From dbfd4179f428a1f71f8a8f8ebed44ea668cc5bd8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Sun, 11 Mar 2018 10:45:09 +0100
Subject: [PATCH] saml: add support for provisionning date fields (#22445)

---
 tests/test_saml_auth.py |  4 ++++
 wcs/qommon/saml2.py     | 20 +++++++++++++++++---
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/tests/test_saml_auth.py b/tests/test_saml_auth.py
index c391bca7b..4a81ce60d 100644
--- a/tests/test_saml_auth.py
+++ b/tests/test_saml_auth.py
@@ -139,6 +139,9 @@ def get_authn_response_msg(pub, ni_format=lasso.SAML2_NAME_IDENTIFIER_FORMAT_PER
     value = lasso.MiscTextNode.newWithString('john.doe@example.com')
     value.textChild = True
     login.assertion.addAttributeWithNode('email', lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC, value)
+    value = lasso.MiscTextNode.newWithString('2000-01-01')
+    value.textChild = True
+    login.assertion.addAttributeWithNode('birthdate', lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC, value)
     for a_name in ['first_name', 'last_name', 'email']:
         value = lasso.MiscTextNode.newWithString(a_name)
         value.textChild = True
@@ -212,6 +215,7 @@ def test_assertion_consumer_existing_federation(pub):
     user = pub.user_class.select()[0]
     assert user.verified_fields
     assert len(user.verified_fields) == 3
+    assert user.form_data['_birthdate'].tm_year == 2000
 
     req = HTTPRequest(None, {
         'SERVER_NAME': 'example.net',
diff --git a/wcs/qommon/saml2.py b/wcs/qommon/saml2.py
index b85653187..7c0fe696a 100644
--- a/wcs/qommon/saml2.py
+++ b/wcs/qommon/saml2.py
@@ -478,12 +478,26 @@ class Saml2Directory(Directory):
                     logger.info('taking user %s the admin rights', user.id)
                 save = True
         attribute_mapping = idp.get('attribute-mapping') or {}
+
+        from wcs.admin.settings import UserFieldsFormDef
+        formdef = UserFieldsFormDef(publisher=get_publisher())
+        if formdef:
+            dict_fields = {x.id: x for x in formdef.fields}
+        else:
+            dict_fields = {}
+
         if user.form_data is None:
             user.form_data = {}
         for key, field_id in attribute_mapping.iteritems():
-            if key in d and user.form_data.get(field_id) != d[key]:
-                user.form_data[field_id] = d[key]
-                logger.info('setting field %s of user %s to value %r', field_id, user.id, d[key])
+            if not key in d:
+                continue
+            field_value = d[key]
+            field = dict_fields.get(field_id)
+            if field and field_value and field.convert_value_from_anything:
+                field_value = field.convert_value_from_anything(field_value)
+            if user.form_data.get(field_id) != field_value:
+                user.form_data[field_id] = field_value
+                logger.info('setting field %s of user %s to value %r', field_id, user.id, field_value)
                 save = True
 
         # update user roles from role-slug