Add attribute mapping for user information

When user information is retrieved we map any wellknown data to a standardized set of names. A ne InfoMapping class takes cares of helping the info modules to map the data they retrieve so that providers can find it in wellknown attribute names for further use. Mapping of attribute names for diplay purposes is also provided. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
author: Simo Sorce <simo@redhat.com> 2014-10-09 14:44:04 -0400
committer: Patrick Uiterwijk <puiterwijk@redhat.com> 2014-10-24 18:03:18 +0200
commit: d274763d8dc06b42f70014b14fcb2e852c086751 (patch)
tree: d27d9caa5ea65440325fbb94c454f4ab1e5b0172 /ipsilon/providers
parent: f461a713ce28e434a34dca4e4d1abbfe255ef1ff (diff)
download: ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.tar.gz
ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.tar.xz
ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.zip
3 files changed, 34 insertions, 18 deletions
diff --git a/ipsilon/providers/openid/auth.py b/ipsilon/providers/openid/auth.py
index abf19ae..868daf1 100755
--- a/ipsilon/providers/openid/auth.py
+++ b/ipsilon/providers/openid/auth.py
@@ -162,17 +162,16 @@ class AuthenticateRequest(ProviderPageBase):
                     'openid_request': json.dumps(kwargs)}
             self.trans.store(data)
 
-            # Add extension data to this list of dictionaries
-            ad = [
-                {
-                    "Trust Root": request.trust_root,
-                },
-            ]
+            # Add extension data to this dictionary
+            ad = {
+                "Trust Root": request.trust_root,
+            }
             userattrs = us.get_user_attrs()
             for n, e in self.cfg.extensions.items():
                 data = e.get_display_data(request, userattrs)
                 self.debug('%s returned %s' % (n, repr(data)))
-                ad.append(data)
+                for key, value in data.items():
+                    ad[self.cfg.mapping.display_name(key)] = value
 
             context = {
                 "title": 'Consent',
diff --git a/ipsilon/providers/openidp.py b/ipsilon/providers/openidp.py
index 2e41050..a3e1b63 100755
--- a/ipsilon/providers/openidp.py
+++ b/ipsilon/providers/openidp.py
@@ -9,6 +9,7 @@ from ipsilon.providers.common import FACILITY
 from ipsilon.providers.openid.auth import OpenID
 from ipsilon.providers.openid.extensions.common import LoadExtensions
 from ipsilon.util.plugin import PluginObject
+from ipsilon.info.common import InfoMapping
 
 from openid.server.server import Server
 # TODO: Move this to the database
@@ -19,6 +20,7 @@ class IdpProvider(ProviderBase):
 
     def __init__(self):
         super(IdpProvider, self).__init__('openid', 'openid')
+        self.mapping = InfoMapping()
         self.page = None
         self.server = None
         self.basepath = None
diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py
index cbfeaaa..87f4ac8 100755
--- a/ipsilon/providers/saml2/auth.py
+++ b/ipsilon/providers/saml2/auth.py
@@ -210,18 +210,33 @@ class AuthenticateRequest(ProviderPageBase):
         if not attrstat.attribute:
             attrstat.attribute = ()
 
-        attributes = us.get_user_attrs()
+        attributes = dict()
+        userattrs = us.get_user_attrs()
+        for key, value in userattrs.get('userdata', {}).iteritems():
+            if type(value) is str:
+                attributes[key] = value
+        if 'groups' in userattrs:
+            attributes['group'] = userattrs['groups']
+        for _, info in userattrs.get('extras', {}).iteritems():
+            for key, value in info.items():
+                attributes[key] = value
+
         for key in attributes:
-            attr = lasso.Saml2Attribute()
-            attr.name = key
-            attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC
-            value = str(attributes[key]).encode('utf-8')
-            node = lasso.MiscTextNode.newWithString(value)
-            node.textChild = True
-            attrvalue = lasso.Saml2AttributeValue()
-            attrvalue.any = [node]
-            attr.attributeValue = [attrvalue]
-            attrstat.attribute = attrstat.attribute + (attr,)
+            values = attributes[key]
+            if type(values) is not list:
+                values = [values]
+            for value in values:
+                attr = lasso.Saml2Attribute()
+                attr.name = key
+                attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC
+                value = str(value).encode('utf-8')
+                self.debug('value %s' % value)
+                node = lasso.MiscTextNode.newWithString(value)
+                node.textChild = True
+                attrvalue = lasso.Saml2AttributeValue()
+                attrvalue.any = [node]
+                attr.attributeValue = [attrvalue]
+                attrstat.attribute = attrstat.attribute + (attr,)
 
         self.debug('Assertion: %s' % login.assertion.dump())
author	Simo Sorce <simo@redhat.com>	2014-10-09 14:44:04 -0400
committer	Patrick Uiterwijk <puiterwijk@redhat.com>	2014-10-24 18:03:18 +0200
commit	d274763d8dc06b42f70014b14fcb2e852c086751 (patch)
tree	d27d9caa5ea65440325fbb94c454f4ab1e5b0172 /ipsilon/providers
parent	f461a713ce28e434a34dca4e4d1abbfe255ef1ff (diff)
download	ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.tar.gz ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.tar.xz ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.zip