entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 32 Releases Activity

auth_oidc: improve claims string representation (#66419)

This commit is contained in:
Valentin Deniaud 2022-08-25 15:49:58 +02:00
parent 08324df0f7
commit 99236eafe1
3 changed files with 29 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/authentic2_auth_oidc/forms.py
View File

@ -14,9 +14,8 @@
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from collections import OrderedDict
from django import forms
from django.utils.text import capfirst
from django.utils.translation import ugettext as _
from authentic2.custom_user.models import User
@ -37,6 +36,23 @@ class OIDCProviderEditForm(forms.ModelForm):
self.fields['ou'].empty_label = None
class SelectAttributeWidget(forms.Select):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.choices = [('', '---------')] + list(self.get_options().items())
@staticmethod
def get_options():
choices = {}
for name in ('email', 'username', 'first_name', 'last_name'):
field = User._meta.get_field(name)
choices[name] = '%s (%s)' % (capfirst(field.verbose_name), name)
for attribute in Attribute.objects.exclude(name__in=choices):
choices[attribute.name] = '%s (%s)' % (attribute.label, attribute.name)
choices['ou__slug'] = _('Organizational unit slug (ou__slug)')
return choices
class OIDCClaimMappingForm(forms.ModelForm):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
@ -67,17 +83,7 @@ class OIDCClaimMappingForm(forms.ModelForm):
claim_widget.name = 'list__oidcclaim-mapping-inline'
claim_widget.attrs.update({'list': 'list__oidcclaim-mapping-inline'})
# Setup the attribute field
choices = OrderedDict([('', '---------')])
for name in ('email', 'username', 'first_name', 'last_name'):
field = User._meta.get_field(name)
choices[name] = '%s (%s)' % (field.verbose_name.title(), name)
for attribute in Attribute.objects.all():
if attribute.name in choices:
continue
choices[attribute.name] = '%s (%s)' % (attribute.label, attribute.name)
choices['ou__slug'] = _('Organizational unit slug (ou__slug)')
self.fields['attribute'] = forms.ChoiceField(choices=choices.items())
self.fields['attribute'].widget = SelectAttributeWidget()
class Meta:
model = OIDCClaimMapping

7
src/authentic2_auth_oidc/models.py
View File

@ -243,8 +243,13 @@ class OIDCClaimMapping(models.Model):
def natural_key(self):
return (self.claim, self.attribute, self.verified, self.required)
def get_attribute_display(self):
from .forms import SelectAttributeWidget
return SelectAttributeWidget.get_options().get(self.attribute, self.attribute)
def __str__(self):
s = f'{self.claim} -> {self.attribute}'
s = '%s%s' % (self.claim, self.get_attribute_display())
if self.verified:
s += ', verified'
if self.required:

8
tests/test_manager_authenticators.py
View File

@ -199,7 +199,7 @@ def test_authenticators_oidc_claims(app, superuser):
resp = resp.click('Add')
resp.form['claim'] = 'email'
resp.form['attribute'].select(text='Email Address (email)')
resp.form['attribute'].select(text='Email address (email)')
resp.form['verified'].select(text='verified claim')
resp.form['required'] = True
resp.form['idtoken_claim'] = True
@ -208,12 +208,12 @@ def test_authenticators_oidc_claims(app, superuser):
assert '#open:claims' in resp.location
resp = resp.follow()
assert escape('email -> email, verified, required, idtoken') in resp.text
assert 'email → Email address (email), verified, required, idtoken' in resp.text
resp = resp.click('email')
resp.form['attribute'].select(text='First Name (first_name)')
resp.form['attribute'].select(text='First name (first_name)')
resp = resp.form.submit().follow()
assert escape('email -> first_name, verified, required, idtoken') in resp.text
assert 'email → First name (first_name), verified, required, idtoken' in resp.text
assert_event('authenticator.oidc.claim.edit', user=superuser, session=app.session)
resp = resp.click('Remove')