Commit 435b12a6 authored by Kostas Papadimitriou's avatar Kostas Papadimitriou
Browse files

astakos: Shibboleth improvements

- include shibboleth headers in provider_details
- display eppn instead of identifier in profile
parent b099850a
......@@ -587,7 +587,7 @@ class LocalAuthProvider(AuthProvider):
class ShibbolethAuthProvider(AuthProvider):
module = 'shibboleth'
login_view = 'astakos.im.views.target.shibboleth.login'
username_key = 'identifier'
username_key = 'provider_info_eppn'
policies = {
'switch': False
......
......@@ -131,13 +131,14 @@ class ShibbolethTests(TestCase):
# provider info stored
provider = AstakosUserAuthProvider.objects.get(module="shibboleth")
self.assertEqual(provider.affiliation, 'Test Affiliation')
self.assertEqual(provider.info, {u'email': u'kpap@synnefo.org',
u'eppn': u'kpapeppn',
u'name': u'Kostas Papadimitriou'})
self.assertEqual(provider.info['email'], u'kpap@synnefo.org')
self.assertEqual(provider.info['eppn'], u'kpapeppn')
self.assertEqual(provider.info['name'], u'Kostas Papadimitriou')
self.assertTrue('headers' in provider.info)
# login (not activated yet)
client.set_tokens(mail="kpap@synnefo.org", eppn="kpapeppn",
cn="Kostas Papadimitriou", )
cn="Kostas Papadimitriou")
r = client.get(ui_url("login/shibboleth?"), follow=True)
self.assertContains(r, 'is pending moderation')
......
......@@ -157,7 +157,8 @@ def handle_third_party_login(request, provider_module, identifier,
if not affiliation:
affiliation = provider_module.title()
next_redirect = request.GET.get('next', request.session.get('next_url', None))
next_redirect = request.GET.get('next', request.session.get('next_url',
None))
if 'next_url' in request.session:
del request.session['next_url']
......@@ -168,6 +169,7 @@ def handle_third_party_login(request, provider_module, identifier,
'affiliation': affiliation,
'info': provider_info
}
provider = auth.get_provider(provider_module, request.user, identifier,
**provider_data)
......
......@@ -61,6 +61,7 @@ class Tokens:
SHIB_EP_AFFILIATION = "HTTP_SHIB_EP_AFFILIATION"
SHIB_SESSION_ID = "HTTP_SHIB_SESSION_ID"
SHIB_MAIL = "HTTP_SHIB_MAIL"
SHIB_REMOTE_USER = "HTTP_REMOTE_USER"
@requires_auth_provider('shibboleth')
......@@ -80,7 +81,6 @@ def login(
shibboleth_headers = {}
for token in dir(Tokens):
if token == token.upper():
shibboleth_headers[token] = request.META.get(getattr(Tokens,
token),
'NOT_SET')
......@@ -91,6 +91,7 @@ def login(
try:
eppn = tokens.get(Tokens.SHIB_EPPN)
if global_settings.DEBUG and not eppn:
eppn = getattr(global_settings, 'SHIBBOLETH_TEST_EPPN', None)
realname = getattr(global_settings, 'SHIBBOLETH_TEST_REALNAME',
......@@ -120,7 +121,9 @@ def login(
affiliation = tokens.get(Tokens.SHIB_EP_AFFILIATION, 'Shibboleth')
email = tokens.get(Tokens.SHIB_MAIL, '')
provider_info = {'eppn': eppn, 'email': email, 'name': realname}
eppn_info = tokens.get(Tokens.SHIB_EPPN)
provider_info = {'eppn': eppn_info, 'email': email, 'name': realname,
'headers': shibboleth_headers}
userid = eppn
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment