def create(self, externalProfile): externalUid = externalProfile.get("externalUid") if externalUid is not None: user = User() user.setUserId(uuid.uuid4().hex) user.setAttribute("oxExternalUid", externalUid, True) return user else: raise AccountError( "Account. Create. External Account is missing externalUid")
def getUser(self, pairwiseId): print "MFA. getUser() called" userService = CdiUtil.bean(UserService) clientService = CdiUtil.bean(ClientService) pairwiseIdentifierService = CdiUtil.bean(PairwiseIdentifierService) facesResources = CdiUtil.bean(FacesResources) # Get the user service and fetch the user # Normally we would fetch by pairwise ID ... however because there is no API for that we save MFA PAI in oxExternalUid externalUid = "sic-mfa:" + pairwiseId print "MFA: getUser(). Looking up user with externalUid = '%s'" % externalUid user = userService.getUserByAttribute("oxExternalUid", externalUid) if (user is None): # Create a new account print "MFA: getUser(). Creating new user with externalUid = '%s'" % (externalUid) newUser = User() userId = uuid.uuid4().hex newUser.setUserId(userId) newUser.setAttribute("oxExternalUid", externalUid) user = userService.addUser(newUser, True) # add a Pairwise Subject Identifier for the OIDC Client facesContext = facesResources.getFacesContext() httpRequest = facesContext.getCurrentInstance().getExternalContext().getRequest() clientId = httpRequest.getParameter("client_id") client = clientService.getClient(clientId) sectorIdentifierUri = client.getRedirectUris()[0] userInum = user.getAttribute("inum") pairwiseSubject = PairwiseIdentifier(sectorIdentifierUri, clientId) pairwiseSubject.setId(pairwiseId) pairwiseSubject.setDn(pairwiseIdentifierService.getDnForPairwiseIdentifier(pairwiseSubject.getId(), userInum)) pairwiseIdentifierService.addPairwiseIdentifier(userInum, pairwiseSubject) return user