0001-idp-saml-collapse-attribute-values.patch

Benjamin Dauvergne, 31 mars 2015 09:31

Voir les différences: en ligne côte à côte

Subject: [PATCH] idp/saml: collapse attribute values

If two AttributeValue for the same value, name and name format would be
created, we skip its creation. It allows to configure attributes for
django_user_username and LDAP uid at the same without getting two times
the same value, as LDAP users also expose the Django user attributes.

 src/authentic2/idp/saml/saml2_endpoints.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

             'user': request.user,
             'service': provider.entity_id,
             '__wanted_attributes': wanted_attributes,
         })
         if not assertion.attributeStatement:
             assertion.attributeStatement = [lasso.Saml2AttributeStatement()]
         attribute_statement = assertion.attributeStatement[0]
         saml_attributes = list(attribute_statement.attribute)
         seen = set()
         for definition in qs:
             value = ctx.get(definition.attribute_name)
             key = (definition.name, definition.name_format, value)
             if key in seen:
                 continue
             seen.add(key)
             saml_attribute = definition.to_lasso_attribute(ctx)
             if not saml_attribute:
                 continue
             logger.debug('adding attribute %r with value %r',
                     definition.name, ctx.get(definition.attribute_name))
             logger.debug('adding attribute %r with value %r', definition.name,
                     value)
             saml_attributes.append(saml_attribute)
         attribute_statement.attribute = saml_attributes
     def saml2_add_attribute_values(assertion, attributes):
         if not attributes:
             logger.info("\
                 there are no attributes to add")
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0001-idp-saml-collapse-attribute-values.patch