auth_saml: adapt to schema change in django-mellon (#57101)

src/authentic2_auth_saml/apps.py

@@ -39,7 +39,7 @@ class AppConfig(django.apps.AppConfig):
             instance.old_data = instance.old_data or {}
             instance.old_data.setdefault('saml_accounts', []).append(
                 {
-                    'issuer': saml_account.issuer,
+                    'issuer': saml_account.issuer.entity_id,
                     'name_id': saml_account.name_id,
                 }
             )
@@ -49,7 +49,7 @@ class AppConfig(django.apps.AppConfig):
         if not user_saml_identifiers:
             return ['']
         for user_saml_identifier in user_saml_identifiers:
-            user_saml_identifier.idp = get_idp(user_saml_identifier.issuer)
+            user_saml_identifier.idp = get_idp(user_saml_identifier.issuer.entity_id)
         context = {'user_saml_identifiers': user_saml_identifiers}
         return [
             template.loader.get_template('authentic2_auth_saml/manager_user_sidebar.html').render(context)

src/authentic2_auth_saml/authenticators.py

@@ -72,6 +72,6 @@ class SAMLAuthenticator(BaseAuthenticator):
         if not user_saml_identifiers:
             return ''
         for user_saml_identifier in user_saml_identifiers:
-            user_saml_identifier.idp = get_idp(user_saml_identifier.issuer)
+            user_saml_identifier.idp = get_idp(user_saml_identifier.issuer.entity_id)
         context['user_saml_identifiers'] = user_saml_identifiers
         return render_to_string('authentic2_auth_saml/profile.html', context, request=request)

src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html

@@ -1,6 +1,6 @@
 {% load i18n %}
 {% for identifier in user_saml_identifiers %}
-{% firstof identifier.idp.DISPLAY_NAME identifier.issuer as provider %}
+{% firstof identifier.idp.DISPLAY_NAME identifier.issuer.entity_id as provider %}
 <p>
 {% blocktrans trimmed with created=identifier.created name_id=identifier.name_id %}
 Link with SAML provider {{ provider }} created on {{ created }} (NameID {{ name_id }}).

src/authentic2_auth_saml/templates/authentic2_auth_saml/profile.html

@@ -2,7 +2,7 @@
 
 <ul>
 {% for user_saml_identifier in user_saml_identifiers %}
-    <li>{% firstof user_saml_identifier.idp.DISPLAY_NAME user_saml_identifier.issuer %}&nbsp;:
+    <li>{% firstof user_saml_identifier.idp.DISPLAY_NAME user_saml_identifier.issuer.entity_id %}&nbsp;:
         {{ user_saml_identifier.name_id }}
     </li>
 {% endfor %}

tests/test_auth_saml.py

@@ -20,7 +20,7 @@ import re
 import lasso
 import pytest
 from django.contrib.auth import get_user_model
-from mellon.models import UserSAMLIdentifier
+from mellon.models import Issuer, UserSAMLIdentifier
 
 from authentic2.custom_user.models import DeletedUser
 from authentic2.models import Attribute
@@ -258,8 +258,10 @@ def test_login_autorun(db, app, settings):
 
 def test_save_account_on_delete_user(db):
     user = User.objects.create()
-    UserSAMLIdentifier.objects.create(user=user, issuer='https://idp1.com/', name_id='1234')
-    UserSAMLIdentifier.objects.create(user=user, issuer='https://idp2.com/', name_id='4567')
+    issuer1, created = Issuer.objects.get_or_create(entity_id='https://idp1.com/')
+    UserSAMLIdentifier.objects.create(user=user, issuer=issuer1, name_id='1234')
+    issuer2, created = Issuer.objects.get_or_create(entity_id='https://idp2.com/')
+    UserSAMLIdentifier.objects.create(user=user, issuer=issuer2, name_id='4567')
 
     user.delete()
     assert UserSAMLIdentifier.objects.count() == 0
@@ -282,7 +284,8 @@ def test_manager_user_sidebar(app, superuser, simple_user):
     response = app.get('/manage/users/%s/' % simple_user.id)
     assert 'SAML' not in response
 
-    UserSAMLIdentifier.objects.create(user=simple_user, issuer='https://idp1.com/', name_id='1234')
+    issuer1, created = Issuer.objects.get_or_create(entity_id='https://idp1.com/')
+    UserSAMLIdentifier.objects.create(user=simple_user, issuer=issuer1, name_id='1234')
 
     response = app.get('/manage/users/%s/' % simple_user.id)
     assert 'SAML' in response