providers/saml: add UID field

2019-12-13 13:45:10 +01:00
parent 82cf482fba
commit f22dbba931
2 changed files with 13 additions and 0 deletions
--- a/docs/providers.md
+++ b/docs/providers.md
@ -14,3 +14,10 @@ The API exposes Username, E-Mail, Name and Groups in a GitHub-compatible format.
 ## SAML Provider

 This provider allows you to integrate Enterprise Software using the SAML2 Protocol. It supports signed Requests. This Provider also has [Property Mappings](property-mappings.md#saml-property-mapping), which allows you to expose Vendor-specific Fields.
+Default fields are:
+
+-   `eduPersonPrincipalName`: User's E-Mail
+-   `cn`: User's Full Name
+-   `mail`: User's E-Mail
+-   `displayName`: User's Username
+-   `uid`: User Unique Identifier
--- a/passbook/providers/saml/base.py
+++ b/passbook/providers/saml/base.py
@ -143,6 +143,7 @@ class Processor:

    def _format_assertion(self):
        """Formats _assertion_params as _assertion_xml."""
+        # https://commons.lbl.gov/display/IDMgmt/Attribute+Definitions
        self._assertion_params['ATTRIBUTES'] = [
            {
                'FriendlyName': 'eduPersonPrincipalName',
@ -164,6 +165,11 @@ class Processor:
                'Name': 'urn:oid:2.16.840.1.113730.3.1.241',
                'Value': self._django_request.user.username,
            },
+            {
+                'FriendlyName': 'uid',
+                'Name': 'urn:oid:0.9.2342.19200300.100.1.1',
+                'Value': self._django_request.user.pk,
+            },
        ]
        from passbook.providers.saml.models import SAMLPropertyMapping
        for mapping in self._remote.property_mappings.all().select_subclasses():