Skip to content

Commit

Permalink
feat: add metadata_store to context
Browse files Browse the repository at this point in the history
Added a function that collects metadata for swamid-satosa metainfo plugin
for non-SAML backends. The metadata is collected into dictionary and
added to the context. The functionality added is similar to saml backend
where the context is decorated with metadata of mdstore type.
  • Loading branch information
kofzera committed Jun 20, 2023
1 parent 014e121 commit 73d2201
Show file tree
Hide file tree
Showing 6 changed files with 40 additions and 4 deletions.
10 changes: 6 additions & 4 deletions src/satosa/backends/apple.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,18 +19,20 @@
from satosa.internal import InternalData
from .base import BackendModule
from .oauth import get_metadata_desc_for_oauth_backend
from .oauth import _get_metadata_to_decorate
from ..context import Context
from ..exception import SATOSAAuthenticationError, SATOSAError
from ..response import Redirect

import json
import requests


logger = logging.getLogger(__name__)

NONCE_KEY = "oidc_nonce"
STATE_KEY = "oidc_state"


# https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple
class AppleBackend(BackendModule):
"""Sign in with Apple backend"""
Expand Down Expand Up @@ -240,8 +242,8 @@ def response_endpoint(self, context, *args):
)
logger.error(logline)
raise SATOSAAuthenticationError(context.state, "No user info available.")

all_user_claims = dict(list(userinfo.items()) + list(id_token_claims.items()))
context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
msg = "UserInfo: {}".format(all_user_claims)
logline = lu.LOG_FMT.format(id=lu.get_session_id(context.state), message=msg)
logger.debug(logline)
Expand Down Expand Up @@ -313,7 +315,7 @@ def _create_client(provider_metadata, client_metadata, verify_ssl=True):
)

client.subject_type = (
client.registration_response.get("subject_type")
or client.provider_info["subject_types_supported"][0]
client.registration_response.get("subject_type")
or client.provider_info["subject_types_supported"][0]
)
return client
3 changes: 3 additions & 0 deletions src/satosa/backends/github.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@
from oic.oauth2.message import AuthorizationResponse

from satosa.backends.oauth import _OAuthBackend
from .oauth import _get_metadata_to_decorate
from satosa.context import Context
from satosa.internal import AuthenticationInformation
from satosa.internal import InternalData
from satosa.response import Redirect
Expand Down Expand Up @@ -99,6 +101,7 @@ def _authn_response(self, context):
internal_response.attributes = self.converter.to_internal(
self.external_type, user_info)
internal_response.subject_id = str(user_info[self.user_id_attr])
context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
return self.auth_callback_func(context, internal_response)

def user_information(self, access_token):
Expand Down
3 changes: 3 additions & 0 deletions src/satosa/backends/linkedin.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@
from oic.oauth2.message import AuthorizationResponse

from satosa.backends.oauth import _OAuthBackend
from .oauth import _get_metadata_to_decorate
from satosa.context import Context
from satosa.internal import AuthenticationInformation
from satosa.internal import InternalData
from satosa.response import Redirect
Expand Down Expand Up @@ -110,6 +112,7 @@ def _authn_response(self, context):
self.external_type, user_info)

internal_response.subject_id = user_info[self.user_id_attr]
context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
return self.auth_callback_func(context, internal_response)

def user_information(self, access_token, api):
Expand Down
21 changes: 21 additions & 0 deletions src/satosa/backends/oauth.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
from oic.utils.authn.authn_context import UNSPECIFIED

import satosa.logging_util as lu
from satosa.context import Context
from satosa.internal import AuthenticationInformation
from satosa.internal import InternalData
from satosa.exception import SATOSAAuthenticationError
Expand Down Expand Up @@ -145,6 +146,7 @@ def _authn_response(self, context):
internal_response = InternalData(auth_info=self.auth_info(context.request))
internal_response.attributes = self.converter.to_internal(self.external_type, user_info)
internal_response.subject_id = user_info[self.user_id_attr]
context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
return self.auth_callback_func(context, internal_response)

def auth_info(self, request):
Expand Down Expand Up @@ -331,3 +333,22 @@ def get_metadata_desc_for_oauth_backend(entity_id, config):

metadata_description.append(description)
return metadata_description


def _get_metadata_to_decorate(config):
metadata_dict = {}
if "entity_info" in config:
entity_info = config["entity_info"]
if "ui_info" in entity_info:
ui_info = entity_info["ui_info"]
for name in ui_info.get("display_name", []):
if name[1] == "en":
metadata_dict["client_name"] = name[0]
metadata_dict["client_name#" + name[1]] = name[0]
for logo in ui_info.get("logo", []):
if logo["lang"] == "en":
metadata_dict["logo_uri"] = logo["image"]
metadata_dict["logo_width"] = logo["width"]
metadata_dict["logo_height"] = logo["height"]
metadata_dict["logo_uri#" + logo["lang"]] = logo["image"]
return metadata_dict
4 changes: 4 additions & 0 deletions src/satosa/backends/openid_connect.py
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@
from ..exception import SATOSAAuthenticationError
from ..exception import SATOSAError
from ..exception import SATOSAMissingStateError
from .oauth import _get_metadata_to_decorate
from ..context import Context
from ..exception import SATOSAAuthenticationError, SATOSAError
from ..response import Redirect


Expand Down Expand Up @@ -242,6 +245,7 @@ def response_endpoint(self, context, *args):
logger.error(logline)
raise SATOSAAuthenticationError(context.state, "No user info available.")

context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
all_user_claims = dict(list(userinfo.items()) + list(id_token_claims.items()))
msg = "UserInfo: {}".format(all_user_claims)
logline = lu.LOG_FMT.format(id=lu.get_session_id(context.state), message=msg)
Expand Down
3 changes: 3 additions & 0 deletions src/satosa/backends/orcid.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,10 @@
from oic.utils.authn.authn_context import UNSPECIFIED
from oic.oauth2.consumer import stateID
from oic.oauth2.message import AuthorizationResponse
from .oauth import _get_metadata_to_decorate

from satosa.backends.oauth import _OAuthBackend
from satosa.context import Context
from satosa.internal import InternalData
from satosa.internal import AuthenticationInformation
from satosa.util import rndstr
Expand Down Expand Up @@ -79,6 +81,7 @@ def _authn_response(self, context):
internal_response.attributes = self.converter.to_internal(
self.external_type, user_info)
internal_response.subject_id = user_info[self.user_id_attr]
context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
return self.auth_callback_func(context, internal_response)

def user_information(self, access_token, orcid, name=None):
Expand Down

0 comments on commit 73d2201

Please sign in to comment.