Projet

Général

Profil

0001-auth_saml-add-name-id-policy-format-choices-70750.patch

Valentin Deniaud, 03 novembre 2022 10:09

Télécharger (4,01 ko)

Voir les différences:

Subject: [PATCH] auth_saml: add name id policy format choices (#70750)

 .../migrations/0001_initial.py                |  2 ++
 src/authentic2_auth_saml/models.py            | 23 ++++++++++++++++++-
 tests/test_manager_authenticators.py          | 13 +++++++++++
 3 files changed, 37 insertions(+), 1 deletion(-)
src/authentic2_auth_saml/migrations/0001_initial.py
5 5
from django.db import migrations, models
6 6

  
7 7
import authentic2_auth_saml.models
8
from authentic2_auth_saml.models import NAME_ID_FORMAT_CHOICES
8 9

  
9 10

  
10 11
class Migration(migrations.Migration):
......
117 118
                        help_text='The NameID format to request.',
118 119
                        max_length=64,
119 120
                        verbose_name='NameID policy format',
121
                        choices=NAME_ID_FORMAT_CHOICES,
120 122
                    ),
121 123
                ),
122 124
                (
src/authentic2_auth_saml/models.py
32 32
)
33 33
from authentic2.utils.misc import redirect_to_login
34 34

  
35
NAME_ID_FORMAT_CHOICES = (
36
    ('', _('None')),
37
    (
38
        lasso.SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT,
39
        _('Persistent (%s)') % lasso.SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT,
40
    ),
41
    (
42
        lasso.SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT,
43
        _('Transient (%s)') % lasso.SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT,
44
    ),
45
    (lasso.SAML2_NAME_IDENTIFIER_FORMAT_EMAIL, _('Email (%s)') % lasso.SAML2_NAME_IDENTIFIER_FORMAT_EMAIL),
46
    (
47
        lasso.SAML2_NAME_IDENTIFIER_FORMAT_UNSPECIFIED,
48
        _('Unspecified (%s)') % lasso.SAML2_NAME_IDENTIFIER_FORMAT_UNSPECIFIED,
49
    ),
50
)
51

  
35 52

  
36 53
def validate_metadata(metadata):
37 54
    try:
......
88 105
        default='{attributes[name_id_content]}@{realm}',
89 106
    )
90 107
    name_id_policy_format = models.CharField(
91
        _('NameID policy format'), max_length=64, help_text=_('The NameID format to request.'), blank=True
108
        _('NameID policy format'),
109
        max_length=64,
110
        choices=NAME_ID_FORMAT_CHOICES,
111
        help_text=_('The NameID format to request.'),
112
        blank=True,
92 113
    )
93 114
    name_id_policy_allow_create = models.BooleanField(_('NameID policy allow create'), default=True)
94 115
    force_authn = models.BooleanField(
tests/test_manager_authenticators.py
565 565
    assert 'SAML - idp1' in resp.text
566 566

  
567 567

  
568
def test_authenticators_saml_name_id_format_select(app, superuser):
569
    authenticator = SAMLAuthenticator.objects.create(metadata_url='https://example.com/meta.xml', slug='idp1')
570

  
571
    resp = login(app, superuser, path='/manage/authenticators/%s/edit/' % authenticator.pk)
572
    resp.form['name_id_policy_format'].select(
573
        text='Persistent (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent)'
574
    )
575
    resp.form.submit().follow()
576

  
577
    authenticator.refresh_from_db()
578
    assert authenticator.name_id_policy_format == 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
579

  
580

  
568 581
def test_authenticators_saml_attribute_lookup(app, superuser):
569 582
    authenticator = SAMLAuthenticator.objects.create(metadata='meta1.xml', slug='idp1')
570 583
    resp = login(app, superuser, path=authenticator.get_absolute_url())
571
-