# along with this program. If not, see <http://www.gnu.org/licenses/>.
from ipsilon.providers.common import ProviderPageBase, ProviderException
+from ipsilon.providers.common import AuthenticationError, InvalidRequest
from ipsilon.providers.saml2.provider import ServiceProvider
from ipsilon.providers.saml2.provider import InvalidProviderId
from ipsilon.providers.saml2.provider import NameIdNotAllowed
import lasso
-class AuthenticationError(ProviderException):
-
- def __init__(self, message, code):
- super(AuthenticationError, self).__init__(message)
- self.code = code
- self._debug('%s [%s]' % (message, code))
-
-
-class InvalidRequest(ProviderException):
-
- def __init__(self, message):
- super(InvalidRequest, self).__init__(message)
- self._debug(message)
-
-
class UnknownProvider(ProviderException):
def __init__(self, message):
self.basepath, self.trans.get_GET_arg())
data = {'saml2_stage': 'auth',
'saml2_request': login.dump(),
- 'login_return': returl}
+ 'login_return': returl,
+ 'login_target': login.remoteProviderId}
self.trans.store(data)
redirect = '%s/login?%s' % (self.basepath,
self.trans.get_GET_arg())
if not attrstat.attribute:
attrstat.attribute = ()
- attributes = us.get_user_attrs()
+ attributes = dict()
+ userattrs = us.get_user_attrs()
+ for key, value in userattrs.get('userdata', {}).iteritems():
+ if type(value) is str:
+ attributes[key] = value
+ if 'groups' in userattrs:
+ attributes['group'] = userattrs['groups']
+ for _, info in userattrs.get('extras', {}).iteritems():
+ for key, value in info.items():
+ attributes[key] = value
+
for key in attributes:
- attr = lasso.Saml2Attribute()
- attr.name = key
- attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC
- value = str(attributes[key]).encode('utf-8')
- node = lasso.MiscTextNode.newWithString(value)
- node.textChild = True
- attrvalue = lasso.Saml2AttributeValue()
- attrvalue.any = [node]
- attr.attributeValue = [attrvalue]
- attrstat.attribute = attrstat.attribute + (attr,)
+ values = attributes[key]
+ if type(values) is not list:
+ values = [values]
+ for value in values:
+ attr = lasso.Saml2Attribute()
+ attr.name = key
+ attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC
+ value = str(value).encode('utf-8')
+ self.debug('value %s' % value)
+ node = lasso.MiscTextNode.newWithString(value)
+ node.textChild = True
+ attrvalue = lasso.Saml2AttributeValue()
+ attrvalue.any = [node]
+ attr.attributeValue = [attrvalue]
+ attrstat.attribute = attrstat.attribute + (attr,)
self.debug('Assertion: %s' % login.assertion.dump())