Projet

Général

Profil

0001-manager-include-oidc-and-saml-federation-info-in-use.patch

Valentin Deniaud, 07 avril 2021 11:15

Télécharger (6,17 ko)

Voir les différences: 

Subject: [PATCH] manager: include oidc and saml federation info in user
 details (#28210)


 src/authentic2_auth_oidc/apps.py                  |  7 +++++++
 .../manager_user_sidebar.html                     | 13 +++++++++++++
 src/authentic2_auth_saml/apps.py                  | 13 +++++++++++++
 .../manager_user_sidebar.html                     | 13 +++++++++++++
 tests/test_auth_oidc.py                           | 12 ++++++++++++
 tests/test_auth_saml.py                           | 15 +++++++++++++++
 6 files changed, 73 insertions(+)
 create mode 100644 src/authentic2_auth_oidc/templates/authentic2_auth_oidc/manager_user_sidebar.html
 create mode 100644 src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html
src/authentic2_auth_oidc/apps.py
15 15 
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
16 16 

  		




  17
  17
  
    
import django.apps

  		




  
  18
  
    
from django import template

  		




  18
  19
  
    

  		




  19
  20
  
    

  		




  20
  21
  
    
class Plugin(object):

  		




  ......




  101
  102
  
    
                    'sub': oidc_account.sub,

  		




  102
  103
  
    
                }

  		




  103
  104
  
    
            )

  		




  
  105
  
    

  		




  
  106
  
    
    def a2_hook_manager_user_data(self, view, user):

  		




  
  107
  
    
        context = {'user': user}

  		




  
  108
  
    
        return [

  		




  
  109
  
    
            template.loader.get_template('authentic2_auth_oidc/manager_user_sidebar.html').render(context)

  		




  
  110
  
    
        ]

  		












  

    
      src/authentic2_auth_oidc/templates/authentic2_auth_oidc/manager_user_sidebar.html
    
  





  
  1
  
    
{% load i18n %}

  		




  
  2
  
    
{% if user.oidc_account %}

  		




  
  3
  
    
<fieldset class="gadjo-foldable gadjo-folded" id="auth-oidc">

  		




  
  4
  
    
<legend class="gadjo-foldable-widget">{% trans "Link with OIDC provider" %}</legend>

  		




  
  5
  
    
<div class="auth-oidc-user-sidebar gadjo-folding">

  		




  
  6
  
    
<ul>

  		




  
  7
  
    
  <li>{% trans "Name:" %} {{ user.oidc_account.provider.name }}</li>

  		




  
  8
  
    
  <li>{% trans "Issuer:" %} {{ user.oidc_account.provider.issuer }}</li>

  		




  
  9
  
    
  <li>{% trans "Creation date:" %} {{ user.oidc_account.created }}</li>

  		




  
  10
  
    
</ul>

  		




  
  11
  
    
</div>

  		




  
  12
  
    
{% endif %}

  		




  
  13
  
    
</fieldset>

  		












  

    
      src/authentic2_auth_saml/apps.py
    
  





  15
  15
  
    
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

  		




  16
  16
  
    

  		




  17
  17
  
    
import django.apps

  		




  
  18
  
    
from django import template

  		




  
  19
  
    
from mellon.utils import get_idp

  		




  18
  20
  
    

  		




  19
  21
  
    

  		




  20
  22
  
    
class AppConfig(django.apps.AppConfig):

  		




  ......




  41
  43
  
    
                    'name_id': saml_account.name_id,

  		




  42
  44
  
    
                }

  		




  43
  45
  
    
            )

  		




  
  46
  
    

  		




  
  47
  
    
    def a2_hook_manager_user_data(self, view, user):

  		




  
  48
  
    
        user_saml_identifiers = user.saml_identifiers.all()

  		




  
  49
  
    
        if not user_saml_identifiers:

  		




  
  50
  
    
            return ['']

  		




  
  51
  
    
        for user_saml_identifier in user_saml_identifiers:

  		




  
  52
  
    
            user_saml_identifier.idp = get_idp(user_saml_identifier.issuer)

  		




  
  53
  
    
        context = {'user_saml_identifiers': user_saml_identifiers}

  		




  
  54
  
    
        return [

  		




  
  55
  
    
            template.loader.get_template('authentic2_auth_saml/manager_user_sidebar.html').render(context)

  		




  
  56
  
    
        ]

  		












  

    
      src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html
    
  





  
  1
  
    
{% load i18n %}

  		




  
  2
  
    
<fieldset class="gadjo-foldable gadjo-folded" id="auth-saml">

  		




  
  3
  
    
<legend class="gadjo-foldable-widget">{% trans "Link with SAML providers" %}</legend>

  		




  
  4
  
    
{% for identifier in user_saml_identifiers %}

  		




  
  5
  
    
<div class="auth-saml-user-sidebar gadjo-folding">

  		




  
  6
  
    
  <p>{% trans "Issuer:" %} {% firstof identifier.idp.DISPLAY_NAME identifier.issuer %}</p>

  		




  
  7
  
    
  <ul>

  		




  
  8
  
    
    <li>{% trans "NameID:" %} {{ identifier.name_id }}</li>

  		




  
  9
  
    
    <li>{% trans "Creation date:" %} {{ identifier.created }}</li>

  		




  
  10
  
    
  </ul>

  		




  
  11
  
    
</div>

  		




  
  12
  
    
{% endfor %}

  		




  
  13
  
    
</fieldset>

  		












  

    
      tests/test_auth_oidc.py
    
  





  891
  891
  
    
    assert '_auth_user_id' not in app.session

  		




  892
  892
  
    
    assert OIDCAccount.objects.count() == 0

  		




  893
  893
  
    
    assert 'too many users' in caplog.records[-1].message

  		




  
  894
  
    

  		




  
  895
  
    

  		




  
  896
  
    
def test_manager_user_sidebar(app, superuser, simple_user, oidc_provider):

  		




  
  897
  
    
    utils.login(app, superuser, '/manage/')

  		




  
  898
  
    
    response = app.get('/manage/users/%s/' % simple_user.id)

  		




  
  899
  
    
    assert 'OIDC' not in response

  		




  
  900
  
    

  		




  
  901
  
    
    OIDCAccount.objects.create(user=simple_user, provider=oidc_provider, sub='1234')

  		




  
  902
  
    

  		




  
  903
  
    
    response = app.get('/manage/users/%s/' % simple_user.id)

  		




  
  904
  
    
    assert 'Server' in response

  		




  
  905
  
    
    assert 'https://server.example.com' in response

  		












  

    
      tests/test_auth_saml.py
    
  





  26
  26
  
    
from authentic2.models import Attribute

  		




  27
  27
  
    
from authentic2_auth_saml.adapters import AuthenticAdapter, MappingError

  		




  28
  28
  
    

  		




  
  29
  
    
from .utils import login

  		




  
  30
  
    

  		




  29
  31
  
    
User = get_user_model()

  		




  30
  32
  
    

  		




  31
  33
  
    

  		




  ......




  269
  271
  
    
            'name_id': '4567',

  		




  270
  272
  
    
        },

  		




  271
  273
  
    
    ]

  		




  
  274
  
    

  		




  
  275
  
    

  		




  
  276
  
    
def test_manager_user_sidebar(app, superuser, simple_user):

  		




  
  277
  
    
    login(app, superuser, '/manage/')

  		




  
  278
  
    
    response = app.get('/manage/users/%s/' % simple_user.id)

  		




  
  279
  
    
    assert 'SAML' not in response

  		




  
  280
  
    

  		




  
  281
  
    
    UserSAMLIdentifier.objects.create(user=simple_user, issuer='https://idp1.com/', name_id='1234')

  		




  
  282
  
    

  		




  
  283
  
    
    response = app.get('/manage/users/%s/' % simple_user.id)

  		




  
  284
  
    
    assert 'SAML' in response

  		




  
  285
  
    
    assert 'https://idp1.com/' in response

  		




  
  286
  
    
    assert '1234' in response

  		




  272
  
  
    
-