ajout des IdPS partenaires

2017-11-09 14:40:27 +01:00 · 2017-11-09 14:40:27 +01:00 · ce46ba96f9
parent e5b6481a15
commit ce46ba96f9
4 changed files with 13 additions and 17 deletions
--- a/django/sp_sso/saml/forms.py
+++ b/django/sp_sso/saml/forms.py
@ -2,8 +2,8 @@ from django.utils.translation import ugettext_lazy as _
 from django import forms
 from .utils import ldap_get_unites, ldap_get_etablissements, sso_attributes, \
    sso_select_attributes, sso_tupled_attributes, \
-    sso_strict_readonly_attributes, sso_needed_description_attributes, \
-    ldap_get_description_etablissements, ldap_get_description_unites
+    sso_strict_readonly_attributes, ldap_get_description_etablissements, \
+    ldap_get_description_unites


 AFFILIATION_CHOICES = (
@ -102,7 +102,7 @@ class RegistrationForm(forms.Form):
        code_unite =  kwargs['initial'].get('s_entite_affectation_principale', '')
        if code_unite != '':
            self.fields['s_entite_affectation_principale_description'].initial = ldap_get_description_unites(code_unite)
-        #User shouldn't be able to define this field
+        # User shouldn't be able to define this field
        self.fields['s_entite_affectation_principale_description'].widget.attrs['readonly'] = True

        code_hote_etablissement =  kwargs['initial'].get('hote_etablissement', '')
@ -113,7 +113,6 @@ class RegistrationForm(forms.Form):
        code_hote_unite =  kwargs['initial'].get('hote_unite', '')
        if code_hote_unite != '':
            self.fields['hote_unite'].choices = ((code_hote_unite, ldap_get_description_unites(code_hote_unite)),)
-        #User shouldn't be able to define this field
            self.fields['hote_unite'].widget.attrs['readonly'] = True
            self.fields['hote_etablissement'].widget.attrs['readonly'] = True

@ -152,8 +151,6 @@ class RegistrationForm(forms.Form):
        required=False, max_length=100, label=_("Institution"))
    s_etablissement_description  = forms.CharField(
        required=False, max_length=100, label=_("Institution"))
-    #invite_unite  = forms.CharField(
-    #    required=False, label=_("Research entity or unit"), initial='')
    # supannEntiteAffectationPrincipale
    s_entite_affectation_principale = forms.CharField(
        required=False, label=_("Unit"), initial='')
--- a/django/sp_sso/saml/views.py
+++ b/django/sp_sso/saml/views.py
@ -1,6 +1,6 @@
 import logging
 from django.views.generic import FormView
-from django.utils.translation import ugettext_lazy as _, ugettext as ugt
+from django.utils.translation import ugettext_lazy as _

 from .forms import RegistrationForm
 from .utils import ldap_contains_user, wcs_submit, sso_attributes, \
@ -8,7 +8,6 @@ from .utils import ldap_contains_user, wcs_submit, sso_attributes, \
                   ldap_get_description_etablissements


-
 MSG_WCS_POST = _("""Your account creation request has been sent.  An
                    email summing up your request has just been sent to you. It
                    contains all the information needed for you to follow up
--- a/django/sp_sso/sp_sso/settings.py
+++ b/django/sp_sso/sp_sso/settings.py
@ -54,8 +54,6 @@ TEMPLATE_DEBUG = True

 ALLOWED_HOSTS = ['localhost', 'sp-condorcet.dev.entrouvert.org']

-MELLON_HACK = True
-
 TEMPLATE_DIRS = (
    'templates',
 )
@ -91,14 +89,15 @@ MELLON_SUPERUSER_MAPPING = {
    'is_superuser': 'true',
 }

-
-MELLON_TRANSIENT_FEDERATION_ATTRIBUTE = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10'
+# The official Condorcet IdP uses a transient NameID attribute. It also
+# forwards on a eduTargetID.
+MELLON_TRANSIENT_FEDERATION_ATTRIBUTE = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10' # eduTargetID

 MELLON_IDENTITY_PROVIDERS = [
-{'METADATA_URL': 'http://idp-condorcet.dev.entrouvert.org/idp/saml2/metadata'},
-{'METADATA_URL': 'https://idp-campus-condorcet.renater.fr/idp/shibboleth'},
-{'METADATA_URL': 'https://shibboleth.ehess.fr/idp/shibboleth'},
-{'METADATA_URL': 'https://federation-identite.univ-paris13.fr/idp/shibboleth'}
+{'METADATA_URL': 'http://idp-condorcet.dev.entrouvert.org/idp/saml2/metadata'}, # PoC IdP
+{'METADATA_URL': 'https://idp-campus-condorcet.renater.fr/idp/shibboleth'}, # CC IdP
+{'METADATA_URL': 'https://shibboleth.ehess.fr/idp/shibboleth'}, # EHESS IdP
+{'METADATA_URL': 'https://federation-identite.univ-paris13.fr/idp/shibboleth'} # Paris 13 IdP
 ]

 MELLON_DISCOVERY_SERVICE_URL = "https://discovery.renater.fr/test"
--- a/django/sp_sso/sp_sso/urls.py
+++ b/django/sp_sso/sp_sso/urls.py
@ -6,6 +6,7 @@ from saml.decorators import user_can_declare, user_not_in_ldap
 from saml import views as samlviews
 from django.contrib.auth.decorators import login_required

+project_name = 'sp_sso'
 urlpatterns = [
    url(r'^admin/', include(admin.site.urls)),
    url(r'^register/', include('saml.urls')),
@ -14,7 +15,7 @@ urlpatterns = [
    url(r'^declare/$', login_required(user_can_declare(views.declare)), name="declare"),
    url(r'^declare/subscribed/$', views.subscribed, name='subscribed'),
    url(r'^$', views.index),
-    url(r'^accounts/mellon/', include('mellon.urls')),
+    url(r'^accounts/mellon/', include('mellon.urls'), {'project_name': project_name}),
    url(r'^logout/$', views.logout, name='auth_logout'),
    url(r'^login/$', views.login, name='auth_login'),
    url(r'^logged_in/', views.logged_in, name='auth_logged_in'),