From db88788fe906f315733b6ae67929f62cfc307d24 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Mon, 16 Feb 2015 13:47:33 -0500
Subject: Add support for attribute policies in openidp

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 ipsilon/providers/openidp.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'ipsilon/providers/openidp.py')

diff --git a/ipsilon/providers/openidp.py b/ipsilon/providers/openidp.py
index 13f6819..6bdf557 100644
--- a/ipsilon/providers/openidp.py
+++ b/ipsilon/providers/openidp.py
@@ -53,6 +53,14 @@ Provides OpenID 2.0 authentication infrastructure. """
                 'enabled extensions',
                 'Choose the extensions to enable',
                 self.extensions.available().keys()),
+            pconfig.MappingList(
+                'default attribute mapping',
+                'Defines how to map attributes before calling extensions',
+                [['*', '*']]),
+            pconfig.ComplexList(
+                'default allowed attributes',
+                'Defines a list of allowed attributes, applied after mapping',
+                ['*']),
         )
 
     @property
@@ -87,6 +95,14 @@ Provides OpenID 2.0 authentication infrastructure. """
     def enabled_extensions(self):
         return self.get_config_value('enabled extensions')
 
+    @property
+    def default_attribute_mapping(self):
+        return self.get_config_value('default attribute mapping')
+
+    @property
+    def default_allowed_attributes(self):
+        return self.get_config_value('default allowed attributes')
+
     def get_tree(self, site):
         self.init_idp()
         self.page = OpenID(site, self)
-- 
cgit