Adds SSO attributes. Prevents uid duplication errors.

2020-02-20 17:23:10 -05:00 · 2020-02-20 17:23:10 -05:00 · a6e0809183
parent 0cda7c66e5
commit a6e0809183
3 changed files with 16 additions and 8 deletions
--- a/config/travis-testing.py
+++ b/config/travis-testing.py
@ -14,10 +14,10 @@ FRONTEND_AUTH_CALLBACK = "http://localhost:4200" # Not Required
 SSO_ATTRIBUTE_MAP = {
    'eppn': (False, 'eppn'),  # dhf8r@virginia.edu
    'uid': (True, 'uid'),  # dhf8r
-    'givenName': (False, 'givenName'), # Daniel
-    'mail': (False, 'email'), # dhf8r@Virginia.EDU
-    'sn': (False, 'surName'), # Funk
+    'givenName': (False, 'first_name'),  # Daniel
+    'mail': (False, 'email_address'),  # dhf8r@Virginia.EDU
+    'sn': (False, 'last_name'),  # Funk
    'affiliation': (False, 'affiliation'),  # 'staff@virginia.edu;member@virginia.edu'
-    'displayName': (False, 'displayName'), # Daniel Harold Funk
+    'displayName': (False, 'display_name'),  # Daniel Harold Funk
    'title': (False, 'title')  # SOFTWARE ENGINEER V
 }
--- a/crc/api/user.py
+++ b/crc/api/user.py
@ -57,6 +57,9 @@ def _handle_login(user_info):
    uid = user_info['uid']
    user = db.session.query(UserModel).filter(UserModel.uid == uid).first()

+    if user is not None:
+        del user_info['uid']  # Prevents duplicate uid errors
+
    # Update existing user data or create a new user
    user = UserModelSchema().load(user_info, session=db.session)

@ -102,7 +105,6 @@ def backdoor():
           ApiError.  If on production, returns a 404 error.
   """
    if not 'PRODUCTION' in app.config or not app.config['PRODUCTION']:
-
        # Translate uppercase HTTP_PROP_NAME to lowercase without HTTP_, if property exists in UserModel.
        user_info = {}
        for key, value in connexion.request.environ.items():
--- a/tests/test_authentication.py
+++ b/tests/test_authentication.py
@ -34,13 +34,19 @@ class TestAuthentication(BaseTest):
        self.assertIsNone(user)

        headers = {'uid': self.test_uid, 'first_name': 'Daniel', 'email_address': 'dhf8r@virginia.edu'}
-        rv = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=True,
-                          content_type="application/json")
+        rv_1 = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=False)
+        self.assertTrue(rv_1.status_code == 302)
+
+
        user = db.session.query(UserModel).filter(UserModel.uid == self.test_uid).first()
        self.assertIsNotNone(user)
        self.assertIsNotNone(user.display_name)
        self.assertIsNotNone(user.email_address)

+        # Hitting the same endpoint again with the same info should not cause an error
+        rv_2 = self.app.get("/v1.0/sso_backdoor", headers=headers, follow_redirects=False)
+        self.assertTrue(rv_1.status_code == 302)
+
    def test_current_user_status(self):
        self.load_example_data()
        rv = self.app.get('/v1.0/user')