Gitlab CSE Unil

Commit 78868e9d authored by Julien Furrer's avatar Julien Furrer
Browse files

In attp, changed get_or_create_user to have a better support of uniqueId

If a user is created without a uniqueId, but the value of the attribute is given later, it is
added to the user. This address the case when a user is shibbolized afterwards.
parent a0f148cc
......@@ -10,9 +10,10 @@ from time import time
import logging
from django.conf import settings
from django.contrib.auth import login as auth_login, authenticate
from django.contrib.auth import login as auth_login
from django.contrib.auth.models import User
from django.core.cache import cache
from django.db.utils import IntegrityError
from shibauth.models import ShibbUserAttributes
......@@ -88,7 +89,6 @@ def get_request_attp(request):
3 - ...
:param request:
:param as_message: If not True return a tuple with attp_msg64, attp_hash
attp_msg64 = request.META.get('HTTP_X_ATTP_MSG')
......@@ -141,34 +141,55 @@ def get_or_create_user(attp_user):
# attp_attr is the name of the attribute in attp_user,
# model_attr is the corresponding attribute name on the User model,
# given in attr_choice as (attp_attr, model_attr) if same value, only one is enough
attr_choice = ('id', ('uniqueId', 'shibbuserattributes__uid'), ('email', 'username'))
attp_attr = model_attr = None
# determine the attribute to use
for attr in attr_choice:
if type(attr) == tuple:
attp_attr, model_attr = attr
attp_attr = model_attr = attr
if attp_user.get(attp_attr):
# given in attr_choice as (attp_attr, model_attr)
attr_choice = (('id', 'pk'), ('uniqueId', 'shibbuserattributes__uid'), ('email', 'username'))
# Lookup the user, using the various attributes
user = None
if attp_attr and model_attr:
add_uniqueid = False
for (attp_attr, model_attr) in attr_choice:
# The attribute was not provided in the message, continue with next attribute
if not attp_user.get(attp_attr):
# If the user cannot be found with the current attribute, try with the next ones
user = User.objects.get(**{"{}__iexact".format(model_attr): attp_user.get(attp_attr)})
except User.DoesNotExist:
user = User.objects.create_user(
username=attp_user.get('email'), email=attp_user.get('email'),
first_name=attp_user.get('first_name', ''), last_name=attp_user.get('last_name', '')
if attp_user.get('uniqueId') and ShibbUserAttributes:
ShibbUserAttributes.objects.create(user=user, uid=attp_user.get('uniqueId'))
except ValueError:
# Log some message
user = None
add_uniqueid = (model_attr != 'shibbuserattributes__uid')
# user is found, get out of the loop
# If the user could not be found, create it
if user is None:
user = User(username=attp_user.get('email'), email=attp_user.get('email'))
# Update User data
user_changed = False
if attp_user.get('first_name') and user.first_name != attp_user['first_name']: # Update first_name, if provided
user.first_name = attp_user['first_name']
user_changed = True
if attp_user.get('last_name') and user.first_name != attp_user['last_name']: # Update last_name if provided
user.first_name = attp_user['last_name']
user_changed = True
if attp_user.get('email') and != attp_user['email']: # Update email and username if provided = user.username = attp_user['last_name']
user_changed = True
if user_changed:
# Save uniqueId if user has not already one and a value is given
if add_uniqueid and attp_user.get('uniqueId') and ShibbUserAttributes:
ShibbUserAttributes.objects.create(user=user, uid=attp_user.get('uniqueId'))
except IntegrityError:
return user
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment