school: refactor eduid login

school/views.py

@@ -9,7 +9,6 @@ from django.core.mail import mail_managers, send_mail
 from django.db import transaction
 from django.db import transaction
 from django.forms import ModelForm, Textarea
 from django.forms import ModelForm, Textarea
 from django.http import Http404
 from django.http import Http404
-#from django_shibboleth.forms import BaseRegisterForm
 from django.shortcuts import render, render_to_response, get_object_or_404, redirect
 from django.shortcuts import render, render_to_response, get_object_or_404, redirect
 from django.template import RequestContext
 from django.template import RequestContext
 from django.template.loader import render_to_string
 from django.template.loader import render_to_string
@@ -25,53 +24,21 @@ import logging
 
 
 logger = logging.getLogger(__name__)
 logger = logging.getLogger(__name__)
 
 
-
-SHIB_ATTRIBUTE_MAP = {
-    "HTTP_SHIB_IDENTITY_PROVIDER": (True, "idp"),
-    "email": (True, "email"),
-    "sn": (True, "sn"),
-    "givenName": (True, "givenName"),
-    "niifPersonOrgID": (True, "niifPersonOrgID"),
-}
-
-
-def parse_attributes(META):
-    shib_attrs = {}
-    error = False
-    for header, attr in SHIB_ATTRIBUTE_MAP.items():
-        required, name = attr
-        values = META.get(header, None)
-        value = None
-        if values:
-            # If multiple attributes releases just care about the 1st one
-            try:
-                value = values.split(';')[0]
-            except:
-                value = values
-                
-        shib_attrs[name] = value
-        if not value or value == '':
-            if required:
-                error = True
-    return shib_attrs, error
-
 def logout(request):
 def logout(request):
     auth.logout(request)
     auth.logout(request)
     return redirect('/Shibboleth.sso/Logout?return=https%3a%2f%2fcloud.ik.bme.hu%2f')
     return redirect('/Shibboleth.sso/Logout?return=https%3a%2f%2fcloud.ik.bme.hu%2f')
 
 
-
 def login(request):
 def login(request):
-    attr, error = parse_attributes(request.META)
-    if not attr['niifPersonOrgID']:
-        messages.error(request, _('EduID is not available.'))
-	return redirect('/admin')
     try:
     try:
-        user = User.objects.get(username=attr['niifPersonOrgID'])
+        user = User.objects.get(username=request.META['niifPersonOrgID'])
+    except KeyError:
+        messages.error(request, _('EduID is not available.'))
+        return redirect('/admin')
     except User.DoesNotExist:
     except User.DoesNotExist:
         user = User(username=attr['niifPersonOrgID'])
         user = User(username=attr['niifPersonOrgID'])
-    user.set_unusable_password()
-    user.first_name = attr['givenName']
-    user.last_name = attr['sn']
+        user.set_unusable_password()
+    user.first_name = request.META['givenName']
+    user.last_name = request.META['sn']
     user.email = attr['email']
     user.email = attr['email']
     user.save()
     user.save()
 
 
@@ -79,6 +46,7 @@ def login(request):
     auth.login(request, user)
     auth.login(request, user)
     logger.warning("Shib login with %s" % request.META)
     logger.warning("Shib login with %s" % request.META)
 
 
+
     redirect_to = request.REQUEST.get(auth.REDIRECT_FIELD_NAME, '')
     redirect_to = request.REQUEST.get(auth.REDIRECT_FIELD_NAME, '')
     if not is_safe_url(url=redirect_to, host=request.get_host()):
     if not is_safe_url(url=redirect_to, host=request.get_host()):
         redirect_to = settings.LOGIN_REDIRECT_URL
         redirect_to = settings.LOGIN_REDIRECT_URL