From 330e8fdad0ba52f0af40477d3192988bcd1d8074 Mon Sep 17 00:00:00 2001
From: Serghei Mihai <smihai@entrouvert.com>
Date: Wed, 27 May 2015 16:45:03 +0200
Subject: [PATCH] store card serial number in 'rrn' user attribute if defined
 (#7375)

---
 src/authentic2_beid/util.py  | 22 +++++++++++++++++++---
 src/authentic2_beid/views.py |  4 +++-
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/src/authentic2_beid/util.py b/src/authentic2_beid/util.py
index bfe814b..1a0be9a 100644
--- a/src/authentic2_beid/util.py
+++ b/src/authentic2_beid/util.py
@@ -1,3 +1,5 @@
+from authentic2.models import Attribute
+
 from authentic2.auth2_auth.auth2_ssl.util import SSLInfo as BaseSSLInfo
 from authentic2.auth2_auth.auth2_ssl.util import explode_dn
 
@@ -14,7 +16,21 @@ def get_x509_url(request):
     return 'https://%s:%s' % (request.get_host().split(':')[0],
                     app_settings.AUTH_PORT)
 
-def get_user_names(ssl_info):
+def get_dn(ssl_info):
     dn = ssl_info.get('subject_dn')
-    data = dict(explode_dn(dn))
-    return data['GN'].split(' ', 1)
+    return dict(explode_dn(dn))
+
+def get_user_names(ssl_info):
+    dn = get_dn(ssl_info)
+    return dn['GN'].split(' ', 1)
+
+def get_rrn(ssl_info):
+    dn = get_dn(ssl_info)
+    return dn['serialNumber']
+
+def set_rrn(user, ssl_info):
+    try:
+        rrn = Attribute.objects.get(name='rrn')
+        rrn.set_value(user, get_rrn(ssl_info))
+    except Attribute.DoesNotExist:
+        pass
diff --git a/src/authentic2_beid/views.py b/src/authentic2_beid/views.py
index 1d270ce..5b16235 100644
--- a/src/authentic2_beid/views.py
+++ b/src/authentic2_beid/views.py
@@ -14,7 +14,7 @@ from authentic2.utils import continue_to_next_url, redirect, redirect_to_login
 from authentic2.registration_backend.views import valid_token, RegistrationCompletionView
 
 from .backends import BeIDBackend
-from .util import SSLInfo, get_x509_url, get_user_names
+from .util import SSLInfo, get_x509_url, get_user_names, set_rrn
 
 logger = logging.getLogger(__name__)
 
@@ -40,6 +40,7 @@ def add_beid(request):
     if request.user.is_authenticated:
         ssl_info  = SSLInfo(request)
         if BeIDBackend().link_user(ssl_info, request.user):
+            set_rrn(request.user, ssl_info)
             logger.info('Successful linking of the SSL '
                'certificate to an account')
             messages.info(request, _('BeID card successfully linked to your account'))
@@ -97,6 +98,7 @@ class BeIDRegistrationCompletionView(RegistrationCompletionView):
     def form_valid(self, form):
         ret = super(BeIDRegistrationCompletionView, self).form_valid(form)
         if self.request.session.get('ssl_info'):
+            set_rrn(user, self.request.session['ssl_info'])
             cert = models.ClientCertificate(user=self.object)
             cert.__dict__.update(self.request.session['ssl_info'])
             cert.save()