def retrieveAvatar(self, rh): """ Login using Shibbolet. """ from MaKaC.user import AvatarHolder, Avatar config = Config.getInstance().getAuthenticatorConfigById(self.id).get("SSOMapping", {}) if config.get('email', 'ADFS_EMAIL') in request.environ: email = request.environ[config.get("email", "ADFS_EMAIL")] login = request.environ[config.get("personId", "ADFS_LOGIN")] personId = request.environ[config.get("personId", "ADFS_PERSONID")] phone = request.environ.get(config.get("phone", "ADFS_PHONENUMBER"), "") fax = request.environ.get(config.get("fax", "ADFS_FAXNUMBER"), "") lastname = request.environ.get(config.get("lastname", "ADFS_LASTNAME"), "") firstname = request.environ.get(config.get("firstname", "ADFS_FIRSTNAME"), "") institute = request.environ.get(config.get("institute", "ADFS_HOMEINSTITUTE"), "") if personId == '-1': personId = None ah = AvatarHolder() av = ah.match({"email": email}, exact=1, onlyActivated=False, searchInAuthenticators=False) if av: av = av[0] # don't allow disabled accounts if av.isDisabled(): return None elif not av.isActivated(): av.activateAccount() av.clearAuthenticatorPersonalData() av.setAuthenticatorPersonalData('phone', phone) av.setAuthenticatorPersonalData('fax', fax) av.setAuthenticatorPersonalData('surName', lastname) av.setAuthenticatorPersonalData('firstName', firstname) av.setAuthenticatorPersonalData('affiliation', institute) if personId != None and personId != av.getPersonId(): av.setPersonId(personId) else: avDict = {"email": email, "name": firstname, "surName": lastname, "organisation": institute, "telephone": phone, "login": login} av = Avatar(avDict) ah.add(av) av.setPersonId(personId) av.activateAccount() self._postLogin(login, av, True) return av return None
def retrieveAvatar(self, rh): """ Login using Shibbolet. """ from MaKaC.user import AvatarHolder, Avatar config = Config.getInstance().getAuthenticatorConfigById(self.id).get( "SSOMapping", {}) if config.get('email', 'ADFS_EMAIL') in request.environ: email = request.environ[config.get("email", "ADFS_EMAIL")] login = request.environ.get(config.get("login", "ADFS_LOGIN")) personId = request.environ.get( config.get("personId", "ADFS_PERSONID")) phone = request.environ.get( config.get("phone", "ADFS_PHONENUMBER"), "") fax = request.environ.get(config.get("fax", "ADFS_FAXNUMBER"), "") lastname = request.environ.get( config.get("lastname", "ADFS_LASTNAME"), "") firstname = request.environ.get( config.get("firstname", "ADFS_FIRSTNAME"), "") institute = request.environ.get( config.get("institute", "ADFS_HOMEINSTITUTE"), "") if personId == '-1': personId = None ah = AvatarHolder() av = ah.match({"email": email}, exact=1, onlyActivated=False, searchInAuthenticators=False) if av: av = av[0] # don't allow disabled accounts if av.isDisabled(): return None elif not av.isActivated(): av.activateAccount() av.clearAuthenticatorPersonalData() av.setAuthenticatorPersonalData('phone', phone) av.setAuthenticatorPersonalData('fax', fax) av.setAuthenticatorPersonalData('surName', lastname) av.setAuthenticatorPersonalData('firstName', firstname) av.setAuthenticatorPersonalData('affiliation', institute) if personId != None and personId != av.getPersonId(): av.setPersonId(personId) else: avDict = { "email": email, "name": firstname, "surName": lastname, "organisation": institute, "telephone": phone, "login": login } av = Avatar(avDict) ah.add(av) av.setPersonId(personId) av.activateAccount() self._postLogin(login, av, True) return av return None
def autoLogin(self, rh): """ Login using Shibbolet. """ req = rh._req req.add_common_vars() if req.subprocess_env.has_key("ADFS_EMAIL"): email = req.subprocess_env["ADFS_EMAIL"] login = req.subprocess_env["ADFS_LOGIN"] personId = req.subprocess_env["ADFS_PERSONID"] phone = req.subprocess_env.get("ADFS_PHONENUMBER","") fax = req.subprocess_env.get("ADFS_FAXNUMBER","") lastname = req.subprocess_env.get("ADFS_LASTNAME","") firstname = req.subprocess_env.get("ADFS_FIRSTNAME","") institute = req.subprocess_env.get("ADFS_HOMEINSTITUTE","") if personId == '-1': personId = None from MaKaC.user import AvatarHolder ah = AvatarHolder() av = ah.match({"email":email},exact=1, onlyActivated=False, forceWithoutExtAuth=True) if av: av = av[0] # don't allow disabled accounts if av.isDisabled(): return None # # TODO: is this checking necessary? # if av.getStatus() == 'NotCreated': # #checking if comming from Nice # if av.getId()[:len(self.id)] == self.id: # av.setId("") # ah.add(av) #XXXXX # av.activateAccount() # else: # return None # if not activated elif not av.isActivated(): av.activateAccount() av.clearAuthenticatorPersonalData() av.setAuthenticatorPersonalData('phone', phone) av.setAuthenticatorPersonalData('fax', fax) av.setAuthenticatorPersonalData('surName', lastname) av.setAuthenticatorPersonalData('firstName', firstname) av.setAuthenticatorPersonalData('affiliation', institute) if phone != '' and phone != av.getPhone() and av.isFieldSynced('phone'): av.setTelephone(phone) if fax != '' and fax != av.getFax() and av.isFieldSynced('fax'): av.setFax(fax) if lastname != '' and lastname != av.getFamilyName() and av.isFieldSynced('surName'): av.setSurName(lastname, reindex=True) if firstname != '' and firstname != av.getFirstName() and av.isFieldSynced('firstName'): av.setName(firstname, reindex=True) if institute != '' and institute != av.getAffiliation() and av.isFieldSynced('affiliation'): av.setAffiliation(institute, reindex=True) if personId != None and personId != av.getPersonId(): av.setPersonId(personId) else: avDict = {"email": email, "name": firstname, "surName": lastname, "organisation": institute, "telephone": phone, "login": login} av = Avatar(avDict) ah.add(av) av.setPersonId(personId) av.activateAccount() if login != "" and not self.hasKey(login): ni=NiceIdentity(login, av) self.add(ni) if login != "" and self.hasKey(login) and not av.getIdentityById(login, self.getId()): av.addIdentity(self.getById(login)) return av return None