From fd74358a9ecbb32681d2227e40390c4896ec36fd Mon Sep 17 00:00:00 2001 From: Valentin Deniaud Date: Thu, 25 Mar 2021 15:16:24 +0100 Subject: [PATCH] manager: include oidc and saml federation info in user details (#28210) --- .../authentic2_auth_fc/manager_user_sidebar.html | 2 +- src/authentic2_auth_oidc/apps.py | 7 +++++++ .../manager_user_sidebar.html | 8 ++++++++ src/authentic2_auth_saml/apps.py | 13 +++++++++++++ .../manager_user_sidebar.html | 9 +++++++++ tests/test_auth_oidc.py | 13 +++++++++++++ tests/test_auth_saml.py | 15 +++++++++++++++ 7 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 src/authentic2_auth_oidc/templates/authentic2_auth_oidc/manager_user_sidebar.html create mode 100644 src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html diff --git a/src/authentic2_auth_fc/templates/authentic2_auth_fc/manager_user_sidebar.html b/src/authentic2_auth_fc/templates/authentic2_auth_fc/manager_user_sidebar.html index 98665d367..dcd8f0ff8 100644 --- a/src/authentic2_auth_fc/templates/authentic2_auth_fc/manager_user_sidebar.html +++ b/src/authentic2_auth_fc/templates/authentic2_auth_fc/manager_user_sidebar.html @@ -1,6 +1,6 @@ {% load i18n %} {% for account in user.fc_accounts.all %}
-

{% trans "Link with FranceConnect created on" %} {{ account.created }}

+

{% trans "Link with FranceConnect created on" %} {{ account.created }}.

{% endfor %} diff --git a/src/authentic2_auth_oidc/apps.py b/src/authentic2_auth_oidc/apps.py index b6792ef41..340531215 100644 --- a/src/authentic2_auth_oidc/apps.py +++ b/src/authentic2_auth_oidc/apps.py @@ -15,6 +15,7 @@ # along with this program. If not, see . import django.apps +from django import template class Plugin(object): @@ -101,3 +102,9 @@ class AppConfig(django.apps.AppConfig): 'sub': oidc_account.sub, } ) + + def a2_hook_manager_user_data(self, view, user): + context = {'user': user} + return [ + template.loader.get_template('authentic2_auth_oidc/manager_user_sidebar.html').render(context) + ] diff --git a/src/authentic2_auth_oidc/templates/authentic2_auth_oidc/manager_user_sidebar.html b/src/authentic2_auth_oidc/templates/authentic2_auth_oidc/manager_user_sidebar.html new file mode 100644 index 000000000..0a0e0c43a --- /dev/null +++ b/src/authentic2_auth_oidc/templates/authentic2_auth_oidc/manager_user_sidebar.html @@ -0,0 +1,8 @@ +{% load i18n %} +{% if user.oidc_account %} +

+{% blocktrans trimmed with created=user.oidc_account.created name=user.oidc_account.provider.name sub=user.oidc_account.sub %} +Link with OIDC provider {{ name }} created on {{ created }} (sub {{ sub }}). +{% endblocktrans %} +

+{% endif %} diff --git a/src/authentic2_auth_saml/apps.py b/src/authentic2_auth_saml/apps.py index 941c5be67..b02cc6ae5 100644 --- a/src/authentic2_auth_saml/apps.py +++ b/src/authentic2_auth_saml/apps.py @@ -15,6 +15,8 @@ # along with this program. If not, see . import django.apps +from django import template +from mellon.utils import get_idp class AppConfig(django.apps.AppConfig): @@ -41,3 +43,14 @@ class AppConfig(django.apps.AppConfig): 'name_id': saml_account.name_id, } ) + + def a2_hook_manager_user_data(self, view, user): + user_saml_identifiers = user.saml_identifiers.all() + if not user_saml_identifiers: + return [''] + for user_saml_identifier in user_saml_identifiers: + user_saml_identifier.idp = get_idp(user_saml_identifier.issuer) + context = {'user_saml_identifiers': user_saml_identifiers} + return [ + template.loader.get_template('authentic2_auth_saml/manager_user_sidebar.html').render(context) + ] diff --git a/src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html b/src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html new file mode 100644 index 000000000..095ca1ca0 --- /dev/null +++ b/src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html @@ -0,0 +1,9 @@ +{% load i18n %} +{% for identifier in user_saml_identifiers %} +{% firstof identifier.idp.DISPLAY_NAME identifier.issuer as provider %} +

+{% blocktrans trimmed with created=identifier.created name_id=identifier.name_id %} +Link with SAML provider {{ provider }} created on {{ created }} (NameID {{ name_id }}). +{% endblocktrans %} +

+{% endfor %} diff --git a/tests/test_auth_oidc.py b/tests/test_auth_oidc.py index 9990671ef..e046a886b 100644 --- a/tests/test_auth_oidc.py +++ b/tests/test_auth_oidc.py @@ -899,3 +899,16 @@ def test_multiple_users_with_same_email(app, caplog, code, oidc_provider_jwkset, assert '_auth_user_id' not in app.session assert OIDCAccount.objects.count() == 0 assert 'too many users' in caplog.records[-1].message + + +def test_manager_user_sidebar(app, superuser, simple_user, oidc_provider): + utils.login(app, superuser, '/manage/') + response = app.get('/manage/users/%s/' % simple_user.id) + assert 'OIDC' not in response + + OIDCAccount.objects.create(user=simple_user, provider=oidc_provider, sub='1234') + + response = app.get('/manage/users/%s/' % simple_user.id) + assert 'OIDC' in response + assert 'Server' in response + assert '1234' in response diff --git a/tests/test_auth_saml.py b/tests/test_auth_saml.py index 5d4bf49d2..abdeee1f2 100644 --- a/tests/test_auth_saml.py +++ b/tests/test_auth_saml.py @@ -26,6 +26,8 @@ from authentic2.custom_user.models import DeletedUser from authentic2.models import Attribute from authentic2_auth_saml.adapters import AuthenticAdapter, MappingError +from .utils import login + User = get_user_model() @@ -273,3 +275,16 @@ def test_save_account_on_delete_user(db): 'name_id': '4567', }, ] + + +def test_manager_user_sidebar(app, superuser, simple_user): + login(app, superuser, '/manage/') + response = app.get('/manage/users/%s/' % simple_user.id) + assert 'SAML' not in response + + UserSAMLIdentifier.objects.create(user=simple_user, issuer='https://idp1.com/', name_id='1234') + + response = app.get('/manage/users/%s/' % simple_user.id) + assert 'SAML' in response + assert 'https://idp1.com/' in response + assert '1234' in response