Projet

Général

Profil

0001-manager-include-oidc-and-saml-federation-info-in-use.patch

Valentin Deniaud, 15 avril 2021 15:41

Télécharger (6,51 ko)

Voir les différences: 

Subject: [PATCH] manager: include oidc and saml federation info in user
 details (#28210)


 .../authentic2_auth_fc/manager_user_sidebar.html  |  2 +-
 src/authentic2_auth_oidc/apps.py                  |  7 +++++++
 .../manager_user_sidebar.html                     |  8 ++++++++
 src/authentic2_auth_saml/apps.py                  | 13 +++++++++++++
 .../manager_user_sidebar.html                     |  9 +++++++++
 tests/test_auth_oidc.py                           | 13 +++++++++++++
 tests/test_auth_saml.py                           | 15 +++++++++++++++
 7 files changed, 66 insertions(+), 1 deletion(-)
 create mode 100644 src/authentic2_auth_oidc/templates/authentic2_auth_oidc/manager_user_sidebar.html
 create mode 100644 src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html
src/authentic2_auth_fc/templates/authentic2_auth_fc/manager_user_sidebar.html
1 1 
{% load i18n %}
2 2 
{% for account in user.fc_accounts.all %}
3 3 
<div class="auth-fc-user-sidebar">
4 
<p>{% trans "Link with FranceConnect created on" %} {{ account.created }}</p>
4 
<p>{% trans "Link with FranceConnect created on" %} {{ account.created }}.</p>
5 5 
</div>
6 6 
{% endfor %}
src/authentic2_auth_oidc/apps.py
15 15 
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
16 16 

  		




  17
  17
  
    
import django.apps

  		




  
  18
  
    
from django import template

  		




  18
  19
  
    

  		




  19
  20
  
    

  		




  20
  21
  
    
class Plugin(object):

  		




  ......




  101
  102
  
    
                    'sub': oidc_account.sub,

  		




  102
  103
  
    
                }

  		




  103
  104
  
    
            )

  		




  
  105
  
    

  		




  
  106
  
    
    def a2_hook_manager_user_data(self, view, user):

  		




  
  107
  
    
        context = {'user': user}

  		




  
  108
  
    
        return [

  		




  
  109
  
    
            template.loader.get_template('authentic2_auth_oidc/manager_user_sidebar.html').render(context)

  		




  
  110
  
    
        ]

  		












  

    
      src/authentic2_auth_oidc/templates/authentic2_auth_oidc/manager_user_sidebar.html
    
  





  
  1
  
    
{% load i18n %}

  		




  
  2
  
    
{% if user.oidc_account %}

  		




  
  3
  
    
<p>

  		




  
  4
  
    
{% blocktrans trimmed with created=user.oidc_account.created name=user.oidc_account.provider.name sub=user.oidc_account.sub %}

  		




  
  5
  
    
Link with OIDC provider {{ name }} created on {{ created }} (sub {{ sub }}).

  		




  
  6
  
    
{% endblocktrans %}

  		




  
  7
  
    
</p>

  		




  
  8
  
    
{% endif %}

  		












  

    
      src/authentic2_auth_saml/apps.py
    
  





  15
  15
  
    
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

  		




  16
  16
  
    

  		




  17
  17
  
    
import django.apps

  		




  
  18
  
    
from django import template

  		




  
  19
  
    
from mellon.utils import get_idp

  		




  18
  20
  
    

  		




  19
  21
  
    

  		




  20
  22
  
    
class AppConfig(django.apps.AppConfig):

  		




  ......




