Exemple #1
0
 def runTest(self):
     """ Tests the ICTVObject SQLObject """
     user = User(fullname='User', email='test@localhost')
     assert user.to_dictionary(['fullname', 'email']) == {
         'fullname': 'User',
         'email': 'test@localhost'
     }
Exemple #2
0
    def post(self):
        """
            Receive the POST binding request from IDP.

             - process the request
            - extract user attributes
            - create a new User if it doesn't exist
            - fill in the session
            - redirect to RelayState or /
        """

        # SAML boiler plate code
        req = prepare_request()
        settings = build_settings(self.config['saml2'])
        # this is the object to interact with the shibboleth parameters
        auth = init_saml_auth(req, settings)
        errors = []
        not_auth_warn = False
        success_slo = False

        input_data = flask.request.form

        if 'acs' in flask.request.args:
            auth.process_response()  # decrypt and extract informations
            errors = auth.get_errors()
            not_auth_warn = not auth.is_authenticated()

            if len(errors) == 0:
                attrs = auth.get_attributes(
                )  # get attributes returned by the shibboleth idp

                for key in attrs.keys():
                    print("(" + key + ", " + str(attrs[key]) + ")")

                username = attrs[settings['sp']['attrs']['username']][0]
                realname = attrs[settings['sp']['attrs']['realname']][0]
                email = attrs[settings['sp']['attrs']['email']][0]

                u = User.selectBy(email=email).getOne(None)
                if not u:  # The user does not exist in our DB
                    u = User(username=username,
                             email=email,
                             fullname=realname,
                             super_admin=False,
                             disabled=True)

                self.session['user'] = u.to_dictionary(
                    ['id', 'fullname', 'username', 'email'])

                self_url = OneLogin_Saml2_Utils.get_self_url(req)
                if 'RelayState' in input_data and self_url != input_data[
                        'RelayState']:
                    return resp.seeother(
                        auth.redirect_to(input_data['RelayState']))

        return resp.seeother('/')