def retrieveAvatar(self, rh):
"""
Login using Shibbolet.
"""
from MaKaC.user import AvatarHolder, Avatar
config = Config.getInstance().getAuthenticatorConfigById(self.id).get("SSOMapping", {})
if config.get('email', 'ADFS_EMAIL') in request.environ:
email = request.environ[config.get("email", "ADFS_EMAIL")]
login = request.environ[config.get("personId", "ADFS_LOGIN")]
personId = request.environ[config.get("personId", "ADFS_PERSONID")]
phone = request.environ.get(config.get("phone", "ADFS_PHONENUMBER"), "")
fax = request.environ.get(config.get("fax", "ADFS_FAXNUMBER"), "")
lastname = request.environ.get(config.get("lastname", "ADFS_LASTNAME"), "")
firstname = request.environ.get(config.get("firstname", "ADFS_FIRSTNAME"), "")
institute = request.environ.get(config.get("institute", "ADFS_HOMEINSTITUTE"), "")
if personId == '-1':
personId = None
ah = AvatarHolder()
av = ah.match({"email": email}, exact=1, onlyActivated=False, searchInAuthenticators=False)
if av:
av = av[0]
# don't allow disabled accounts
if av.isDisabled():
return None
elif not av.isActivated():
av.activateAccount()
av.clearAuthenticatorPersonalData()
av.setAuthenticatorPersonalData('phone', phone)
av.setAuthenticatorPersonalData('fax', fax)
av.setAuthenticatorPersonalData('surName', lastname)
av.setAuthenticatorPersonalData('firstName', firstname)
av.setAuthenticatorPersonalData('affiliation', institute)
if personId != None and personId != av.getPersonId():
av.setPersonId(personId)
else:
avDict = {"email": email,
"name": firstname,
"surName": lastname,
"organisation": institute,
"telephone": phone,
"login": login}
av = Avatar(avDict)
ah.add(av)
av.setPersonId(personId)
av.activateAccount()
self._postLogin(login, av, True)
return av
return None
def retrieveAvatar(self, rh):
"""
Login using Shibbolet.
"""
from MaKaC.user import AvatarHolder, Avatar
config = Config.getInstance().getAuthenticatorConfigById(self.id).get(
"SSOMapping", {})
if config.get('email', 'ADFS_EMAIL') in request.environ:
email = request.environ[config.get("email", "ADFS_EMAIL")]
login = request.environ.get(config.get("login", "ADFS_LOGIN"))
personId = request.environ.get(
config.get("personId", "ADFS_PERSONID"))
phone = request.environ.get(
config.get("phone", "ADFS_PHONENUMBER"), "")
fax = request.environ.get(config.get("fax", "ADFS_FAXNUMBER"), "")
lastname = request.environ.get(
config.get("lastname", "ADFS_LASTNAME"), "")
firstname = request.environ.get(
config.get("firstname", "ADFS_FIRSTNAME"), "")
institute = request.environ.get(
config.get("institute", "ADFS_HOMEINSTITUTE"), "")
if personId == '-1':
personId = None
ah = AvatarHolder()
av = ah.match({"email": email},
exact=1,
onlyActivated=False,
searchInAuthenticators=False)
if av:
av = av[0]
# don't allow disabled accounts
if av.isDisabled():
return None
elif not av.isActivated():
av.activateAccount()
av.clearAuthenticatorPersonalData()
av.setAuthenticatorPersonalData('phone', phone)
av.setAuthenticatorPersonalData('fax', fax)
av.setAuthenticatorPersonalData('surName', lastname)
av.setAuthenticatorPersonalData('firstName', firstname)
av.setAuthenticatorPersonalData('affiliation', institute)
if personId != None and personId != av.getPersonId():
av.setPersonId(personId)
else:
avDict = {
"email": email,
"name": firstname,
"surName": lastname,
"organisation": institute,
"telephone": phone,
"login": login
}
av = Avatar(avDict)
ah.add(av)
av.setPersonId(personId)
av.activateAccount()
self._postLogin(login, av, True)
return av
return None
def autoLogin(self, rh):
"""
Login using Shibbolet.
"""
req = rh._req
req.add_common_vars()
if req.subprocess_env.has_key("ADFS_EMAIL"):
email = req.subprocess_env["ADFS_EMAIL"]
login = req.subprocess_env["ADFS_LOGIN"]
personId = req.subprocess_env["ADFS_PERSONID"]
phone = req.subprocess_env.get("ADFS_PHONENUMBER","")
fax = req.subprocess_env.get("ADFS_FAXNUMBER","")
lastname = req.subprocess_env.get("ADFS_LASTNAME","")
firstname = req.subprocess_env.get("ADFS_FIRSTNAME","")
institute = req.subprocess_env.get("ADFS_HOMEINSTITUTE","")
if personId == '-1':
personId = None
from MaKaC.user import AvatarHolder
ah = AvatarHolder()
av = ah.match({"email":email},exact=1, onlyActivated=False, forceWithoutExtAuth=True)
if av:
av = av[0]
# don't allow disabled accounts
if av.isDisabled():
return None
# # TODO: is this checking necessary?
# if av.getStatus() == 'NotCreated':
# #checking if comming from Nice
# if av.getId()[:len(self.id)] == self.id:
# av.setId("")
# ah.add(av) #XXXXX
# av.activateAccount()
# else:
# return None
# if not activated
elif not av.isActivated():
av.activateAccount()
av.clearAuthenticatorPersonalData()
av.setAuthenticatorPersonalData('phone', phone)
av.setAuthenticatorPersonalData('fax', fax)
av.setAuthenticatorPersonalData('surName', lastname)
av.setAuthenticatorPersonalData('firstName', firstname)
av.setAuthenticatorPersonalData('affiliation', institute)
if phone != '' and phone != av.getPhone() and av.isFieldSynced('phone'):
av.setTelephone(phone)
if fax != '' and fax != av.getFax() and av.isFieldSynced('fax'):
av.setFax(fax)
if lastname != '' and lastname != av.getFamilyName() and av.isFieldSynced('surName'):
av.setSurName(lastname, reindex=True)
if firstname != '' and firstname != av.getFirstName() and av.isFieldSynced('firstName'):
av.setName(firstname, reindex=True)
if institute != '' and institute != av.getAffiliation() and av.isFieldSynced('affiliation'):
av.setAffiliation(institute, reindex=True)
if personId != None and personId != av.getPersonId():
av.setPersonId(personId)
else:
avDict = {"email": email,
"name": firstname,
"surName": lastname,
"organisation": institute,
"telephone": phone,
"login": login}
av = Avatar(avDict)
ah.add(av)
av.setPersonId(personId)
av.activateAccount()
if login != "" and not self.hasKey(login):
ni=NiceIdentity(login, av)
self.add(ni)
if login != "" and self.hasKey(login) and not av.getIdentityById(login, self.getId()):
av.addIdentity(self.getById(login))
return av
return None