adapter: add an adapter framework to customize the username put into LTPA tokens

authentic2_idp_ltpa/adapter.py

@@ -0,0 +1,18 @@
+from django.utils.importlib import import_module
+from django.core.exceptions import ImproperlyConfigured
+
+from . import app_settings
+
+def get_adapter():
+    module, cls = app_settings.ADAPTER
+    try:
+        module = import_module(module)
+        cls = getattr(module, cls)
+    except (ImportError, AttributeError):
+        msg = 'LTPA user adapter not found: %r' % app_settings.ADAPTER
+        raise ImproperlyConfigured(msg)
+    return cls()
+
+class UserAdapter(object):
+    def get_username(self, request):
+        return request.user.username

authentic2_idp_ltpa/app_settings.py

@@ -5,6 +5,7 @@ class AppSettings(object):
             'COOKIE_NAME': 'domino',
             'COOKIE_DOMAIN': None,
             'COOKIE_HTTP_ONLY': True,
+            'ADAPTER': 'authentic2_idp_ltpa.adapter.UserAdapter',
     }
 
     def __init__(self, prefix):

authentic2_idp_ltpa/views.py

@@ -4,7 +4,7 @@ from django.http import HttpResponseRedirect
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth import REDIRECT_FIELD_NAME
 
-from . import app_settings, utils
+from . import app_settings, utils, adapter
 
 @login_required
 def ltpa(request):
@@ -14,7 +14,8 @@ def ltpa(request):
     if app_settings.TOKEN_SECRET is None:
         raise ImproperlyConfigured('missing TOKEN_SECRET')
     secret = utils.decode_secret(app_settings.TOKEN_SECRET)
-    token = utils.generate_domino_ltpa_token(request.user.username, secret)
+    user = adapter.get_adapter().get_username(request)
+    token = utils.generate_domino_ltpa_token(user, secret)
     domain = app_settings.COOKIE_DOMAIN or request.META['HTTP_HOST']
     response.set_cookie(app_settings.COOKIE_NAME, token, domain=domain,
             httponly=app_settings.COOKIE_HTTP_ONLY)