diff options
author | Simo Sorce <simo@redhat.com> | 2014-10-09 14:44:04 -0400 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-10-24 18:03:18 +0200 |
commit | d274763d8dc06b42f70014b14fcb2e852c086751 (patch) | |
tree | d27d9caa5ea65440325fbb94c454f4ab1e5b0172 /ipsilon/providers | |
parent | f461a713ce28e434a34dca4e4d1abbfe255ef1ff (diff) | |
download | ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.tar.gz ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.tar.xz ipsilon-d274763d8dc06b42f70014b14fcb2e852c086751.zip |
Add attribute mapping for user information
When user information is retrieved we map any wellknown data to a
standardized set of names.
A ne InfoMapping class takes cares of helping the info modules to
map the data they retrieve so that providers can find it in wellknown
attribute names for further use.
Mapping of attribute names for diplay purposes is also provided.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/providers')
-rwxr-xr-x | ipsilon/providers/openid/auth.py | 13 | ||||
-rwxr-xr-x | ipsilon/providers/openidp.py | 2 | ||||
-rwxr-xr-x | ipsilon/providers/saml2/auth.py | 37 |
3 files changed, 34 insertions, 18 deletions
diff --git a/ipsilon/providers/openid/auth.py b/ipsilon/providers/openid/auth.py index abf19ae..868daf1 100755 --- a/ipsilon/providers/openid/auth.py +++ b/ipsilon/providers/openid/auth.py @@ -162,17 +162,16 @@ class AuthenticateRequest(ProviderPageBase): 'openid_request': json.dumps(kwargs)} self.trans.store(data) - # Add extension data to this list of dictionaries - ad = [ - { - "Trust Root": request.trust_root, - }, - ] + # Add extension data to this dictionary + ad = { + "Trust Root": request.trust_root, + } userattrs = us.get_user_attrs() for n, e in self.cfg.extensions.items(): data = e.get_display_data(request, userattrs) self.debug('%s returned %s' % (n, repr(data))) - ad.append(data) + for key, value in data.items(): + ad[self.cfg.mapping.display_name(key)] = value context = { "title": 'Consent', diff --git a/ipsilon/providers/openidp.py b/ipsilon/providers/openidp.py index 2e41050..a3e1b63 100755 --- a/ipsilon/providers/openidp.py +++ b/ipsilon/providers/openidp.py @@ -9,6 +9,7 @@ from ipsilon.providers.common import FACILITY from ipsilon.providers.openid.auth import OpenID from ipsilon.providers.openid.extensions.common import LoadExtensions from ipsilon.util.plugin import PluginObject +from ipsilon.info.common import InfoMapping from openid.server.server import Server # TODO: Move this to the database @@ -19,6 +20,7 @@ class IdpProvider(ProviderBase): def __init__(self): super(IdpProvider, self).__init__('openid', 'openid') + self.mapping = InfoMapping() self.page = None self.server = None self.basepath = None diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py index cbfeaaa..87f4ac8 100755 --- a/ipsilon/providers/saml2/auth.py +++ b/ipsilon/providers/saml2/auth.py @@ -210,18 +210,33 @@ class AuthenticateRequest(ProviderPageBase): if not attrstat.attribute: attrstat.attribute = () - attributes = us.get_user_attrs() + attributes = dict() + userattrs = us.get_user_attrs() + for key, value in userattrs.get('userdata', {}).iteritems(): + if type(value) is str: + attributes[key] = value + if 'groups' in userattrs: + attributes['group'] = userattrs['groups'] + for _, info in userattrs.get('extras', {}).iteritems(): + for key, value in info.items(): + attributes[key] = value + for key in attributes: - attr = lasso.Saml2Attribute() - attr.name = key - attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC - value = str(attributes[key]).encode('utf-8') - node = lasso.MiscTextNode.newWithString(value) - node.textChild = True - attrvalue = lasso.Saml2AttributeValue() - attrvalue.any = [node] - attr.attributeValue = [attrvalue] - attrstat.attribute = attrstat.attribute + (attr,) + values = attributes[key] + if type(values) is not list: + values = [values] + for value in values: + attr = lasso.Saml2Attribute() + attr.name = key + attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC + value = str(value).encode('utf-8') + self.debug('value %s' % value) + node = lasso.MiscTextNode.newWithString(value) + node.textChild = True + attrvalue = lasso.Saml2AttributeValue() + attrvalue.any = [node] + attr.attributeValue = [attrvalue] + attrstat.attribute = attrstat.attribute + (attr,) self.debug('Assertion: %s' % login.assertion.dump()) |