Commit f265c938 authored by Kostas Papadimitriou's avatar Kostas Papadimitriou
Browse files

Configurable shibboleth provider strict mode

shibboleth provider can now be configured whether or not to require
additional provider information.
parent d5fd7ee7
......@@ -100,6 +100,9 @@ class AuthProvider(object):
def get_setting(self, name, default=None):
attr = 'ASTAKOS_AUTH_PROVIDER_%s_%s' % (self.module.upper(), name.upper())
attr_sec = 'ASTAKOS_%s_%s' % (self.module.upper(), name.upper())
if not hasattr(settings, attr):
return getattr(settings, attr_sec, default)
return getattr(settings, attr, default)
def is_available_for_login(self):
......
......@@ -271,3 +271,8 @@ RESOURCES_PRESENTATION_DATA = getattr(
# Permit local account migration
ENABLE_LOCAL_ACCOUNT_MIGRATION = getattr(settings, 'ASTAKOS_ENABLE_LOCAL_ACCOUNT_MIGRATION', True)
# Strict shibboleth usage
SHIBBOLETH_REQUIRE_NAME_INFO = getattr(settings,
'ASTAKOS_SHIBBOLETH_REQUIRE_NAME_INFO',
False)
......@@ -95,7 +95,11 @@ def login(
elif Tokens.SHIB_NAME in tokens and Tokens.SHIB_SURNAME in tokens:
realname = tokens[Tokens.SHIB_NAME] + ' ' + tokens[Tokens.SHIB_SURNAME]
else:
realname = ''
print settings.SHIBBOLETH_REQUIRE_NAME_INFO, "LALALALAL"
if settings.SHIBBOLETH_REQUIRE_NAME_INFO:
raise KeyError(_(astakos_messages.SHIBBOLETH_MISSING_NAME))
else:
realname = ''
except KeyError, e:
# invalid shibboleth headers, redirect to login, display message
messages.error(request, e.message)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment