def define_user(self,
user_id='',
first_name='',
last_name='',
username='',
password='',
email='',
attributes=None):
if user_id:
raise NotImplementedError("Update not supported: user_id=%s" %
user_id)
if not email:
raise BadRequest('Email is required')
username = username or email
user = self._get_user_by_email(email)
if user:
raise BadRequest("Email already taken")
if not username or not is_valid_identifier(username,
valid_chars=EMAIL_VALID):
raise BadRequest("Argument username invalid: %s" % username)
if attributes and type(attributes) is not dict:
raise BadRequest("Argument attributes invalid type")
if not first_name:
first_name = username
attributes = attributes or {}
full_name = ("%s %s" %
(first_name, last_name)) if last_name else first_name
IdentityUtils.check_password_policy(password)
contact = ContactInformation(individual_names_given=first_name,
individual_name_family=last_name,
email=email)
user_profile = UserIdentityDetails(contact=contact, profile=attributes)
actor_obj = ActorIdentity(name=full_name, details=user_profile)
# Support fast setting of credentials without expensive compute of bcrypt hash, for quick preload
pwd_salt, pwd_hash = None, None
if attributes and "scion_init_pwdsalt" in attributes and "scion_init_pwdhash" in attributes:
pwd_salt, pwd_hash = attributes.pop(
"scion_init_pwdsalt"), attributes.pop("scion_init_pwdhash")
user_exists = self.idm_client.is_user_existing(username)
if user_exists:
raise BadRequest("Username already taken")
actor_id = self.idm_client.create_actor_identity(actor_obj)
if pwd_salt and pwd_hash:
# Add to credentials
actor_obj1 = self.rr.read(actor_id)
cred_obj = None
for cred in actor_obj1.credentials:
if cred.username == username:
cred_obj = cred
break
if not cred_obj:
cred_obj = Credentials()
cred_obj.username = username
actor_obj1.credentials.append(cred_obj)
actor_obj1.alt_ids.append("UNAME:" + username)
cred_obj.identity_provider = "SciON"
cred_obj.authentication_service = "SciON IdM"
cred_obj.password_salt = pwd_salt
cred_obj.password_hash = pwd_hash
self.rr.update(actor_obj1)
else:
self.idm_client.set_actor_credentials(actor_id, username, password)
return actor_id
def define_user(self, user_id='', first_name='', last_name='', username='', password='',
email='', attributes=None):
if user_id:
raise NotImplementedError("Update not supported: user_id=%s" % user_id)
if not email:
raise BadRequest('Email is required')
username = username or email
user = self._get_user_by_email(email)
if user:
raise BadRequest("Email already taken")
if not username or not is_valid_identifier(username, valid_chars=EMAIL_VALID):
raise BadRequest("Argument username invalid: %s" % username)
if attributes and type(attributes) is not dict:
raise BadRequest("Argument attributes invalid type")
if not first_name:
first_name = username
attributes = attributes or {}
full_name = ("%s %s" % (first_name, last_name)) if last_name else first_name
IdentityUtils.check_password_policy(password)
contact = ContactInformation(individual_names_given=first_name, individual_name_family=last_name, email=email)
user_profile = UserIdentityDetails(contact=contact, profile=attributes)
actor_obj = ActorIdentity(name=full_name, details=user_profile)
# Support fast setting of credentials without expensive compute of bcrypt hash, for quick preload
pwd_salt, pwd_hash = None, None
if attributes and "scion_init_pwdsalt" in attributes and "scion_init_pwdhash" in attributes:
pwd_salt, pwd_hash = attributes.pop("scion_init_pwdsalt"), attributes.pop("scion_init_pwdhash")
user_exists = self.idm_client.is_user_existing(username)
if user_exists:
raise BadRequest("Username already taken")
actor_id = self.idm_client.create_actor_identity(actor_obj)
if pwd_salt and pwd_hash:
# Add to credentials
actor_obj1 = self.rr.read(actor_id)
cred_obj = None
for cred in actor_obj1.credentials:
if cred.username == username:
cred_obj = cred
break
if not cred_obj:
cred_obj = Credentials()
cred_obj.username = username
actor_obj1.credentials.append(cred_obj)
actor_obj1.alt_ids.append("UNAME:" + username)
cred_obj.identity_provider = "SciON"
cred_obj.authentication_service = "SciON IdM"
cred_obj.password_salt = pwd_salt
cred_obj.password_hash = pwd_hash
self.rr.update(actor_obj1)
else:
self.idm_client.set_actor_credentials(actor_id, username, password)
return actor_id
