TestAuth(LoginFormBase): if username and password: if password == 'ipsilon': cherrypy.log("User %s successfully authenticated." % username) + testdata = {'fullname': 'Test User %s' % username} return self.lm.auth_successful(self.trans, - username, 'password') + username, 'password', testdata) else: cherrypy.log("User %s failed authentication." % username) error = "Authentication failed" diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py index 2fee357..6231997 100755 --- a/ipsilon/login/common.py +++ b/ipsilon/login/common.py @@ -49,9 +49,17 @@ class LoginManagerBase(PluginObject, Log): if self.info: userattrs = self.info.get_user_attrs(username) if userdata: - userdata.update(userattrs or {}) + userdata.update(userattrs.get('userdata', {})) else: - userdata = userattrs + userdata = userattrs.get('userdata', {}) + + # merge groups and extras from login plugin and info plugin + userdata['groups'] = list(set(userdata.get('groups', []) + + userattrs.get('groups', []))) + + userdata['extras'] = userdata.get('extras', {}) + userdata['extras'].update(userattrs.get('extras', {})) + self.debug("User %s attributes: %s" % (username, repr(userdata))) if auth_type: |