def userdata_from_saml_assertion(claims, data_field='email', config=None): """ From a set of SAML claims processed into a dict, extract a claim for the desired property based on system settings and the specific Saml2Config, if that claim exists. Raise ValidationError if missing :param claims: dict :param data_field: str ('email', 'first_name', 'last_name') :param config: Saml2Configuration :return: str """ config_settings = config.custom_settings_data configured_keys = { 'email': set(settings.SAML_EMAIL_KEYS) | set(config_settings.get('email', [])), 'first_name': set(settings.SAML_FIRST_NAME_KEYS) | set(config_settings.get('first_name', [])), 'last_name': set(settings.SAML_LAST_NAME_KEYS) | set(config_settings.get('last_name', [])) } if len(configured_keys[data_field] & set(claims.keys())) == 0: raise ValidationError( 'Missing {} in SAML assertions, received {}'.format( data_field, list(claims.keys()))) return [ list_of(claims[key])[0] for key in configured_keys[data_field] if key in claims ][0]
def get_or_create_from_ob2(self, badgeclass, assertion_obo, recipient_identifier, recipient_type='email', source=None, original_json=None): source_url = assertion_obo.get('id') local_object = self.get_local_object(source_url) if local_object: return local_object, False image_url = assertion_obo.get('image', None) image = None if image_url is None: image = badgeclass.image.file image.name = os.path.split(image.name)[1] else: if isinstance(image_url, dict): image_url = image_url.get('id') image = _fetch_image_and_get_file(image_url, self.ALLOWED_MINE_TYPES, upload_to='remote/assertion') issued_on = None if 'issuedOn' in assertion_obo: issued_on = dateutil.parser.parse(assertion_obo.get('issuedOn')) badgeinstance, created = self.get_or_create( source_url=assertion_obo.get('id'), defaults=dict(recipient_identifier=recipient_identifier, recipient_type=recipient_type, hashed=assertion_obo.get('recipient', {}).get('hashed', True), source=source if source is not None else 'local', original_json=original_json, badgeclass=badgeclass, issuer=badgeclass.cached_issuer, image=image, acceptance=self.model.ACCEPTANCE_ACCEPTED, narrative=assertion_obo.get('narrative', None), issued_on=issued_on)) if created: evidence = list_of(assertion_obo.get('evidence', None)) if evidence: from issuer.models import BadgeInstanceEvidence for evidence_item in evidence: if isinstance(evidence_item, basestring): # we got an IRI as 'evidence' value BadgeInstanceEvidence.objects.create( badgeinstance=badgeinstance, evidence_url=evidence_item) else: # we got a single evidence item dict BadgeInstanceEvidence.objects.create_from_ob2( badgeinstance, evidence_item) return badgeinstance, created
def to_representation(self, instance): errors_list = self.validation_errors for key in self.field_errors.keys(): this_field_errors = self.field_errors.get(key) errors_list.append("{}: {}".format( key, str(list_of(this_field_errors[0])[0]))) return { 'error': errors_list[0], 'error_description': '; '.join(errors_list) }
def get_or_create_from_ob2(self, badgeclass, assertion_obo, recipient_identifier, source=None, original_json=None): source_url = assertion_obo.get('id') local_object = self.get_local_object(source_url) if local_object: return local_object, False image_url = assertion_obo.get('image', None) image = None if image_url is None: image = badgeclass.image.file else: if isinstance(image_url, dict): image_url = image_url.get('id') image = _fetch_image_and_get_file(image_url, upload_to='remote/assertion') issued_on = None if 'issuedOn' in assertion_obo: issued_on = dateutil.parser.parse(assertion_obo.get('issuedOn')) badgeinstance, created = self.get_or_create( source_url=assertion_obo.get('id'), defaults=dict( recipient_identifier=recipient_identifier, hashed=assertion_obo.get('recipient', {}).get('hashed', True), source=source if source is not None else 'local', original_json=original_json, badgeclass=badgeclass, issuer=badgeclass.cached_issuer, image=image, acceptance=self.model.ACCEPTANCE_ACCEPTED, narrative=assertion_obo.get('narrative', None), issued_on=issued_on ) ) if created: evidence = list_of(assertion_obo.get('evidence', None)) if evidence: from issuer.models import BadgeInstanceEvidence for evidence_item in evidence: if isinstance(evidence_item, basestring): # we got an IRI as 'evidence' value BadgeInstanceEvidence.objects.create( badgeinstance=badgeinstance, evidence_url=evidence_item ) else: # we got a single evidence item dict BadgeInstanceEvidence.objects.create_from_ob2(badgeinstance, evidence_item) return badgeinstance, created
def update_from_ob2(self, badgeclass, assertion_obo, recipient_identifier, recipient_type='email', original_json=None): image = None image_url = assertion_obo.get('image', None) if isinstance(image_url, dict): image_url = image_url.get('id') if image_url: image = _fetch_image_and_get_file(image_url, self.ALLOWED_MINE_TYPES, upload_to='remote/assertion') issued_on = None if 'issuedOn' in assertion_obo: issued_on = dateutil.parser.parse(assertion_obo.get('issuedOn')) updated, created = self.update_or_create( source_url=assertion_obo.get('id'), defaults=dict(recipient_identifier=recipient_identifier, recipient_type=recipient_type, hashed=assertion_obo.get('recipient', {}).get('hashed', True), original_json=original_json, badgeclass=badgeclass, issuer=badgeclass.cached_issuer, image=image, acceptance=self.model.ACCEPTANCE_ACCEPTED, narrative=assertion_obo.get('narrative', None), issued_on=issued_on)) evidence = list_of(assertion_obo.get('evidence', None)) evidence_items = [] for item in evidence: if isinstance(item, six.string_types): evidence_items.append({ 'evidence_url': item }) # convert string/url type evidence to consistent format elif hasattr(item, 'get'): evidence_items.append({ 'evidence_url': item.get('id'), 'narrative': item.get('narrative') }) updated.evidence_items = evidence_items return updated, created
def get_or_create_from_ob2(self, badgeclass, assertion_obo, recipient_identifier, recipient_type='email', source=None, original_json=None, image=None): source_url = assertion_obo.get('id') local_object = self.get_local_object(source_url) if local_object: return local_object, False issued_on = None if 'issuedOn' in assertion_obo: issued_on = dateutil.parser.parse(assertion_obo.get('issuedOn')) badgeinstance, created = self.get_or_create( source_url=assertion_obo.get('id'), defaults=dict(recipient_identifier=recipient_identifier, recipient_type=recipient_type, hashed=assertion_obo.get('recipient', {}).get('hashed', True), source=source if source is not None else 'local', original_json=original_json, badgeclass=badgeclass, issuer=badgeclass.cached_issuer, image=image, acceptance=self.model.ACCEPTANCE_ACCEPTED, narrative=assertion_obo.get('narrative', None), issued_on=issued_on)) if created: evidence = list_of(assertion_obo.get('evidence', None)) if evidence: from issuer.models import BadgeInstanceEvidence for evidence_item in evidence: if isinstance(evidence_item, str): # we got an IRI as 'evidence' value BadgeInstanceEvidence.objects.create( badgeinstance=badgeinstance, evidence_url=evidence_item) else: # we got a single evidence item dict BadgeInstanceEvidence.objects.create_from_ob2( badgeinstance, evidence_item) return badgeinstance, created
def filter_value(value): if len([v for v in list_of(value) if not isinstance(v, str)]): return list() return list_of(value)