school: refactor eduid login

664beaeb · Őry Máté · 16814bd6 · 664beaeb
Commit 664beaeb authored Feb 02, 2013 by Őry Máté
Show whitespace changes
Inline Side-by-side

Showing with 6 additions and 38 deletions

school/views.py
+6 -38

No files found.
--- a/school/views.py
+++ b/school/views.py
@@ -9,7 +9,6 @@ from django.core.mail import mail_managers, send_mail
 from django.db import transaction
 from django.forms import ModelForm, Textarea
 from django.http import Http404
-#from django_shibboleth.forms import BaseRegisterForm
 from django.shortcuts import render, render_to_response, get_object_or_404, redirect
 from django.template import RequestContext
 from django.template.loader import render_to_string
@@ -25,53 +24,21 @@ import logging

 logger = logging.getLogger(__name__)

-
-SHIB_ATTRIBUTE_MAP = {
-    "HTTP_SHIB_IDENTITY_PROVIDER": (True, "idp"),
-    "email": (True, "email"),
-    "sn": (True, "sn"),
-    "givenName": (True, "givenName"),
-    "niifPersonOrgID": (True, "niifPersonOrgID"),
-}
-
-
-def parse_attributes(META):
-    shib_attrs = {}
-    error = False
-    for header, attr in SHIB_ATTRIBUTE_MAP.items():
-        required, name = attr
-        values = META.get(header, None)
-        value = None
-        if values:
-            # If multiple attributes releases just care about the 1st one
-            try:
-                value = values.split(';')[0]
-            except:
-                value = values
-                
-        shib_attrs[name] = value
-        if not value or value == '':
-            if required:
-                error = True
-    return shib_attrs, error
-
 def logout(request):
    auth.logout(request)
    return redirect('/Shibboleth.sso/Logout?return=https%3a%2f%2fcloud.ik.bme.hu%2f')

-
 def login(request):
-    attr, error = parse_attributes(request.META)
-    if not attr['niifPersonOrgID']:
+    try:
+        user = User.objects.get(username=request.META['niifPersonOrgID'])
+    except KeyError:
        messages.error(request, _('EduID is not available.'))
        return redirect('/admin')
-    try:
-        user = User.objects.get(username=attr['niifPersonOrgID'])
    except User.DoesNotExist:
        user = User(username=attr['niifPersonOrgID'])
        user.set_unusable_password()
-    user.first_name = attr['givenName']
-    user.last_name = attr['sn']
+    user.first_name = request.META['givenName']
+    user.last_name = request.META['sn']
    user.email = attr['email']
    user.save()

@@ -79,6 +46,7 @@ def login(request):
    auth.login(request, user)
    logger.warning("Shib login with %s" % request.META)

+
    redirect_to = request.REQUEST.get(auth.REDIRECT_FIELD_NAME, '')
    if not is_safe_url(url=redirect_to, host=request.get_host()):
        redirect_to = settings.LOGIN_REDIRECT_URL