From 972023c263eac000d284adbeb61b460e6323bf60 Mon Sep 17 00:00:00 2001 From: Paul Marillonnet Date: Fri, 13 Oct 2017 19:42:49 +0200 Subject: [PATCH] POC Campus Condorcet : genericisation IdP lambda de la federation RENATER --- django/sp_sso/invite/views.py | 5 ++--- django/sp_sso/saml/models.py | 2 ++ django/sp_sso/saml/utils.py | 14 +++----------- django/sp_sso/saml/views.py | 17 ++++++++--------- django/sp_sso/sp_sso/settings.py | 24 ++++++++++++------------ django/sp_sso/sp_sso/views.py | 12 ++++++------ 6 files changed, 33 insertions(+), 41 deletions(-) diff --git a/django/sp_sso/invite/views.py b/django/sp_sso/invite/views.py index e446522..0098b86 100644 --- a/django/sp_sso/invite/views.py +++ b/django/sp_sso/invite/views.py @@ -39,12 +39,11 @@ class InvitationFormView(FormView): # User is logged in the identity provider if 'mellon_session' in self.request.session: - data = self.request.session['mellon_session'] # Fetch SSO attributes for attribute_key, attribute_value in \ get_invitaton_attributes_mapping().items(): - if data.get(attribute_key): - attribute_element = data.get(attribute_key)[0] + if hasattr(self.request.user, attribute_key): + attribute_element = getattr(self.request.user, attribute_key, '') initial[attribute_value] = attribute_element initial['hote_commentaire'] = '''EduPersonPrincipalName de diff --git a/django/sp_sso/saml/models.py b/django/sp_sso/saml/models.py index dcbab3c..f5f30fb 100644 --- a/django/sp_sso/saml/models.py +++ b/django/sp_sso/saml/models.py @@ -11,6 +11,8 @@ class SupAnnUser(AbstractUser): XXX mellon attributes are also stored in the session. (see the request.session['mellon_session'] dict) """ + prenom = models.CharField(max_length=100,default='user_eppn') + nom = models.CharField(max_length=100,default='user_eppn') # eduPerson attributes: ep_principal_name = models.CharField(max_length=100,default='user_eppn') ep_primary_affiliation = models.CharField(max_length=100, default="") diff --git a/django/sp_sso/saml/utils.py b/django/sp_sso/saml/utils.py index c84271e..7c9a372 100644 --- a/django/sp_sso/saml/utils.py +++ b/django/sp_sso/saml/utils.py @@ -58,13 +58,6 @@ def generate_eppn(lastname): """ return "%s-%06d@campus-condorcet.fr"%(lastname, randint(0,pow(10,6))) - -def craft_user_nickname(mellon_dict): - prenom = mellon_dict.get('prenom')[0] - nom = mellon_dict.get('nom')[0] - return " "+prenom+" "+nom - - def ldap_init(): # The server's hostname: server = "condorcet.dev.entrouvert.org" @@ -176,11 +169,10 @@ def saml_collect_data(request): form = {} # Build the SSO operation summary: - if 'mellon_session' in request.session: - data = request.session['mellon_session'] + if 'mellon_session' in request.session: for attribute in sso_attributes: - if data.get(attribute): - attribute_element = data.get(attribute)[0] + if hasattr(request.user, attribute): + attribute_element = getattr(request.user, attribute) form[attribute] = attribute_element return form diff --git a/django/sp_sso/saml/views.py b/django/sp_sso/saml/views.py index e863de6..ff56199 100644 --- a/django/sp_sso/saml/views.py +++ b/django/sp_sso/saml/views.py @@ -4,8 +4,7 @@ from django.utils.translation import ugettext_lazy as _, ugettext as ugt from .forms import RegistrationForm from .utils import ldap_contains_user, wcs_submit, sso_attributes, \ - craft_user_nickname, generate_eppn, \ - initial_from_tracking_code, render_message, \ + generate_eppn, initial_from_tracking_code, render_message, \ ldap_get_description_etablissements @@ -60,16 +59,16 @@ class RegistrationFormView(FormView): "submit your account request") if 'mellon_session' in self.request.session: - data = self.request.session['mellon_session'] for attribute in sso_attributes: - if data.get(attribute): - attribute_element = data.get(attribute)[0] + if hasattr(self.request.user, attribute): + attribute_element = getattr(self.request.user, attribute) initial[attribute] = attribute_element - initial['user_nickname'] = craft_user_nickname(data) - if data.get('s_etablissement', [None])[0]: - self.request.session['code_etablissement'] = data.get('s_etablissement')[0] + initial['user_nickname'] = ' %s %s' % (getattr(self.request.user, 'prenom', ''), + getattr(self.request.user, 'nom', '')) + if getattr(self.request.user, 's_etablissement', [None])[0]: + self.request.session['code_etablissement'] = getattr(self.request.user, 's_etablissement') initial['s_etablissement'] = ldap_get_description_etablissements( - data.get('s_etablissement')[0]) or data.get('s_etablissement')[0] + getattr(self.request.user, 's_etablissement')) or getattr(self.request.user,'s_etablissement') initial['yet_member'] = False return initial diff --git a/django/sp_sso/sp_sso/settings.py b/django/sp_sso/sp_sso/settings.py index acd3dfb..0e05966 100644 --- a/django/sp_sso/sp_sso/settings.py +++ b/django/sp_sso/sp_sso/settings.py @@ -74,18 +74,18 @@ LOGIN_URL = '/login/' LOGOUT_URL = '/logout/' MELLON_ATTRIBUTE_MAPPING = { - 'first_name': '{attributes[fname_test][0]}', - 'last_name': '{attributes[lname_test][0]}', - 'email' : '{attributes[email_test][0]}', - 'password' : '{attributes[password_test][0]}', - 'ep_principal_name' : '{attributes[ep_principal_name][0]}', - 's_etablissement' : '{attributes[s_etablissement][0]}', - 'ep_primary_affiliation' : '{attributes[ep_primary_affiliation][0]}', - 'ep_affiliation' : '{attributes[ep_affiliation][0]}', - 's_entite_affectation_principale' : '{attributes[s_entite_affectation_principale][0]}', - 's_entite_affectation' : '{attributes[s_entite_affectation][0]}', - 's_emp_corps' : '{attributes[s_emp_corps][0]}', - 's_liste_rouge' : '{attributes[s_liste_rouge][0]}', + 'prenom': 'urn:oid:2.5.4.42', # givenName + 'nom': 'urn:oid:2.5.4.4', # sn + 'email' : 'urn:oid:0.9.2342.19200300.100.1.3', # mail + 'password' : 'password', + 'ep_principal_name' : 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6', # eduPersonPrincipalName + 's_etablissement' : 'urn:oid:1.3.6.1.4.1.7135.1.2.1.14', # supannEtablissement + 'ep_primary_affiliation' : 'urn:oid:1.3.6.1.4.1.5923.1.1.1.5', # eduPersonPrimaryAffiliation + 'ep_affiliation' : 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1', # eduPersonPrimaryAffiliation + 's_entite_affectation_principale' : 'urn:oid:1.3.6.1.4.1.7135.1.2.1.13', # supannEntiteAffectationPrincipale + 's_entite_affectation' : 'urn:oid:1.3.6.1.4.1.7135.1.2.1.8', # supannEntiteAffectation + 's_emp_corps' : 'supannEmpCorps', # supannEmpCorps + 's_liste_rouge' : 'urn:oid:1.3.6.1.4.1.7135.1.2.1.1', # supannListeRouge } MELLON_SUPERUSER_MAPPING = { diff --git a/django/sp_sso/sp_sso/views.py b/django/sp_sso/sp_sso/views.py index 08b5161..acdfd93 100644 --- a/django/sp_sso/sp_sso/views.py +++ b/django/sp_sso/sp_sso/views.py @@ -8,8 +8,8 @@ from django.views.generic import FormView from mellon.utils import get_idps from saml.forms import RegistrationForm -from saml.utils import sso_attributes, craft_user_nickname, render_message, \ - ldap_contains_user, generate_eppn, wcs_submit +from saml.utils import sso_attributes, render_message, ldap_contains_user, \ + generate_eppn, wcs_submit from saml.views import MSG_USERNONE, wcs_fields, wcs_multiple_fields @@ -76,12 +76,12 @@ class Declare(FormView): initial = super(Declare, self).get_initial() if 'mellon_session' in self.request.session: - data = self.request.session['mellon_session'] for attribute in sso_attributes: - if data.get(attribute): - attribute_element = data.get(attribute)[0] + if hasattr(self.request.user, attribute): + attribute_element = getattr(self.request.user, attribute) initial[attribute] = attribute_element - initial['user_nickname'] = craft_user_nickname(data) + initial['user_nickname'] = u' %s %s' % (getattr(self.request.user, 'prenom', ''), + getattr(self.request.user, 'nom', '')) return initial def form_valid(self, form):