Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
feudal
feudalBackend
Commits
c94891f4
Commit
c94891f4
authored
Oct 29, 2018
by
Lukas Burgey
Browse files
Add 'eduperson_entitlement' to the default scopes
Partly addresses
#3
parent
edeba838
Changes
1
Hide whitespace changes
Inline
Side-by-side
feudal/backend/auth/v1/models.py
View file @
c94891f4
...
...
@@ -16,8 +16,15 @@ LOGGER = logging.getLogger(__name__)
OIDC_CLIENT
=
{}
def
scopes_default
():
return
[
'openid'
,
'profile'
,
'email'
,
'credentials'
]
return
[
'openid'
,
'profile'
,
'email'
,
'credentials'
,
'eduperson_entitlement'
,
]
class
OIDCConfig
(
db_models
.
Model
):
...
...
@@ -34,7 +41,6 @@ class OIDCConfig(db_models.Model):
editable
=
True
,
)
@
property
def
registration_response
(
self
):
info
=
{
...
...
@@ -84,7 +90,7 @@ def default_idp():
class
OIDCTokenAuthBackend
(
object
):
AuthException
=
Exception
(
"
Unable to authenticate user
"
)
AuthException
=
Exception
(
'
Unable to authenticate user
'
)
def
get_userinfo
(
self
,
oidc_client
,
access_token
=
None
):
user_info
=
None
...
...
@@ -101,10 +107,9 @@ class OIDCTokenAuthBackend(object):
user_info
[
'iss'
]
=
oidc_client
.
provider_info
[
'issuer'
]
else
:
LOGGER
.
error
(
"Invalid parameters for get_userinfo"
)
LOGGER
.
error
(
'Invalid parameters for get_userinfo'
)
#LOGGER.debug(
"
Got user info:\n%s\n
"
, user_info)
#
LOGGER.debug(
'
Got user info:\n%s\n
'
, user_info)
return
user_info
def
authenticate
(
self
,
request
,
token
=
None
,
issuer_uri
=
None
):
...
...
@@ -117,18 +122,18 @@ class OIDCTokenAuthBackend(object):
try
:
if
issuer_uri
is
not
None
:
LOGGER
.
debug
(
"
Attempting to find IdP %s
"
,
issuer_uri
)
LOGGER
.
debug
(
'
Attempting to find IdP %s
'
,
issuer_uri
)
oidc_client
=
OIDCConfig
.
objects
.
get
(
issuer_uri
=
issuer_uri
)
elif
idp_id
is
not
None
:
oidc_client
=
OIDCConfig
.
objects
.
get
(
id
=
idp_id
)
if
oidc_client
is
None
:
LOGGER
.
error
(
"
Unable to determine IdP for authentication
"
)
LOGGER
.
error
(
'
Unable to determine IdP for authentication
'
)
return
None
except
OIDCConfig
.
DoesNotExist
:
LOGGER
.
error
(
"
Unable to determine IdP for authentication
"
)
LOGGER
.
error
(
'
Unable to determine IdP for authentication
'
)
return
None
# get the user info from the idp
...
...
@@ -138,7 +143,7 @@ class OIDCTokenAuthBackend(object):
)
from
...models.users
import
User
return
User
.
get_user
(
return
User
.
get_user
(
userinfo
,
oidc_client
,
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment