auth_oidc: move claims form code (#66419)
This commit is contained in:
parent
451b195ac8
commit
519dbc5463
|
@ -14,74 +14,11 @@
|
|||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
from collections import OrderedDict
|
||||
|
||||
from django import forms
|
||||
from django.contrib import admin
|
||||
from django.utils.translation import ugettext as _
|
||||
|
||||
from authentic2.custom_user.models import User
|
||||
from authentic2.forms.widgets import DatalistTextInput
|
||||
from authentic2.models import Attribute
|
||||
|
||||
from . import models
|
||||
|
||||
|
||||
class OIDCClaimMappingForm(forms.ModelForm):
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
claim_widget = self.fields['claim'].widget
|
||||
# fill datalist with standard claims from
|
||||
# https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
|
||||
claim_widget.data = (
|
||||
'sub',
|
||||
'name',
|
||||
'given_name',
|
||||
'family_name',
|
||||
'nickname',
|
||||
'preferred_username',
|
||||
'profile',
|
||||
'picture',
|
||||
'website',
|
||||
'email',
|
||||
'email_verified',
|
||||
'gender',
|
||||
'birthdate',
|
||||
'zoneinfo',
|
||||
'locale',
|
||||
'phone_number',
|
||||
'phone_number_verified',
|
||||
'address',
|
||||
'updated_at',
|
||||
)
|
||||
claim_widget.name = 'list__oidcclaim-mapping-inline'
|
||||
claim_widget.attrs.update({'list': 'list__oidcclaim-mapping-inline'})
|
||||
|
||||
# Setup the attribute field
|
||||
choices = OrderedDict([('', '---------')])
|
||||
for name in ('email', 'username', 'first_name', 'last_name'):
|
||||
field = User._meta.get_field(name)
|
||||
choices[name] = '%s (%s)' % (field.verbose_name.title(), name)
|
||||
for attribute in Attribute.objects.all():
|
||||
if attribute.name in choices:
|
||||
continue
|
||||
choices[attribute.name] = '%s (%s)' % (attribute.label, attribute.name)
|
||||
choices['ou__slug'] = _('Organizational unit slug (ou__slug)')
|
||||
self.fields['attribute'] = forms.ChoiceField(choices=choices.items())
|
||||
|
||||
class Meta:
|
||||
model = models.OIDCClaimMapping
|
||||
fields = [
|
||||
'claim',
|
||||
'attribute',
|
||||
'verified',
|
||||
'required',
|
||||
'idtoken_claim',
|
||||
]
|
||||
readonly_fields = ['created', 'modified']
|
||||
widgets = {
|
||||
'claim': DatalistTextInput,
|
||||
}
|
||||
from .forms import OIDCClaimMappingForm
|
||||
|
||||
|
||||
class OIDCClaimMappingInline(admin.TabularInline):
|
||||
|
|
|
@ -14,9 +14,16 @@
|
|||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
from django import forms
|
||||
from collections import OrderedDict
|
||||
|
||||
from .models import OIDCProvider
|
||||
from django import forms
|
||||
from django.utils.translation import ugettext as _
|
||||
|
||||
from authentic2.custom_user.models import User
|
||||
from authentic2.forms.widgets import DatalistTextInput
|
||||
from authentic2.models import Attribute
|
||||
|
||||
from .models import OIDCClaimMapping, OIDCProvider
|
||||
|
||||
|
||||
class OIDCProviderEditForm(forms.ModelForm):
|
||||
|
@ -28,3 +35,60 @@ class OIDCProviderEditForm(forms.ModelForm):
|
|||
super().__init__(*args, **kwargs)
|
||||
self.fields['ou'].required = True
|
||||
self.fields['ou'].empty_label = None
|
||||
|
||||
|
||||
class OIDCClaimMappingForm(forms.ModelForm):
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
claim_widget = self.fields['claim'].widget
|
||||
# fill datalist with standard claims from
|
||||
# https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
|
||||
claim_widget.data = (
|
||||
'sub',
|
||||
'name',
|
||||
'given_name',
|
||||
'family_name',
|
||||
'nickname',
|
||||
'preferred_username',
|
||||
'profile',
|
||||
'picture',
|
||||
'website',
|
||||
'email',
|
||||
'email_verified',
|
||||
'gender',
|
||||
'birthdate',
|
||||
'zoneinfo',
|
||||
'locale',
|
||||
'phone_number',
|
||||
'phone_number_verified',
|
||||
'address',
|
||||
'updated_at',
|
||||
)
|
||||
claim_widget.name = 'list__oidcclaim-mapping-inline'
|
||||
claim_widget.attrs.update({'list': 'list__oidcclaim-mapping-inline'})
|
||||
|
||||
# Setup the attribute field
|
||||
choices = OrderedDict([('', '---------')])
|
||||
for name in ('email', 'username', 'first_name', 'last_name'):
|
||||
field = User._meta.get_field(name)
|
||||
choices[name] = '%s (%s)' % (field.verbose_name.title(), name)
|
||||
for attribute in Attribute.objects.all():
|
||||
if attribute.name in choices:
|
||||
continue
|
||||
choices[attribute.name] = '%s (%s)' % (attribute.label, attribute.name)
|
||||
choices['ou__slug'] = _('Organizational unit slug (ou__slug)')
|
||||
self.fields['attribute'] = forms.ChoiceField(choices=choices.items())
|
||||
|
||||
class Meta:
|
||||
model = OIDCClaimMapping
|
||||
fields = [
|
||||
'claim',
|
||||
'attribute',
|
||||
'verified',
|
||||
'required',
|
||||
'idtoken_claim',
|
||||
]
|
||||
readonly_fields = ['created', 'modified']
|
||||
widgets = {
|
||||
'claim': DatalistTextInput,
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue