POC Campus Condorcet : genericisation IdP lambda de la federation RENATER

2017-10-13 19:42:49 +02:00 · 2017-10-13 19:42:49 +02:00 · 972023c263
parent dc46c9474c
commit 972023c263
6 changed files with 33 additions and 41 deletions
--- a/django/sp_sso/invite/views.py
+++ b/django/sp_sso/invite/views.py
@ -39,12 +39,11 @@ class InvitationFormView(FormView):
        # User is logged in the identity provider
        if 'mellon_session' in self.request.session:

-            data = self.request.session['mellon_session']
            # Fetch SSO attributes
            for attribute_key, attribute_value in \
                    get_invitaton_attributes_mapping().items():
-                if data.get(attribute_key):
-                    attribute_element = data.get(attribute_key)[0]
+                if hasattr(self.request.user, attribute_key):
+                    attribute_element = getattr(self.request.user, attribute_key, '')
                    initial[attribute_value] = attribute_element

            initial['hote_commentaire'] = '''EduPersonPrincipalName de 
--- a/django/sp_sso/saml/models.py
+++ b/django/sp_sso/saml/models.py
@ -11,6 +11,8 @@ class SupAnnUser(AbstractUser):
    XXX mellon attributes are also stored in the session.
    (see the request.session['mellon_session'] dict)
    """
+    prenom = models.CharField(max_length=100,default='user_eppn')
+    nom = models.CharField(max_length=100,default='user_eppn')
    # eduPerson attributes:
    ep_principal_name = models.CharField(max_length=100,default='user_eppn')
    ep_primary_affiliation = models.CharField(max_length=100, default="")
--- a/django/sp_sso/saml/utils.py
+++ b/django/sp_sso/saml/utils.py
@ -58,13 +58,6 @@ def generate_eppn(lastname):
    """
    return "%s-%06d@campus-condorcet.fr"%(lastname, randint(0,pow(10,6)))

-
-def craft_user_nickname(mellon_dict):
-    prenom = mellon_dict.get('prenom')[0]
-    nom = mellon_dict.get('nom')[0]
-    return " "+prenom+" "+nom
-
-
 def ldap_init():
    # The server's hostname:
    server = "condorcet.dev.entrouvert.org"
@ -176,11 +169,10 @@ def saml_collect_data(request):
    form = {}

    # Build the SSO operation summary:
-    if 'mellon_session' in request.session: 
-        data = request.session['mellon_session']
+    if 'mellon_session' in request.session:
        for attribute in sso_attributes:
-            if data.get(attribute):
-                attribute_element = data.get(attribute)[0]
+            if hasattr(request.user, attribute):
+                attribute_element = getattr(request.user, attribute)
                form[attribute] = attribute_element

    return form
--- a/django/sp_sso/saml/views.py
+++ b/django/sp_sso/saml/views.py
@ -4,8 +4,7 @@ from django.utils.translation import ugettext_lazy as _, ugettext as ugt

 from .forms import RegistrationForm
 from .utils import ldap_contains_user, wcs_submit, sso_attributes, \
-                   craft_user_nickname, generate_eppn, \
-                   initial_from_tracking_code, render_message, \
+                   generate_eppn, initial_from_tracking_code, render_message, \
                   ldap_get_description_etablissements


@ -60,16 +59,16 @@ class RegistrationFormView(FormView):
                                         "submit your account request")

        if 'mellon_session' in self.request.session:
-            data = self.request.session['mellon_session']
            for attribute in sso_attributes:
-                if data.get(attribute):
-                    attribute_element = data.get(attribute)[0]
+                if hasattr(self.request.user, attribute):
+                    attribute_element = getattr(self.request.user, attribute)
                    initial[attribute] = attribute_element
-            initial['user_nickname'] = craft_user_nickname(data)
-            if data.get('s_etablissement', [None])[0]:
-                self.request.session['code_etablissement'] = data.get('s_etablissement')[0]
+            initial['user_nickname'] = ' %s %s' % (getattr(self.request.user, 'prenom', ''),
+                                                   getattr(self.request.user, 'nom', ''))
+            if getattr(self.request.user, 's_etablissement', [None])[0]:
+                self.request.session['code_etablissement'] = getattr(self.request.user, 's_etablissement')
                initial['s_etablissement'] = ldap_get_description_etablissements(
-                        data.get('s_etablissement')[0]) or data.get('s_etablissement')[0]
+                        getattr(self.request.user, 's_etablissement')) or getattr(self.request.user,'s_etablissement')
        initial['yet_member'] = False
        return initial

--- a/django/sp_sso/sp_sso/settings.py
+++ b/django/sp_sso/sp_sso/settings.py
@ -74,18 +74,18 @@ LOGIN_URL = '/login/'
 LOGOUT_URL = '/logout/'

 MELLON_ATTRIBUTE_MAPPING = {
-    'first_name': '{attributes[fname_test][0]}',
-    'last_name': '{attributes[lname_test][0]}',
-    'email' : '{attributes[email_test][0]}',
-    'password' : '{attributes[password_test][0]}',
-    'ep_principal_name' : '{attributes[ep_principal_name][0]}',
-    's_etablissement' : '{attributes[s_etablissement][0]}',
-    'ep_primary_affiliation' : '{attributes[ep_primary_affiliation][0]}',
-    'ep_affiliation' : '{attributes[ep_affiliation][0]}',
-    's_entite_affectation_principale' : '{attributes[s_entite_affectation_principale][0]}',
-    's_entite_affectation' : '{attributes[s_entite_affectation][0]}',
-    's_emp_corps' : '{attributes[s_emp_corps][0]}',
-    's_liste_rouge' : '{attributes[s_liste_rouge][0]}',
+    'prenom': 'urn:oid:2.5.4.42', # givenName
+    'nom': 'urn:oid:2.5.4.4', # sn
+    'email' : 'urn:oid:0.9.2342.19200300.100.1.3', # mail
+    'password' : 'password',
+    'ep_principal_name' : 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6', # eduPersonPrincipalName
+    's_etablissement' : 'urn:oid:1.3.6.1.4.1.7135.1.2.1.14', # supannEtablissement
+    'ep_primary_affiliation' : 'urn:oid:1.3.6.1.4.1.5923.1.1.1.5', # eduPersonPrimaryAffiliation
+    'ep_affiliation' : 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1', # eduPersonPrimaryAffiliation
+    's_entite_affectation_principale' : 'urn:oid:1.3.6.1.4.1.7135.1.2.1.13', # supannEntiteAffectationPrincipale
+    's_entite_affectation' : 'urn:oid:1.3.6.1.4.1.7135.1.2.1.8', # supannEntiteAffectation
+    's_emp_corps' : 'supannEmpCorps', # supannEmpCorps
+    's_liste_rouge' : 'urn:oid:1.3.6.1.4.1.7135.1.2.1.1', # supannListeRouge
 }

 MELLON_SUPERUSER_MAPPING = {
--- a/django/sp_sso/sp_sso/views.py
+++ b/django/sp_sso/sp_sso/views.py
@ -8,8 +8,8 @@ from django.views.generic import FormView
 from mellon.utils import get_idps

 from saml.forms import RegistrationForm
-from saml.utils import sso_attributes, craft_user_nickname, render_message, \
-        ldap_contains_user, generate_eppn, wcs_submit
+from saml.utils import sso_attributes, render_message, ldap_contains_user, \
+                       generate_eppn, wcs_submit

 from saml.views import MSG_USERNONE, wcs_fields, wcs_multiple_fields

@ -76,12 +76,12 @@ class Declare(FormView):
        initial = super(Declare, self).get_initial()

        if 'mellon_session' in self.request.session:
-            data = self.request.session['mellon_session']
            for attribute in sso_attributes:
-                if data.get(attribute):
-                    attribute_element = data.get(attribute)[0]
+                if hasattr(self.request.user, attribute):
+                    attribute_element = getattr(self.request.user, attribute)
                    initial[attribute] = attribute_element
-            initial['user_nickname'] = craft_user_nickname(data)
+            initial['user_nickname'] = u' %s %s' % (getattr(self.request.user, 'prenom', ''),
+                                                    getattr(self.request.user, 'nom', ''))
        return initial

    def form_valid(self, form):