331 |
331 |
name_id = saml_attributes['name_id_content']
|
332 |
332 |
entity_id = saml_attributes['issuer']
|
333 |
333 |
try:
|
|
334 |
to_update = {
|
|
335 |
'nid_format': saml_attributes['name_id_format'],
|
|
336 |
'nid_name_qualifier': saml_attributes.get('name_id_name_qualifier'),
|
|
337 |
'nid_sp_name_qualifier': saml_attributes.get('name_id_sp_name_qualifier'),
|
|
338 |
'nid_sp_provided_id': saml_attributes.get('name_id_sp_provided_id'),
|
|
339 |
}
|
334 |
340 |
saml_identifier = models.UserSAMLIdentifier.objects.select_related('user').get(
|
335 |
341 |
name_id=name_id, issuer=models_utils.get_issuer(entity_id)
|
336 |
342 |
)
|
|
343 |
# nid_* attributes are new, we must update them if they are not initialized, eventually
|
|
344 |
for key in to_update:
|
|
345 |
if getattr(saml_identifier, key) != to_update[key]:
|
|
346 |
models.UserSAMLIdentifier.objects.filter(pk=saml_identifier.pk).update(**to_update)
|
|
347 |
break
|
337 |
348 |
user = saml_identifier.user
|
338 |
349 |
user.saml_identifier = saml_identifier
|
339 |
350 |
logger.info('mellon: looked up user %s with name_id %s from issuer %s', user, name_id, entity_id)
|
... | ... | |
463 |
474 |
name_id_content = saml_attributes['name_id_content']
|
464 |
475 |
if saml_attributes['name_id_format'] == lasso.SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT:
|
465 |
476 |
name_id_content = saml_attributes['transient_name_id_content']
|
|
477 |
to_update = {
|
|
478 |
'nid_format': saml_attributes['name_id_format'],
|
|
479 |
'nid_name_qualifier': saml_attributes.get('name_id_name_qualifier'),
|
|
480 |
'nid_sp_name_qualifier': saml_attributes.get('name_id_sp_name_qualifier'),
|
|
481 |
'nid_sp_provided_id': saml_attributes.get('name_id_sp_provided_id'),
|
|
482 |
}
|
466 |
483 |
saml_id, created = models.UserSAMLIdentifier.objects.get_or_create(
|
467 |
484 |
name_id=name_id_content,
|
468 |
485 |
issuer=models_utils.get_issuer(saml_attributes['issuer']),
|
469 |
486 |
defaults={
|
470 |
487 |
'user': user,
|
471 |
|
'nid_format': saml_attributes['name_id_format'],
|
472 |
|
'nid_name_qualifier': saml_attributes.get('name_id_name_qualifier'),
|
473 |
|
'nid_sp_name_qualifier': saml_attributes.get('name_id_sp_name_qualifier'),
|
474 |
|
'nid_sp_provided_id': saml_attributes.get('name_id_sp_provided_id'),
|
|
488 |
**to_update,
|
475 |
489 |
},
|
476 |
490 |
)
|
|
491 |
# nid_* attributes are new, we must update them eventually
|
|
492 |
for key in to_update:
|
|
493 |
if getattr(saml_id, key) != to_update[key]:
|
|
494 |
models.UserSAMLIdentifier.objects.filter(pk=saml_id.pk).update(**to_update)
|
|
495 |
break
|
477 |
496 |
if created:
|
478 |
497 |
user.saml_identifier = saml_id
|
479 |
498 |
return user
|