def _populate_user_from_attributes(self): for field, attr in self.settings.USER_ATTR_MAP.items(): try: value = self.attrs[attr][0] value = value.strip() if attr.lower() == 'useraccountcontrol' \ and field == 'is_active' and value: value = int(value) & LDAP_AD_ACCOUNT_DISABLE \ != LDAP_AD_ACCOUNT_DISABLE except LookupError: logger.warning( "{} does not have a value for the attribute {}".format( self.dn, attr)) else: if not hasattr(self._user, field): continue if isinstance(getattr(self._user, field), bool): if isinstance(value, str): value = value.lower() value = value in ['true', '1', True] setattr(self._user, field, value) email = getattr(self._user, 'email', '') email = construct_user_email(self._user.username, email) setattr(self._user, 'email', email)
def get_or_create_user_from_claims(self, request, claims): log_prompt = "Get or Create user from claims [ActionForUser]: {}" logger.debug(log_prompt.format('start')) sub = claims['sub'] # Construct user attrs value user_attrs = {} for field, attr in settings.AUTH_OPENID_USER_ATTR_MAP.items(): user_attrs[field] = claims.get(attr, sub) email = user_attrs.get('email', '') email = construct_user_email(user_attrs.get('username'), email) user_attrs.update({'email': email}) logger.debug(log_prompt.format(user_attrs)) username = user_attrs.get('username') name = user_attrs.get('name') user, created = get_user_model().objects.get_or_create( username=username, defaults=user_attrs) logger.debug( log_prompt.format("user: {}|created: {}".format(user, created))) logger.debug( log_prompt.format("Send signal => openid create or update user")) openid_create_or_update_user.send(sender=self.__class__, request=request, user=user, created=created, name=name, username=username, email=email) return user, created
def _populate_user_from_attributes(self): for field, attr in self.settings.USER_ATTR_MAP.items(): try: value = self.attrs[attr][0] except LookupError: logger.warning("{} does not have a value for the attribute {}".format(self.dn, attr)) else: if not hasattr(self._user, field): continue if isinstance(getattr(self._user, field), bool): value = value.lower() in ['true', '1'] setattr(self._user, field, value) email = getattr(self._user, 'email', '') email = construct_user_email(email, self._user.username) setattr(self._user, 'email', email)
def _update_or_create(self, token_response): """ Update or create an user based on a token response. `token_response` contains the items returned by the OpenIDConnect Token API end-point: - id_token - access_token - expires_in - refresh_token - refresh_expires_in :param dict token_response: :rtype: OpenIDTokenProfile """ userinfo = self.get_userinfo(token=token_response['access_token']) with transaction.atomic(): name = userinfo.get('name', '') username = userinfo.get('preferred_username', ''), email = userinfo.get('email', '') email = construct_user_email(username, email) user, created = get_user_model().objects.update_or_create( username=username, defaults={ 'name': name, 'email': email, 'first_name': userinfo.get('given_name', ''), 'last_name': userinfo.get('family_name', ''), }) oidt_profile = OpenIDTokenProfile( user=user, access_token=token_response['access_token'], refresh_token=token_response['refresh_token'], ) if user: post_create_or_update_openid_user.send(sender=user.__class__, user=user, created=created) return oidt_profile
def get_user_email(user): username = user['username'] email = user['email'] email = construct_user_email(username, email) return email
def construct_user_email(user_item): username = user_item['username'] email = user_item.get('email', '') email = construct_user_email(username, email) return email