Exemplo n.º 1
0
 def test_getUserVOs(self):
     entitlements = [
         'urn:mace:egi.eu:group:vo.test.egi.eu:role=member#aai.egi.eu',
         'urn:mace:egi.eu:group:vo.test2.egi.eu:role=member#aai.egi.eu'
     ]
     res = utils.getUserVOs(entitlements)
     self.assertEquals(res, ['vo.test.egi.eu', 'vo.test2.egi.eu'])
Exemplo n.º 2
0
    def home():
        if not oidc_blueprint.session.authorized:
            return redirect(url_for('login'))

        try:
            account_info = oidc_blueprint.session.get(
                urlparse(settings.oidcUrl)[2] + "/userinfo")
        except (InvalidTokenError, TokenExpiredError):
            flash("Token expired.", 'warning')
            return redirect(url_for('login'))

        if account_info.ok:
            account_info_json = account_info.json()

            session["vos"] = None
            if 'eduperson_entitlement' in account_info_json:
                session["vos"] = utils.getUserVOs(
                    account_info_json['eduperson_entitlement'])

            if settings.oidcGroups:
                user_groups = []
                if 'groups' in account_info_json:
                    user_groups = account_info_json['groups']
                elif 'eduperson_entitlement' in account_info_json:
                    user_groups = account_info_json['eduperson_entitlement']
                if not set(settings.oidcGroups).issubset(user_groups):
                    app.logger.debug(
                        "No match on group membership. User group membership: "
                        + json.dumps(user_groups))
                    message = Markup(
                        'You need to be a member of the following groups: {0}. <br>'
                        ' Please, visit <a href="{1}">{1}</a> and apply for the requested '
                        'membership.'.format(json.dumps(settings.oidcGroups),
                                             settings.oidcUrl))
                    raise Forbidden(description=message)

            session['userid'] = account_info_json['sub']
            if 'name' in account_info_json:
                session['username'] = account_info_json['name']
            else:
                session['username'] = ""
                if 'given_name' in account_info_json:
                    session['username'] = account_info_json['given_name']
                if 'family_name' in account_info_json:
                    session[
                        'username'] += " " + account_info_json['family_name']
                if session['username'] == "":
                    session['username'] = account_info_json['sub']
            if 'email' in account_info_json:
                session['gravatar'] = utils.avatar(account_info_json['email'],
                                                   26)
            else:
                session['gravatar'] = utils.avatar(account_info_json['sub'],
                                                   26)

            return render_template('portfolio.html', templates=toscaInfo)
        else:
            flash("Error getting User info: \n" + account_info.text, 'error')
            return render_template('home.html', oidc_name=settings.oidcName)