auth_fc: discard phone- & address-related GLC custom claims (#71900)

Authentic2 mainline, since #71868, does not try to ask for unexistent 'phone' & 'address' FranceConnect scopes. Trying to derive custom claims from these two scopes here is therefore useless.
2022-12-01 09:12:37 +01:00 · 2022-12-01 09:12:37 +01:00 · 267f011af8
parent 359ecaacef
commit 267f011af8
4 changed files with 14 additions and 60 deletions
--- a/src/authentic2_cut/apps.py
+++ b/src/authentic2_cut/apps.py
@ -339,20 +339,6 @@ class AppConfig(django.apps.AppConfig):
            serializer.fields['creation_partner'].read_only = True
            serializer.fields['creation_domain'].read_only = True

-            def get_address_fc(obj):
-                if obj.fc_accounts.all():
-                    return obj.fc_accounts.all()[0].get_user_info().get('address')
-
-            serializer.get_address_fc = get_address_fc
-            serializer.fields['address_fc'] = serializers.SerializerMethodField()
-
-            def get_phone_number_fc(obj):
-                if obj.fc_accounts.all():
-                    return obj.fc_accounts.all()[0].get_user_info().get('phone_number')
-
-            serializer.get_phone_number_fc = get_phone_number_fc
-            serializer.fields['phone_number_fc'] = serializers.SerializerMethodField()
-
            # override serializer.create to set the creation mode
            old_create = serializer.create

@ -579,13 +565,6 @@ class AppConfig(django.apps.AppConfig):
                    fc_user_info = json.loads(user.fc_accounts.all()[0].user_info)
                except ValueError:
                    fc_user_info = {}
-                address = fc_user_info.get('address')
-                if isinstance(address, dict):
-                    for key, value in address.items():
-                        user_info['address_fc_%s' % key] = value
-                else:
-                    user_info['address_fc_formatted'] = address
-                user_info['phone_number_fc'] = fc_user_info.get('phone_number')

    def a2_hook_event(self, name, **kwargs):
        method_name = 'cut_event_' + name.replace('-', '_')
--- a/src/authentic2_cut/custom_settings.py
+++ b/src/authentic2_cut/custom_settings.py
@ -80,8 +80,6 @@ A2_FC_USER_INFO_MAPPINGS = {
        'ref': 'preferred_username',
        'if-empty': True,
    },
-    'address': 'address.formatted',
-    'phone': 'phone',
    'email': {
        'ref': 'email',
        'if-empty': True,
@ -94,7 +92,7 @@ A2_FC_USER_INFO_MAPPINGS = {
    },
 }

-A2_FC_SCOPES = ['openid', 'identite_pivot', 'email', 'address', 'phone']
+A2_FC_SCOPES = ['openid', 'identite_pivot', 'email']

 TEMPLATE_VARS = {
    "help_url": 'https://support.grandlyon.com/glc/',
--- a/src/authentic2_cut/fixtures/cut_attributes.json
+++ b/src/authentic2_cut/fixtures/cut_attributes.json
@ -503,42 +503,6 @@
      },
      "pk" : 31
   },
-   {
-      "model" : "authentic2.attribute",
-      "fields" : {
-         "asked_on_registration" : false,
-         "label" : "Adresse FranceConnect",
-         "required" : false,
-         "name" : "address",
-         "user_editable" : false,
-         "description" : "",
-         "disabled" : false,
-         "searchable" : false,
-         "order" : 26,
-         "user_visible" : false,
-         "multiple" : false,
-         "kind" : "string"
-      },
-      "pk" : 32
-   },
-   {
-      "model" : "authentic2.attribute",
-      "fields" : {
-         "asked_on_registration" : false,
-         "label" : "Téléphone FranceConnect",
-         "required" : false,
-         "name" : "phone",
-         "user_editable" : false,
-         "description" : "",
-         "disabled" : false,
-         "searchable" : false,
-         "order" : 26,
-         "user_visible" : false,
-         "multiple" : false,
-         "kind" : "string"
-      },
-      "pk" : 33
-   },
   {
      "pk" : 34,
      "model" : "authentic2.attribute",
--- a/tests/test_hooks.py
+++ b/tests/test_hooks.py
@ -62,6 +62,13 @@ def test_a2_hook_idp_oidc_modify_user_info(db, rf, app):
    assert user_info['last_name'] == 'Doe'
    assert user_info['family_name'] == 'Doe'

+    # phone- & address-related user information is not provided by FC by any means
+    assert 'phone' not in user_info
+    assert 'address' not in user_info
+    for claim, value in user_info.items():
+        if claim.endswith('_phone') or claim.startswith('address_'):
+            assert value is None
+
    profile_type = ProfileType.objects.create(
        name="Mandataire",
        slug="mandataire",
@ -84,3 +91,9 @@ def test_a2_hook_idp_oidc_modify_user_info(db, rf, app):
    assert user_info['email'] == 'abc@ad.dre.ss'
    assert user_info['first_name'] == 'Original first name'
    assert user_info['last_name'] == 'Original last name'
+
+    assert 'phone' not in user_info
+    assert 'address' not in user_info
+    for claim, value in user_info.items():
+        if claim.endswith('_phone') or claim.startswith('address_'):
+            assert value is None