| 14 |
14 |
# You should have received a copy of the GNU Affero General Public License
|
| 15 |
15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
| 16 |
16 |
|
|
17 |
from collections import OrderedDict
|
|
18 |
|
| 17 |
19 |
from django import forms
|
| 18 |
20 |
from django.contrib import admin
|
| 19 |
|
from django.forms.widgets import Select
|
|
21 |
from django.utils.translation import ugettext as _
|
| 20 |
22 |
|
| 21 |
|
from authentic2.attributes_ng.engine import get_attribute_names
|
|
23 |
from authentic2.models import Attribute
|
|
24 |
from authentic2.custom_user.models import User
|
| 22 |
25 |
from authentic2.forms.widgets import DatalistTextInput
|
| 23 |
26 |
|
| 24 |
27 |
from . import models
|
| 25 |
28 |
|
| 26 |
29 |
|
| 27 |
|
|
| 28 |
30 |
class OIDCClaimMappingForm(forms.ModelForm):
|
| 29 |
31 |
def __init__(self, *args, **kwargs):
|
| 30 |
32 |
super(OIDCClaimMappingForm, self).__init__(*args, **kwargs)
|
| 31 |
33 |
claim_widget = self.fields['claim'].widget
|
| 32 |
34 |
# fill datalist with standard claims from
|
| 33 |
35 |
# https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
|
| 34 |
|
claim_widget.data = ('sub', 'name', 'given_name', 'family_name', 'nickname'
|
| 35 |
|
'preferred_username', 'profile', 'picture', 'website', 'email',
|
| 36 |
|
'email_verified', 'gender', 'birthdate', 'zoneinfo', 'locale',
|
| 37 |
|
'phone_number', 'phone_number_verified', 'address',
|
| 38 |
|
'updated_at')
|
|
36 |
claim_widget.data = ('sub', 'name', 'given_name', 'family_name',
|
|
37 |
'nickname' 'preferred_username', 'profile',
|
|
38 |
'picture', 'website', 'email', 'email_verified',
|
|
39 |
'gender', 'birthdate', 'zoneinfo', 'locale',
|
|
40 |
'phone_number', 'phone_number_verified',
|
|
41 |
'address', 'updated_at')
|
| 39 |
42 |
claim_widget.name = 'list__oidcclaim-mapping-inline'
|
| 40 |
43 |
claim_widget.attrs.update({'list': 'list__oidcclaim-mapping-inline'})
|
| 41 |
|
attribute_widget = self.fields['attribute'].widget
|
| 42 |
|
attribute_widget.choices = [(name, desc) for name, desc in get_attribute_names({})]
|
|
44 |
|
|
45 |
# Setup the attribute field
|
|
46 |
choices = OrderedDict([('', '---------')])
|
|
47 |
for name in ('email', 'username', 'first_name', 'last_name'):
|
|
48 |
field = User._meta.get_field(name)
|
|
49 |
choices[name] = '%s (%s)' % (field.verbose_name.title(), name)
|
|
50 |
for attribute in Attribute.objects.all():
|
|
51 |
if attribute.name in choices:
|
|
52 |
continue
|
|
53 |
choices[attribute.name] = '%s (%s)' % (attribute.label, attribute.name)
|
|
54 |
choices['ou__slug'] = _('Organizational unit slug (ou__slug)')
|
|
55 |
self.fields['attribute'] = forms.ChoiceField(choices=choices.items())
|
| 43 |
56 |
|
| 44 |
57 |
class Meta:
|
| 45 |
58 |
model = models.OIDCClaimMapping
|
| ... | ... | |
| 49 |
62 |
readonly_fields = ['created', 'modified']
|
| 50 |
63 |
widgets = {
|
| 51 |
64 |
'claim': DatalistTextInput,
|
| 52 |
|
'attribute': Select,
|
| 53 |
65 |
}
|
| 54 |
66 |
|
| 55 |
67 |
|
| 56 |
68 |
class OIDCClaimMappingInline(admin.TabularInline):
|
| 57 |
69 |
model = models.OIDCClaimMapping
|
| 58 |
70 |
form = OIDCClaimMappingForm
|
| 59 |
|
extra = 3
|
|
71 |
extra = 0
|
| 60 |
72 |
|
| 61 |
73 |
|
| 62 |
74 |
class OIDCProviderAdmin(admin.ModelAdmin):
|
| 63 |
|
-
|