51 lines
1.8 KiB
Python
51 lines
1.8 KiB
Python
import json
|
|
import logging
|
|
|
|
from django.contrib.auth import get_user_model
|
|
from django.contrib.auth.backends import ModelBackend
|
|
|
|
from . import models, app_settings, utils
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
class FcBackend(ModelBackend):
|
|
def authenticate(self, sub=None, **kwargs):
|
|
user_info = kwargs.get('user_info')
|
|
user = None
|
|
try:
|
|
fc_account = models.FcAccount.objects.get(sub=sub, user__is_active=True)
|
|
msg = 'existing user {} using sub {}'.format(fc_account.user, sub)
|
|
logger.debug(msg)
|
|
user = fc_account.user
|
|
except models.FcAccount.DoesNotExist:
|
|
logger.debug('user with the sub {} not existing.'.format(sub))
|
|
if user_info:
|
|
if not user and app_settings.create:
|
|
User = get_user_model()
|
|
user = User.objects.create()
|
|
fc_account = models.FcAccount.objects.create(
|
|
user=user,
|
|
sub=sub,
|
|
token=json.dumps(kwargs['token']))
|
|
msg = 'user creation enabled with fc_account (sub : {} - token : {})'.format(
|
|
sub,
|
|
json.dumps(kwargs['token'])
|
|
)
|
|
logger.debug(msg)
|
|
if not user:
|
|
return None
|
|
msg = 'updated (given_name : {} - family_name : {}) '.format(
|
|
user_info['given_name'],
|
|
user_info['family_name'],
|
|
)
|
|
user.first_name = user_info['given_name']
|
|
user.last_name = user_info['family_name']
|
|
logger.debug(msg)
|
|
utils.apply_user_info_mappings(user, user_info)
|
|
return user
|
|
|
|
def get_saml2_authn_context(self):
|
|
import lasso
|
|
return lasso.SAML2_AUTHN_CONTEXT_PASSWORD_PROTECTED_TRANSPORT
|