diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2015-04-09 15:11:39 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2015-04-10 10:41:22 -0400 |
| commit | 1055b7bc810139d1e6ee3c225bcfba7b88e7aeab (patch) | |
| tree | fd846f8573ad95807d8ff0874ffe57c47012a12c /ipsilon | |
| parent | cd0a566562d0279d13c3df08366bc38acf53011a (diff) | |
| download | ipsilon-1055b7bc810139d1e6ee3c225bcfba7b88e7aeab.tar.gz ipsilon-1055b7bc810139d1e6ee3c225bcfba7b88e7aeab.tar.xz ipsilon-1055b7bc810139d1e6ee3c225bcfba7b88e7aeab.zip | |
Add test for per-SP allowed and mapping attributes
This buidls up a specific global mapping and allowed attributes then
creates an SP-specific configuration which differs enough to confirm
that it is in fact overriding the default. It finishes by removing the
per-SP configuration and ensuring that it falls back to the IdP-default.
https://fedorahosted.org/ipsilon/ticket/25
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'ipsilon')
| -rw-r--r-- | ipsilon/providers/saml2/auth.py | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py index 12af16b..bdcb9b8 100644 --- a/ipsilon/providers/saml2/auth.py +++ b/ipsilon/providers/saml2/auth.py @@ -226,6 +226,8 @@ class AuthenticateRequest(ProviderPageBase): allowed_attributes = provider.allowed_attributes else: allowed_attributes = self.cfg.default_allowed_attributes + self.debug("Allowed attrs: %s" % allowed_attributes) + self.debug("Mapping: %s" % attribute_mappings) policy = Policy(attribute_mappings, allowed_attributes) userattrs = us.get_user_attrs() mappedattrs, _ = policy.map_attributes(userattrs) |