Revision 830747d2
| b/snf-astakos-app/astakos/im/auth_providers.py | ||
|---|---|---|
| 587 | 587 |
class ShibbolethAuthProvider(AuthProvider): |
| 588 | 588 |
module = 'shibboleth' |
| 589 | 589 |
login_view = 'astakos.im.views.target.shibboleth.login' |
| 590 |
username_key = 'identifier'
|
|
| 590 |
username_key = 'provider_info_eppn'
|
|
| 591 | 591 |
|
| 592 | 592 |
policies = {
|
| 593 | 593 |
'switch': False |
| b/snf-astakos-app/astakos/im/tests/auth.py | ||
|---|---|---|
| 131 | 131 |
# provider info stored |
| 132 | 132 |
provider = AstakosUserAuthProvider.objects.get(module="shibboleth") |
| 133 | 133 |
self.assertEqual(provider.affiliation, 'Test Affiliation') |
| 134 |
self.assertEqual(provider.info, {u'email': u'kpap@synnefo.org',
|
|
| 135 |
u'eppn': u'kpapeppn', |
|
| 136 |
u'name': u'Kostas Papadimitriou'}) |
|
| 134 |
self.assertEqual(provider.info['email'], u'kpap@synnefo.org') |
|
| 135 |
self.assertEqual(provider.info['eppn'], u'kpapeppn') |
|
| 136 |
self.assertEqual(provider.info['name'], u'Kostas Papadimitriou') |
|
| 137 |
self.assertTrue('headers' in provider.info)
|
|
| 137 | 138 |
|
| 138 | 139 |
# login (not activated yet) |
| 139 | 140 |
client.set_tokens(mail="kpap@synnefo.org", eppn="kpapeppn", |
| 140 |
cn="Kostas Papadimitriou", )
|
|
| 141 |
cn="Kostas Papadimitriou") |
|
| 141 | 142 |
r = client.get(ui_url("login/shibboleth?"), follow=True)
|
| 142 | 143 |
self.assertContains(r, 'is pending moderation') |
| 143 | 144 |
|
| b/snf-astakos-app/astakos/im/views/target/__init__.py | ||
|---|---|---|
| 157 | 157 |
if not affiliation: |
| 158 | 158 |
affiliation = provider_module.title() |
| 159 | 159 |
|
| 160 |
next_redirect = request.GET.get('next', request.session.get('next_url', None))
|
|
| 160 |
next_redirect = request.GET.get('next', request.session.get('next_url',
|
|
| 161 |
None)) |
|
| 161 | 162 |
if 'next_url' in request.session: |
| 162 | 163 |
del request.session['next_url'] |
| 163 | 164 |
|
| ... | ... | |
| 168 | 169 |
'affiliation': affiliation, |
| 169 | 170 |
'info': provider_info |
| 170 | 171 |
} |
| 172 |
|
|
| 171 | 173 |
provider = auth.get_provider(provider_module, request.user, identifier, |
| 172 | 174 |
**provider_data) |
| 173 | 175 |
|
| b/snf-astakos-app/astakos/im/views/target/shibboleth.py | ||
|---|---|---|
| 61 | 61 |
SHIB_EP_AFFILIATION = "HTTP_SHIB_EP_AFFILIATION" |
| 62 | 62 |
SHIB_SESSION_ID = "HTTP_SHIB_SESSION_ID" |
| 63 | 63 |
SHIB_MAIL = "HTTP_SHIB_MAIL" |
| 64 |
SHIB_REMOTE_USER = "HTTP_REMOTE_USER" |
|
| 64 | 65 |
|
| 65 | 66 |
|
| 66 | 67 |
@requires_auth_provider('shibboleth')
|
| ... | ... | |
| 80 | 81 |
shibboleth_headers = {}
|
| 81 | 82 |
for token in dir(Tokens): |
| 82 | 83 |
if token == token.upper(): |
| 83 |
|
|
| 84 | 84 |
shibboleth_headers[token] = request.META.get(getattr(Tokens, |
| 85 | 85 |
token), |
| 86 | 86 |
'NOT_SET') |
| ... | ... | |
| 91 | 91 |
|
| 92 | 92 |
try: |
| 93 | 93 |
eppn = tokens.get(Tokens.SHIB_EPPN) |
| 94 |
|
|
| 94 | 95 |
if global_settings.DEBUG and not eppn: |
| 95 | 96 |
eppn = getattr(global_settings, 'SHIBBOLETH_TEST_EPPN', None) |
| 96 | 97 |
realname = getattr(global_settings, 'SHIBBOLETH_TEST_REALNAME', |
| ... | ... | |
| 120 | 121 |
|
| 121 | 122 |
affiliation = tokens.get(Tokens.SHIB_EP_AFFILIATION, 'Shibboleth') |
| 122 | 123 |
email = tokens.get(Tokens.SHIB_MAIL, '') |
| 123 |
provider_info = {'eppn': eppn, 'email': email, 'name': realname}
|
|
| 124 |
eppn_info = tokens.get(Tokens.SHIB_EPPN) |
|
| 125 |
provider_info = {'eppn': eppn_info, 'email': email, 'name': realname,
|
|
| 126 |
'headers': shibboleth_headers} |
|
| 124 | 127 |
userid = eppn |
| 125 | 128 |
|
| 126 | 129 |
|
Also available in: Unified diff