saml: add support for provisionning date fields (#22445)
This commit is contained in:
parent
8ef533d0e3
commit
dbfd4179f4
|
@ -139,6 +139,9 @@ def get_authn_response_msg(pub, ni_format=lasso.SAML2_NAME_IDENTIFIER_FORMAT_PER
|
|||
value = lasso.MiscTextNode.newWithString('john.doe@example.com')
|
||||
value.textChild = True
|
||||
login.assertion.addAttributeWithNode('email', lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC, value)
|
||||
value = lasso.MiscTextNode.newWithString('2000-01-01')
|
||||
value.textChild = True
|
||||
login.assertion.addAttributeWithNode('birthdate', lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC, value)
|
||||
for a_name in ['first_name', 'last_name', 'email']:
|
||||
value = lasso.MiscTextNode.newWithString(a_name)
|
||||
value.textChild = True
|
||||
|
@ -212,6 +215,7 @@ def test_assertion_consumer_existing_federation(pub):
|
|||
user = pub.user_class.select()[0]
|
||||
assert user.verified_fields
|
||||
assert len(user.verified_fields) == 3
|
||||
assert user.form_data['_birthdate'].tm_year == 2000
|
||||
|
||||
req = HTTPRequest(None, {
|
||||
'SERVER_NAME': 'example.net',
|
||||
|
|
|
@ -478,12 +478,26 @@ class Saml2Directory(Directory):
|
|||
logger.info('taking user %s the admin rights', user.id)
|
||||
save = True
|
||||
attribute_mapping = idp.get('attribute-mapping') or {}
|
||||
|
||||
from wcs.admin.settings import UserFieldsFormDef
|
||||
formdef = UserFieldsFormDef(publisher=get_publisher())
|
||||
if formdef:
|
||||
dict_fields = {x.id: x for x in formdef.fields}
|
||||
else:
|
||||
dict_fields = {}
|
||||
|
||||
if user.form_data is None:
|
||||
user.form_data = {}
|
||||
for key, field_id in attribute_mapping.iteritems():
|
||||
if key in d and user.form_data.get(field_id) != d[key]:
|
||||
user.form_data[field_id] = d[key]
|
||||
logger.info('setting field %s of user %s to value %r', field_id, user.id, d[key])
|
||||
if not key in d:
|
||||
continue
|
||||
field_value = d[key]
|
||||
field = dict_fields.get(field_id)
|
||||
if field and field_value and field.convert_value_from_anything:
|
||||
field_value = field.convert_value_from_anything(field_value)
|
||||
if user.form_data.get(field_id) != field_value:
|
||||
user.form_data[field_id] = field_value
|
||||
logger.info('setting field %s of user %s to value %r', field_id, user.id, field_value)
|
||||
save = True
|
||||
|
||||
# update user roles from role-slug
|
||||
|
|
Loading…
Reference in New Issue