  41
  43
  
    
                    'name_id': saml_account.name_id,

  		




  42
  44
  
    
                }

  		




  43
  45
  
    
            )

  		




  
  46
  
    

  		




  
  47
  
    
    def a2_hook_manager_user_data(self, view, user):

  		




  
  48
  
    
        user_saml_identifiers = user.saml_identifiers.all()

  		




  
  49
  
    
        if not user_saml_identifiers:

  		




  
  50
  
    
            return ['']

  		




  
  51
  
    
        for user_saml_identifier in user_saml_identifiers:

  		




  
  52
  
    
            user_saml_identifier.idp = get_idp(user_saml_identifier.issuer)

  		




  
  53
  
    
        context = {'user_saml_identifiers': user_saml_identifiers}

  		




  
  54
  
    
        return [

  		




  
  55
  
    
            template.loader.get_template('authentic2_auth_saml/manager_user_sidebar.html').render(context)

  		




  
  56
  
    
        ]

  		












  

    
      src/authentic2_auth_saml/templates/authentic2_auth_saml/manager_user_sidebar.html
    
  





  
  1
  
    
{% load i18n %}

  		




  
  2
  
    
{% for identifier in user_saml_identifiers %}

  		




  
  3
  
    
{% firstof identifier.idp.DISPLAY_NAME identifier.issuer as provider %}

  		




  
  4
  
    
<p>

  		




  
  5
  
    
{% blocktrans trimmed with created=identifier.created name_id=identifier.name_id %}

  		




  
  6
  
    
Link with SAML provider {{ provider }} created on {{ created }} (NameID {{ name_id }}).

  		




  
  7
  
    
{% endblocktrans %}

  		




  
  8
  
    
</p>

  		




  
  9
  
    
{% endfor %}

  		












  

    
      tests/test_auth_oidc.py
    
  





  891
  891
  
    
    assert '_auth_user_id' not in app.session

  		




  892
  892
  
    
    assert OIDCAccount.objects.count() == 0

  		




  893
  893
  
    
    assert 'too many users' in caplog.records[-1].message

  		




  
  894
  
    

  		




  
  895
  
    

  		




  
  896
  
    
def test_manager_user_sidebar(app, superuser, simple_user, oidc_provider):

  		




  
  897
  
    
    utils.login(app, superuser, '/manage/')

  		




  
  898
  
    
    response = app.get('/manage/users/%s/' % simple_user.id)

  		




  
  899
  
    
    assert 'OIDC' not in response

  		




  
  900
  
    

  		




  
  901
  
    
    OIDCAccount.objects.create(user=simple_user, provider=oidc_provider, sub='1234')

  		




  
  902
  
    

  		




  
  903
  
    
    response = app.get('/manage/users/%s/' % simple_user.id)

  		




  
  904
  
    
    assert 'OIDC' in response

  		




  
  905
  
    
    assert 'Server' in response

  		




  
  906
  
    
    assert '1234' in response

  		












  

    
      tests/test_auth_saml.py
    
  





  26
  26
  
    
from authentic2.models import Attribute

  		




  27
  27
  
    
from authentic2_auth_saml.adapters import AuthenticAdapter, MappingError

  		




  28
  28
  
    

  		




  
  29
  
    
from .utils import login

  		




  
  30
  
    

  		




  29
  31
  
    
User = get_user_model()

  		




  30
  32
  
    

  		




  31
  33
  
    

  		




  ......




  273
  275
  
    
            'name_id': '4567',

  		




  274
  276
  
    
        },

  		




  275
  277
  
    
    ]

  		




  
  278
  
    

  		




  
  279
  
    

  		




  
  280
  
    
def test_manager_user_sidebar(app, superuser, simple_user):

  		




  
  281
  
    
    login(app, superuser, '/manage/')

  		




  
  282
  
    
    response = app.get('/manage/users/%s/' % simple_user.id)

  		




  
  283
  
    
    assert 'SAML' not in response

  		




  
  284
  
    

  		




  
  285
  
    
    UserSAMLIdentifier.objects.create(user=simple_user, issuer='https://idp1.com/', name_id='1234')

  		




  
  286
  
    

  		




  
  287
  
    
    response = app.get('/manage/users/%s/' % simple_user.id)

  		




  
  288
  
    
    assert 'SAML' in response

  		




  
  289
  
    
    assert 'https://idp1.com/' in response

  		




  
  290
  
    
    assert '1234' in response

  		




  276
  
  
    
-