Adds SSO attributes. Prevents uid duplication errors.

This commit is contained in:
Aaron Louie 2020-02-20 17:23:10 -05:00
parent 0cda7c66e5
commit a6e0809183
3 changed files with 16 additions and 8 deletions

View File

@ -14,10 +14,10 @@ FRONTEND_AUTH_CALLBACK = "http://localhost:4200" # Not Required
SSO_ATTRIBUTE_MAP = { SSO_ATTRIBUTE_MAP = {
'eppn': (False, 'eppn'), # dhf8r@virginia.edu 'eppn': (False, 'eppn'), # dhf8r@virginia.edu
'uid': (True, 'uid'), # dhf8r 'uid': (True, 'uid'), # dhf8r
'givenName': (False, 'givenName'), # Daniel 'givenName': (False, 'first_name'), # Daniel
'mail': (False, 'email'), # dhf8r@Virginia.EDU 'mail': (False, 'email_address'), # dhf8r@Virginia.EDU
'sn': (False, 'surName'), # Funk 'sn': (False, 'last_name'), # Funk
'affiliation': (False, 'affiliation'), # 'staff@virginia.edu;member@virginia.edu' 'affiliation': (False, 'affiliation'), # 'staff@virginia.edu;member@virginia.edu'
'displayName': (False, 'displayName'), # Daniel Harold Funk 'displayName': (False, 'display_name'), # Daniel Harold Funk
'title': (False, 'title') # SOFTWARE ENGINEER V 'title': (False, 'title') # SOFTWARE ENGINEER V
} }

View File

@ -57,6 +57,9 @@ def _handle_login(user_info):
uid = user_info['uid'] uid = user_info['uid']
user = db.session.query(UserModel).filter(UserModel.uid == uid).first() user = db.session.query(UserModel).filter(UserModel.uid == uid).first()
if user is not None:
del user_info['uid'] # Prevents duplicate uid errors
# Update existing user data or create a new user # Update existing user data or create a new user
user = UserModelSchema().load(user_info, session=db.session) user = UserModelSchema().load(user_info, session=db.session)
@ -102,7 +105,6 @@ def backdoor():
ApiError. If on production, returns a 404 error. ApiError. If on production, returns a 404 error.
""" """
if not 'PRODUCTION' in app.config or not app.config['PRODUCTION']: if not 'PRODUCTION' in app.config or not app.config['PRODUCTION']:
# Translate uppercase HTTP_PROP_NAME to lowercase without HTTP_, if property exists in UserModel. # Translate uppercase HTTP_PROP_NAME to lowercase without HTTP_, if property exists in UserModel.
user_info = {} user_info = {}
for key, value in connexion.request.environ.items(): for key, value in connexion.request.environ.items():

View File

@ -34,13 +34,19 @@ class TestAuthentication(BaseTest):
self.assertIsNone(user) self.assertIsNone(user)
headers = {'uid': self.test_uid, 'first_name': 'Daniel', 'email_address': 'dhf8r@virginia.edu'} headers = {'uid': self.test_uid, 'first_name': 'Daniel', 'email_address': 'dhf8r@virginia.edu'}
rv = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=True, rv_1 = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=False)
content_type="application/json") self.assertTrue(rv_1.status_code == 302)
user = db.session.query(UserModel).filter(UserModel.uid == self.test_uid).first() user = db.session.query(UserModel).filter(UserModel.uid == self.test_uid).first()
self.assertIsNotNone(user) self.assertIsNotNone(user)
self.assertIsNotNone(user.display_name) self.assertIsNotNone(user.display_name)
self.assertIsNotNone(user.email_address) self.assertIsNotNone(user.email_address)
# Hitting the same endpoint again with the same info should not cause an error
rv_2 = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=False)
self.assertTrue(rv_1.status_code == 302)
def test_current_user_status(self): def test_current_user_status(self):
self.load_example_data() self.load_example_data()
rv = self.app.get('/v1.0/user') rv = self.app.get('/v1.0/user')