diff options
Diffstat (limited to 'ipsilon/providers')
| -rwxr-xr-x | ipsilon/providers/openid/auth.py | 13 | ||||
| -rwxr-xr-x | ipsilon/providers/openidp.py | 2 | ||||
| -rwxr-xr-x | ipsilon/providers/saml2/auth.py | 37 |
3 files changed, 34 insertions, 18 deletions
diff --git a/ipsilon/providers/openid/auth.py b/ipsilon/providers/openid/auth.py index abf19ae..868daf1 100755 --- a/ipsilon/providers/openid/auth.py +++ b/ipsilon/providers/openid/auth.py @@ -162,17 +162,16 @@ class AuthenticateRequest(ProviderPageBase): 'openid_request': json.dumps(kwargs)} self.trans.store(data) - # Add extension data to this list of dictionaries - ad = [ - { - "Trust Root": request.trust_root, - }, - ] + # Add extension data to this dictionary + ad = { + "Trust Root": request.trust_root, + } userattrs = us.get_user_attrs() for n, e in self.cfg.extensions.items(): data = e.get_display_data(request, userattrs) self.debug('%s returned %s' % (n, repr(data))) - ad.append(data) + for key, value in data.items(): + ad[self.cfg.mapping.display_name(key)] = value context = { "title": 'Consent', diff --git a/ipsilon/providers/openidp.py b/ipsilon/providers/openidp.py index 2e41050..a3e1b63 100755 --- a/ipsilon/providers/openidp.py +++ b/ipsilon/providers/openidp.py @@ -9,6 +9,7 @@ from ipsilon.providers.common import FACILITY from ipsilon.providers.openid.auth import OpenID from ipsilon.providers.openid.extensions.common import LoadExtensions from ipsilon.util.plugin import PluginObject +from ipsilon.info.common import InfoMapping from openid.server.server import Server # TODO: Move this to the database @@ -19,6 +20,7 @@ class IdpProvider(ProviderBase): def __init__(self): super(IdpProvider, self).__init__('openid', 'openid') + self.mapping = InfoMapping() self.page = None self.server = None self.basepath = None diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py index cbfeaaa..87f4ac8 100755 --- a/ipsilon/providers/saml2/auth.py +++ b/ipsilon/providers/saml2/auth.py @@ -210,18 +210,33 @@ class AuthenticateRequest(ProviderPageBase): if not attrstat.attribute: attrstat.attribute = () - attributes = us.get_user_attrs() + attributes = dict() + userattrs = us.get_user_attrs() + for key, value in userattrs.get('userdata', {}).iteritems(): + if type(value) is str: + attributes[key] = value + if 'groups' in userattrs: + attributes['group'] = userattrs['groups'] + for _, info in userattrs.get('extras', {}).iteritems(): + for key, value in info.items(): + attributes[key] = value + for key in attributes: - attr = lasso.Saml2Attribute() - attr.name = key - attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC - value = str(attributes[key]).encode('utf-8') - node = lasso.MiscTextNode.newWithString(value) - node.textChild = True - attrvalue = lasso.Saml2AttributeValue() - attrvalue.any = [node] - attr.attributeValue = [attrvalue] - attrstat.attribute = attrstat.attribute + (attr,) + values = attributes[key] + if type(values) is not list: + values = [values] + for value in values: + attr = lasso.Saml2Attribute() + attr.name = key + attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC + value = str(value).encode('utf-8') + self.debug('value %s' % value) + node = lasso.MiscTextNode.newWithString(value) + node.textChild = True + attrvalue = lasso.Saml2AttributeValue() + attrvalue.any = [node] + attr.attributeValue = [attrvalue] + attrstat.attribute = attrstat.attribute + (attr,) self.debug('Assertion: %s' % login.assertion.dump()) |