0001-add-a-model-to-store-user-NameID-mapping-7085.patch
mellon/adapters.py | ||
---|---|---|
4 | 4 |
from django.contrib import auth |
5 | 5 |
from django.contrib.auth.models import Group |
6 | 6 | |
7 |
from . import utils, app_settings |
|
7 |
from . import utils, app_settings, models
|
|
8 | 8 | |
9 | 9 |
log = logging.getLogger(__name__) |
10 | 10 | |
... | ... | |
47 | 47 | |
48 | 48 |
def lookup_user(self, idp, saml_attributes): |
49 | 49 |
User = auth.get_user_model() |
50 |
username = self.format_username(idp, saml_attributes) |
|
51 |
if not username: |
|
52 |
return None |
|
53 |
provision = utils.get_setting(idp, 'PROVISION') |
|
54 |
if provision: |
|
55 |
user, created = User.objects.get_or_create(username=username) |
|
56 |
else: |
|
57 |
try: |
|
58 |
user = User.objects.get(username=username) |
|
59 |
except User.DoesNotExist: |
|
60 |
return |
|
50 |
name_id = saml_attributes['name_id_content'] |
|
51 |
issuer = saml_attributes['issuer'] |
|
52 |
try: |
|
53 |
return User.objects.get(saml_identifiers__name_id=name_id, |
|
54 |
saml_identifiers__issuer=issuer) |
|
55 |
except User.DoesNotExist: |
|
56 |
if not utils.get_setting(idp, 'PROVISION'): |
|
57 |
return None |
|
58 |
username = self.format_username(idp, saml_attributes) |
|
59 |
if not username: |
|
60 |
return None |
|
61 |
user = User(username=username) |
|
62 |
user.save() |
|
63 |
self.provision_name_id(user, idp, saml_attributes) |
|
61 | 64 |
return user |
62 | 65 | |
63 | 66 |
def provision(self, user, idp, saml_attributes): |
... | ... | |
65 | 68 |
self.provision_superuser(user, idp, saml_attributes) |
66 | 69 |
self.provision_groups(user, idp, saml_attributes) |
67 | 70 | |
71 |
def provision_name_id(self, user, idp, saml_attributes): |
|
72 |
models.UserSAMLIdentifier.objects.get_or_create( |
|
73 |
user=user, |
|
74 |
issuer=saml_attributes['issuer'], |
|
75 |
name_id=saml_attributes['name_id_content']) |
|
76 | ||
68 | 77 |
def provision_attribute(self, user, idp, saml_attributes): |
69 | 78 |
realm = utils.get_setting(idp, 'REALM') |
70 | 79 |
attribute_mapping = utils.get_setting(idp, 'ATTRIBUTE_MAPPING') |
mellon/migrations/0001_initial.py | ||
---|---|---|
1 |
# -*- coding: utf-8 -*- |
|
2 |
from __future__ import unicode_literals |
|
3 | ||
4 |
from django.db import models, migrations |
|
5 |
from django.conf import settings |
|
6 | ||
7 | ||
8 |
class Migration(migrations.Migration): |
|
9 | ||
10 |
dependencies = [ |
|
11 |
migrations.swappable_dependency(settings.AUTH_USER_MODEL), |
|
12 |
] |
|
13 | ||
14 |
operations = [ |
|
15 |
migrations.CreateModel( |
|
16 |
name='UserSAMLIdentifier', |
|
17 |
fields=[ |
|
18 |
('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)), |
|
19 |
('issuer', models.TextField(verbose_name='Issuer')), |
|
20 |
('name_id', models.TextField(verbose_name='SAML identifier')), |
|
21 |
('created', models.DateTimeField(auto_now_add=True, verbose_name='created')), |
|
22 |
('user', models.ForeignKey(related_name='saml_identifiers', verbose_name='user', to=settings.AUTH_USER_MODEL)), |
|
23 |
], |
|
24 |
options={ |
|
25 |
'verbose_name': 'user SAML identifier', |
|
26 |
'verbose_name_plural': 'users SAML identifiers', |
|
27 |
}, |
|
28 |
bases=(models.Model,), |
|
29 |
), |
|
30 |
migrations.AlterUniqueTogether( |
|
31 |
name='usersamlidentifier', |
|
32 |
unique_together=set([('issuer', 'name_id')]), |
|
33 |
), |
|
34 |
] |
mellon/models.py | ||
---|---|---|
1 | 1 |
from django.db import models |
2 |
from django.utils.translation import ugettext_lazy as _ |
|
3 |
from django.conf import settings |
|
2 | 4 | |
3 |
# Create your models here. |
|
5 |
class UserSAMLIdentifier(models.Model): |
|
6 |
user = models.ForeignKey( |
|
7 |
verbose_name=_('user'), |
|
8 |
to=settings.AUTH_USER_MODEL, |
|
9 |
related_name='saml_identifiers') |
|
10 |
issuer = models.TextField( |
|
11 |
verbose_name=_('Issuer')) |
|
12 |
name_id = models.TextField( |
|
13 |
verbose_name=_('SAML identifier')) |
|
14 |
created = models.DateTimeField( |
|
15 |
verbose_name=_('created'), |
|
16 |
auto_now_add=True) |
|
17 | ||
18 |
class Meta: |
|
19 |
verbose_name = _('user SAML identifier') |
|
20 |
verbose_name_plural = _('users SAML identifiers') |
|
21 |
unique_together = (('issuer', 'name_id'),) |
|
4 |
- |