from ipsilon.util.user import UserSession
from ipsilon.util.plugin import PluginLoader, PluginObject
from ipsilon.util.plugin import PluginInstaller
+from ipsilon.info.common import Info
import cherrypy
super(LoginManagerBase, self).__init__()
self.path = '/'
self.next_login = None
+ self.info = None
def redirect_to_path(self, path):
base = cherrypy.config.get('base.mount', "")
if not ref:
ref = cherrypy.config.get('base.mount', "") + '/'
+ if self.info:
+ userattrs = self.info.get_user_attrs(username)
+ if userdata:
+ userdata.update(userattrs or {})
+ else:
+ userdata = userattrs
+ self.debug("User %s attributes: %s" % (username, repr(userdata)))
+
if auth_type:
if userdata:
userdata.update({'auth_type': auth_type})
plugins['enabled'].append(self)
self._debug('Login plugin enabled: %s' % self.name)
+ # Get handle of the info plugin
+ self.info = root.info
+
def disable(self, site):
plugins = site[FACILITY]
if self not in plugins['enabled']:
def __init__(self, *args, **kwargs):
super(Login, self).__init__(*args, **kwargs)
self.first_login = None
+ self.info = Info()
loader = PluginLoader(Login, FACILITY, 'LoginManager')
self._site[FACILITY] = loader.get_plugin_data()
raise AuthenticationError("Unavailable Name ID type",
lasso.SAML2_STATUS_CODE_AUTHN_FAILED)
- # TODO: add user attributes as policy requires from 'usersession'
+ # TODO: filter user attributes as policy requires from 'usersession'
+ if not login.assertion.attributeStatement:
+ attrstat = lasso.Saml2AttributeStatement()
+ login.assertion.attributeStatement = [attrstat]
+ else:
+ attrstat = login.assertion.attributeStatement[0]
+ if not attrstat.attribute:
+ attrstat.attribute = ()
+
+ attributes = us.get_user_attrs()
+ for key in attributes:
+ attr = lasso.Saml2Attribute()
+ attr.name = key
+ attr.nameFormat = lasso.SAML2_ATTRIBUTE_NAME_FORMAT_BASIC
+ value = str(attributes[key]).encode('utf-8')
+ node = lasso.MiscTextNode.newWithString(value)
+ node.textChild = True
+ attrvalue = lasso.Saml2AttributeValue()
+ attrvalue.any = [node]
+ attr.attributeValue = [attrvalue]
+ attrstat.attribute = attrstat.attribute + (attr,)
+
+ self.debug('Assertion: %s' % login.assertion.dump())
def saml2error(self, login, code, message):
status = lasso.Samlp2Status()
projects / cascardo / ipsilon.git / commitdiff