saml: add verified fields in user profile (#12366)

extra/modules/saml2.py

@@ -111,5 +111,25 @@ class Saml2Directory(qommon.saml2.Saml2Directory):
         if login and login.identity:
             user.lasso_dump = login.identity.dump()
 
+        lasso_session = lasso.Session.newFromDump(session.lasso_session_dump)
+        assertion = lasso_session.getAssertions(None)[0]
+        for attribute in assertion.attributeStatement[0].attribute:
+            if attribute.name == 'verified_attributes':
+                verified_attributes = [x.any[0].content for x in attribute.attributeValue]
+                if verified_attributes:
+                    # XXX: if there are any verified attributes we consider
+                    # first and last names are also verified.  This is to work
+                    # around the fact that those attributes are handled
+                    # differently in authentic and cannot be marked as
+                    # verified.
+                    verified_attributes.extend(['first_name', 'last_name'])
+                verified_fields = []
+                if user.get_formdef() and user.get_formdef().fields:
+                    for field in user.get_formdef().fields:
+                        if field.varname in verified_attributes:
+                            verified_fields.append(field.id)
+                user.verified_fields = verified_fields
+                break
+
         user.store()
         return user