Implement urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

Return the name the user authenticated with. https://fedorahosted.org/ipsilon/ticket/27 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
author: Rob Crittenden <rcritten@redhat.com> 2015-03-23 13:57:12 -0400
committer: Simo Sorce <simo@redhat.com> 2015-03-23 18:00:21 -0400
commit: 704452cfa38a1d880fab920dab25f670f4fbc519 (patch)
tree: 42fc0b5fe55089e4f1e5ec66ae1594b6aa88aa38 /ipsilon/providers/saml2/auth.py
parent: 217cabe5a2b0950b9ac4090568aa8986d51f4fc5 (diff)
download: ipsilon-704452cfa38a1d880fab920dab25f670f4fbc519.tar.gz
ipsilon-704452cfa38a1d880fab920dab25f670f4fbc519.tar.xz
ipsilon-704452cfa38a1d880fab920dab25f670f4fbc519.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py
index 4bfbc1a..d895f43 100644
--- a/ipsilon/providers/saml2/auth.py
+++ b/ipsilon/providers/saml2/auth.py
@@ -202,6 +202,8 @@ class AuthenticateRequest(ProviderPageBase):
             nameid = us.get_user().email
             if not nameid:
                 nameid = '%s@%s' % (user.name, self.cfg.default_email_domain)
+        elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_UNSPECIFIED:
+            nameid = provider.normalize_username(user.name)
 
         if nameid:
             login.assertion.subject.nameId.format = nameidfmt
author	Rob Crittenden <rcritten@redhat.com>	2015-03-23 13:57:12 -0400
committer	Simo Sorce <simo@redhat.com>	2015-03-23 18:00:21 -0400
commit	704452cfa38a1d880fab920dab25f670f4fbc519 (patch)
tree	42fc0b5fe55089e4f1e5ec66ae1594b6aa88aa38 /ipsilon/providers/saml2/auth.py
parent	217cabe5a2b0950b9ac4090568aa8986d51f4fc5 (diff)
download	ipsilon-704452cfa38a1d880fab920dab25f670f4fbc519.tar.gz ipsilon-704452cfa38a1d880fab920dab25f670f4fbc519.tar.xz ipsilon-704452cfa38a1d880fab920dab25f670f4fbc519.zip