root / logic / shibboleth.py @ dd53338a
History | View | Annotate | Download (1.3 kB)
1 |
#
|
---|---|
2 |
# Business Logic for working with sibbolleth users
|
3 |
#
|
4 |
# Copyright 2010 Greek Research and Technology Network
|
5 |
#
|
6 |
|
7 |
from synnefo.logic import users |
8 |
|
9 |
class Tokens: |
10 |
SIB_GIVEN_NAME = "givenName"
|
11 |
SIB_SN = "sn"
|
12 |
SIB_CN = "cn"
|
13 |
SIB_DISPLAY_NAME = "displayName"
|
14 |
SIB_EDU_PERSON_PRINCIPAL_NAME = "eduPersonPrincipalName"
|
15 |
SIB_EDU_PERSON_AFFILIATION = "eduPersonAffiliation"
|
16 |
SIB_SCHAC_HOME_ORGANISATION = "schacHomeOrganization"
|
17 |
SIB_SCHAC_PERSONAL_UNIQUE_CODE = "schacPersonalUniqueCode"
|
18 |
SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH = "grEduPersonUndergraduateBranch"
|
19 |
|
20 |
class NoUniqueToken(object): |
21 |
pass
|
22 |
|
23 |
def register_shibboleth_user(tokens): |
24 |
"""Registers a sibbolleth user using the input hash as a source for data.
|
25 |
The token requirements are described in this document
|
26 |
http://aai.grnet.gr/policy
|
27 |
"""
|
28 |
|
29 |
realname = tokens[Tokens.SIB_GIVEN_NAME] | tokens[Tokens.SIB_GIVEN_NAME] |
30 |
is_student = tokens[Tokens.SIB_SCHAC_PERSONAL_UNIQUE_CODE] | \ |
31 |
tokens[Tokens.SIB_GR_EDU_PERSON_UNDERGRADUATE_BRANCH] |
32 |
|
33 |
unq = tokens[Tokens.SIB_EDU_PERSON_PRINCIPAL_NAME] |
34 |
|
35 |
if unq is None: |
36 |
raise NoUniqueToken
|
37 |
|
38 |
if is_student:
|
39 |
users.register_student(realname, '' ,unq)
|
40 |
else :
|
41 |
users.register_professor(realname, '' ,unq)
|