Adds SSO attributes. Prevents uid duplication errors.
This commit is contained in:
parent
0cda7c66e5
commit
a6e0809183
|
@ -14,10 +14,10 @@ FRONTEND_AUTH_CALLBACK = "http://localhost:4200" # Not Required
|
||||||
SSO_ATTRIBUTE_MAP = {
|
SSO_ATTRIBUTE_MAP = {
|
||||||
'eppn': (False, 'eppn'), # dhf8r@virginia.edu
|
'eppn': (False, 'eppn'), # dhf8r@virginia.edu
|
||||||
'uid': (True, 'uid'), # dhf8r
|
'uid': (True, 'uid'), # dhf8r
|
||||||
'givenName': (False, 'givenName'), # Daniel
|
'givenName': (False, 'first_name'), # Daniel
|
||||||
'mail': (False, 'email'), # dhf8r@Virginia.EDU
|
'mail': (False, 'email_address'), # dhf8r@Virginia.EDU
|
||||||
'sn': (False, 'surName'), # Funk
|
'sn': (False, 'last_name'), # Funk
|
||||||
'affiliation': (False, 'affiliation'), # 'staff@virginia.edu;member@virginia.edu'
|
'affiliation': (False, 'affiliation'), # 'staff@virginia.edu;member@virginia.edu'
|
||||||
'displayName': (False, 'displayName'), # Daniel Harold Funk
|
'displayName': (False, 'display_name'), # Daniel Harold Funk
|
||||||
'title': (False, 'title') # SOFTWARE ENGINEER V
|
'title': (False, 'title') # SOFTWARE ENGINEER V
|
||||||
}
|
}
|
||||||
|
|
|
@ -57,6 +57,9 @@ def _handle_login(user_info):
|
||||||
uid = user_info['uid']
|
uid = user_info['uid']
|
||||||
user = db.session.query(UserModel).filter(UserModel.uid == uid).first()
|
user = db.session.query(UserModel).filter(UserModel.uid == uid).first()
|
||||||
|
|
||||||
|
if user is not None:
|
||||||
|
del user_info['uid'] # Prevents duplicate uid errors
|
||||||
|
|
||||||
# Update existing user data or create a new user
|
# Update existing user data or create a new user
|
||||||
user = UserModelSchema().load(user_info, session=db.session)
|
user = UserModelSchema().load(user_info, session=db.session)
|
||||||
|
|
||||||
|
@ -102,7 +105,6 @@ def backdoor():
|
||||||
ApiError. If on production, returns a 404 error.
|
ApiError. If on production, returns a 404 error.
|
||||||
"""
|
"""
|
||||||
if not 'PRODUCTION' in app.config or not app.config['PRODUCTION']:
|
if not 'PRODUCTION' in app.config or not app.config['PRODUCTION']:
|
||||||
|
|
||||||
# Translate uppercase HTTP_PROP_NAME to lowercase without HTTP_, if property exists in UserModel.
|
# Translate uppercase HTTP_PROP_NAME to lowercase without HTTP_, if property exists in UserModel.
|
||||||
user_info = {}
|
user_info = {}
|
||||||
for key, value in connexion.request.environ.items():
|
for key, value in connexion.request.environ.items():
|
||||||
|
|
|
@ -34,13 +34,19 @@ class TestAuthentication(BaseTest):
|
||||||
self.assertIsNone(user)
|
self.assertIsNone(user)
|
||||||
|
|
||||||
headers = {'uid': self.test_uid, 'first_name': 'Daniel', 'email_address': 'dhf8r@virginia.edu'}
|
headers = {'uid': self.test_uid, 'first_name': 'Daniel', 'email_address': 'dhf8r@virginia.edu'}
|
||||||
rv = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=True,
|
rv_1 = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=False)
|
||||||
content_type="application/json")
|
self.assertTrue(rv_1.status_code == 302)
|
||||||
|
|
||||||
|
|
||||||
user = db.session.query(UserModel).filter(UserModel.uid == self.test_uid).first()
|
user = db.session.query(UserModel).filter(UserModel.uid == self.test_uid).first()
|
||||||
self.assertIsNotNone(user)
|
self.assertIsNotNone(user)
|
||||||
self.assertIsNotNone(user.display_name)
|
self.assertIsNotNone(user.display_name)
|
||||||
self.assertIsNotNone(user.email_address)
|
self.assertIsNotNone(user.email_address)
|
||||||
|
|
||||||
|
# Hitting the same endpoint again with the same info should not cause an error
|
||||||
|
rv_2 = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=False)
|
||||||
|
self.assertTrue(rv_1.status_code == 302)
|
||||||
|
|
||||||
def test_current_user_status(self):
|
def test_current_user_status(self):
|
||||||
self.load_example_data()
|
self.load_example_data()
|
||||||
rv = self.app.get('/v1.0/user')
|
rv = self.app.get('/v1.0/user')
|
||||||
|
|
Loading…
Reference in New Issue