nameid = user.name ## TODO map to something else ?
elif self.nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_KERBEROS:
nameid = us.get_data('user', 'krb_principal_name')
+ elif self.nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_EMAIL:
+ nameid = us.get_user().email
+ if not nameid:
+ nameid = '%s@%s' % (user.name, self.cfg.default_email_domain)
if nameid:
login.assertion.subject.nameId.format = self.nameidfmt
"""Default NameID used by Service Providers. """,
'string',
'persistent'
+ ],
+ 'default email domain': [
+ """Default email domain, for users missing email property.""",
+ 'string',
+ 'example.com'
]
}
def default_nameid(self):
return self.get_config_value('default nameid')
+ @property
+ def default_email_domain(self):
+ return self.get_config_value('default email domain')
+
def get_tree(self, site):
self.page = SAML2(site, self)
return self.page
def fullname(self, value):
self._userdata['fullname'] = value
+ @property
+ def email(self):
+ if 'email' in self._userdata:
+ return self._userdata['email']
+ else:
+ return None
+
@property
def sites(self):
if 'sites' in self._userdata: