auth_fc: discard phone- & address-related GLC custom claims (#71900)
Authentic2 mainline, since #71868, does not try to ask for unexistent 'phone' & 'address' FranceConnect scopes. Trying to derive custom claims from these two scopes here is therefore useless.
This commit is contained in:
parent
359ecaacef
commit
267f011af8
|
@ -339,20 +339,6 @@ class AppConfig(django.apps.AppConfig):
|
|||
serializer.fields['creation_partner'].read_only = True
|
||||
serializer.fields['creation_domain'].read_only = True
|
||||
|
||||
def get_address_fc(obj):
|
||||
if obj.fc_accounts.all():
|
||||
return obj.fc_accounts.all()[0].get_user_info().get('address')
|
||||
|
||||
serializer.get_address_fc = get_address_fc
|
||||
serializer.fields['address_fc'] = serializers.SerializerMethodField()
|
||||
|
||||
def get_phone_number_fc(obj):
|
||||
if obj.fc_accounts.all():
|
||||
return obj.fc_accounts.all()[0].get_user_info().get('phone_number')
|
||||
|
||||
serializer.get_phone_number_fc = get_phone_number_fc
|
||||
serializer.fields['phone_number_fc'] = serializers.SerializerMethodField()
|
||||
|
||||
# override serializer.create to set the creation mode
|
||||
old_create = serializer.create
|
||||
|
||||
|
@ -579,13 +565,6 @@ class AppConfig(django.apps.AppConfig):
|
|||
fc_user_info = json.loads(user.fc_accounts.all()[0].user_info)
|
||||
except ValueError:
|
||||
fc_user_info = {}
|
||||
address = fc_user_info.get('address')
|
||||
if isinstance(address, dict):
|
||||
for key, value in address.items():
|
||||
user_info['address_fc_%s' % key] = value
|
||||
else:
|
||||
user_info['address_fc_formatted'] = address
|
||||
user_info['phone_number_fc'] = fc_user_info.get('phone_number')
|
||||
|
||||
def a2_hook_event(self, name, **kwargs):
|
||||
method_name = 'cut_event_' + name.replace('-', '_')
|
||||
|
|
|
@ -80,8 +80,6 @@ A2_FC_USER_INFO_MAPPINGS = {
|
|||
'ref': 'preferred_username',
|
||||
'if-empty': True,
|
||||
},
|
||||
'address': 'address.formatted',
|
||||
'phone': 'phone',
|
||||
'email': {
|
||||
'ref': 'email',
|
||||
'if-empty': True,
|
||||
|
@ -94,7 +92,7 @@ A2_FC_USER_INFO_MAPPINGS = {
|
|||
},
|
||||
}
|
||||
|
||||
A2_FC_SCOPES = ['openid', 'identite_pivot', 'email', 'address', 'phone']
|
||||
A2_FC_SCOPES = ['openid', 'identite_pivot', 'email']
|
||||
|
||||
TEMPLATE_VARS = {
|
||||
"help_url": 'https://support.grandlyon.com/glc/',
|
||||
|
|
|
@ -503,42 +503,6 @@
|
|||
},
|
||||
"pk" : 31
|
||||
},
|
||||
{
|
||||
"model" : "authentic2.attribute",
|
||||
"fields" : {
|
||||
"asked_on_registration" : false,
|
||||
"label" : "Adresse FranceConnect",
|
||||
"required" : false,
|
||||
"name" : "address",
|
||||
"user_editable" : false,
|
||||
"description" : "",
|
||||
"disabled" : false,
|
||||
"searchable" : false,
|
||||
"order" : 26,
|
||||
"user_visible" : false,
|
||||
"multiple" : false,
|
||||
"kind" : "string"
|
||||
},
|
||||
"pk" : 32
|
||||
},
|
||||
{
|
||||
"model" : "authentic2.attribute",
|
||||
"fields" : {
|
||||
"asked_on_registration" : false,
|
||||
"label" : "Téléphone FranceConnect",
|
||||
"required" : false,
|
||||
"name" : "phone",
|
||||
"user_editable" : false,
|
||||
"description" : "",
|
||||
"disabled" : false,
|
||||
"searchable" : false,
|
||||
"order" : 26,
|
||||
"user_visible" : false,
|
||||
"multiple" : false,
|
||||
"kind" : "string"
|
||||
},
|
||||
"pk" : 33
|
||||
},
|
||||
{
|
||||
"pk" : 34,
|
||||
"model" : "authentic2.attribute",
|
||||
|
|
|
@ -62,6 +62,13 @@ def test_a2_hook_idp_oidc_modify_user_info(db, rf, app):
|
|||
assert user_info['last_name'] == 'Doe'
|
||||
assert user_info['family_name'] == 'Doe'
|
||||
|
||||
# phone- & address-related user information is not provided by FC by any means
|
||||
assert 'phone' not in user_info
|
||||
assert 'address' not in user_info
|
||||
for claim, value in user_info.items():
|
||||
if claim.endswith('_phone') or claim.startswith('address_'):
|
||||
assert value is None
|
||||
|
||||
profile_type = ProfileType.objects.create(
|
||||
name="Mandataire",
|
||||
slug="mandataire",
|
||||
|
@ -84,3 +91,9 @@ def test_a2_hook_idp_oidc_modify_user_info(db, rf, app):
|
|||
assert user_info['email'] == 'abc@ad.dre.ss'
|
||||
assert user_info['first_name'] == 'Original first name'
|
||||
assert user_info['last_name'] == 'Original last name'
|
||||
|
||||
assert 'phone' not in user_info
|
||||
assert 'address' not in user_info
|
||||
for claim, value in user_info.items():
|
||||
if claim.endswith('_phone') or claim.startswith('address_'):
|
||||
assert value is None
|
||||
|
|
Loading…
Reference in New Issue