darbula / mockdjangosaml2 Goto Github PK
View Code? Open in Web Editor NEWDjango application that mocks functionality of djangosaml2 app for testing and development purposes.
Django application that mocks functionality of djangosaml2 app for testing and development purposes.
In the sample in settings.py you're importing the settings module into itself and using getattr the default value of getattr to set the value of MOCK_SAML2_USERS.
from django.conf import settings
MOCK_SAML2_USERS = getattr(settings, 'MOCK_SAML2_USERS', {...DEFAULT ...}
Why not just set the MOCK_SAML2_USERS?
MOCK_SAML2_USERS = {...DEFAULT...}
I am trying to authenticate with the default user:
[email protected]
somepwd1
However, it doesnt't authenticate, 403 Forbidden is returned.
I have traced the problem to the djangosaml2.backends.Saml2Backend
. I'm not sure if you went into its internals. The failure happens here:
50 for saml_attr, django_fields in attribute_mapping.items():
---> 51 if (django_user_main_attribute in django_fields
52 and saml_attr in attributes):
It fails on the saml_attr in attributes
part. Here are the values at runtime:
ipdb> saml_attr
'uid'
ipdb> attributes
{'givenName': ['Employee'], 'hrEduPersonPrimaryAffiliation': ['djelatnik'], 'cn': ['Employee Surname'], 'hrEduPersonHomeOrg': ['aai-test.hr'], 'mail': ['[email protected]'], 'hrEduPersonOIB': ['12345678902'], 'hrEduPersonUniqueID': ['[email protected]'], 'sn': ['Surname']}
From what it seems,
there is either supposed to be a uid
key in attributes
, or uid
should be named differently. I beleive that the origins of uid
are from:
#mockdjangosaml2/views.py
71 attribute_mapping = get_custom_setting(
'SAML_ATTRIBUTE_MAPPING', {'uid': ('username', )})
What is the location of the output from the logger started here:
#/mockdjangosaml2/views.py
....
logger = logging.getLogger('djangosaml2')
The authentication passes and I want to access the data defined in the mockdjangosaml2 settings. The data I'm interested in is hrEduPersonOIB
.
I've tried adding th following:
SAML_ATTRIBUTE_MAPPING = {
...
'hrEduPersonOIB': ('id',)
}
with the idea that that would allow me to access the data defined for hrEduPersonOIB
through request.user.id.
once the authentication passes.
However, i got an IntegrityError
stating column username is not unique
.
The fail happens here:
#djangosaml2.backends.py
---> 87 user = self.configure_user(user, attributes, attribute_mapping)
ipdb> user
<User: employee@aai-test.hr>
ipdb> attributes
{'givenName': ['Employee'], 'hrEduPersonPrimaryAffiliation': ['djelatnik'], 'cn': ['Employee Surname'], 'hrEduPersonHomeOrg': ['aai-test.hr'], 'mail': ['[email protected]'], 'hrEduPersonOIB': ['12345678902'], 'hrEduPersonUniqueID': ['[email protected]'], 'sn': ['Surname']}
ipdb> attribute_mapping
{'mail': ('email',), 'givenName': ('first_name',), 'hrEduPersonUniqueID': ('username',), 'sn': ('last_name',), 'hrEduPersonOIB': ('id',)}
Further tracedown lead to the problem here:
176 if user_modified or signal_modified or force_save:
--> 177 user.save()
So far I've concluded the following:
username
I believe that the cause of the problem is that fields are not updated because the id
is changed so the already created user is perceived as a new user. However the new user can't be created because the username
field in the database has to be unique
.
Feel free to ignore all the diagnosis above if there is a clean way of accessing hrEduPersonOIB
from request.user
.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.