|
|
|
@ -1,11 +1,14 @@
@@ -1,11 +1,14 @@
|
|
|
|
|
# import the logging library |
|
|
|
|
from .models import Token |
|
|
|
|
from hawkrest import HawkAuthentication |
|
|
|
|
from rest_framework import exceptions |
|
|
|
|
import django.utils |
|
|
|
|
import logging |
|
|
|
|
import django.utils |
|
|
|
|
from mozilla_django_oidc.auth import OIDCAuthenticationBackend |
|
|
|
|
|
|
|
|
|
from hawkrest import HawkAuthentication |
|
|
|
|
from rest_framework import exceptions |
|
|
|
|
|
|
|
|
|
from apps.university.models import Faculty, University |
|
|
|
|
from .models import Token |
|
|
|
|
|
|
|
|
|
# Get an instance of a logger |
|
|
|
|
logger = logging.getLogger(__name__) |
|
|
|
|
|
|
|
|
@ -76,31 +79,82 @@ class APIHawk(HawkAuthentication):
@@ -76,31 +79,82 @@ class APIHawk(HawkAuthentication):
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class VRE_OIDC_Researcher_Update(OIDCAuthenticationBackend): |
|
|
|
|
"""Update the logged in user his/her first and last name based on Surfconext login |
|
|
|
|
"""Update the logged in user his/her first and last name based on SURFconext login |
|
|
|
|
|
|
|
|
|
This is done after each login. |
|
|
|
|
""" |
|
|
|
|
|
|
|
|
|
def create_user(self, claims): |
|
|
|
|
user = super().create_user(claims) |
|
|
|
|
def __get_or_create_faculty(self, claims): |
|
|
|
|
# Not sure how to handle this. For now, first matched faculty is used, or else first in provided list is created and used |
|
|
|
|
# We cannot handle multiple faculties for now |
|
|
|
|
|
|
|
|
|
email_domain = claims.get('schac_home_organization', '') |
|
|
|
|
faculty_list = claims.get('ou', []) |
|
|
|
|
|
|
|
|
|
if '' == email_domain or len(faculty_list) == 0: |
|
|
|
|
return None |
|
|
|
|
|
|
|
|
|
university = University.objects.filter(email__endswith=f'@{email_domain}').first() |
|
|
|
|
if university is None: |
|
|
|
|
# University is not known in the VRE. Cant update faculty data |
|
|
|
|
return None |
|
|
|
|
|
|
|
|
|
user.first_name = claims.get('given_name', '') |
|
|
|
|
user.last_name = claims.get('family_name', '') |
|
|
|
|
user.save() |
|
|
|
|
# Find the first available faculty based on the provided list and university |
|
|
|
|
faculty = Faculty.objects.filter(name__in=faculty_list, university=university).first() |
|
|
|
|
if faculty is None: |
|
|
|
|
# Create a new faculty, as we do not know it. |
|
|
|
|
faculty = Faculty.objects.create(name=faculty_list[0], university=university) |
|
|
|
|
|
|
|
|
|
return faculty |
|
|
|
|
|
|
|
|
|
def __enhance_user(self, user, claims): |
|
|
|
|
update_user = False |
|
|
|
|
# Update first name |
|
|
|
|
if (claims.get('given_name', '') != '' and claims.get('given_name') != user.first_name): |
|
|
|
|
user.first_name = claims.get('given_name') |
|
|
|
|
update_user = True |
|
|
|
|
|
|
|
|
|
# Update last name |
|
|
|
|
if (claims.get('family_name', '') != '' and claims.get('family_name') != user.last_name): |
|
|
|
|
user.last_name = claims.get('family_name') |
|
|
|
|
update_user = True |
|
|
|
|
|
|
|
|
|
# Update email address (from a private invitation) |
|
|
|
|
if (claims.get('email', '') != '' and claims.get('email') != user.email): |
|
|
|
|
user.email = claims.get('email') |
|
|
|
|
update_user = True |
|
|
|
|
|
|
|
|
|
# Save changes to the database |
|
|
|
|
if update_user: |
|
|
|
|
user.save() |
|
|
|
|
|
|
|
|
|
update_researcher = False |
|
|
|
|
# Update ID number (P-number) |
|
|
|
|
idnumber = claims.get('eduperson_principal_name', '').split('@')[0].lower() |
|
|
|
|
user.researcher.idnumber = idnumber |
|
|
|
|
user.researcher.save() |
|
|
|
|
if idnumber != user.researcher.idnumber: |
|
|
|
|
user.researcher.idnumber = idnumber |
|
|
|
|
update_researcher = True |
|
|
|
|
|
|
|
|
|
# Get or create the faculty based on the logged in user his/her claims |
|
|
|
|
faculty = self.__get_or_create_faculty(claims) |
|
|
|
|
|
|
|
|
|
# Update faculty if it is known and not the same as the existing one of the researcher |
|
|
|
|
if faculty != None and faculty != user.researcher.faculty: |
|
|
|
|
user.researcher.faculty = faculty |
|
|
|
|
update_researcher = True |
|
|
|
|
|
|
|
|
|
# Save changes to the database |
|
|
|
|
if update_researcher: |
|
|
|
|
user.researcher.save() |
|
|
|
|
|
|
|
|
|
def create_user(self, claims): |
|
|
|
|
user = super().create_user(claims) |
|
|
|
|
|
|
|
|
|
self.__enhance_user(user, claims) |
|
|
|
|
|
|
|
|
|
return user |
|
|
|
|
|
|
|
|
|
def update_user(self, user, claims): |
|
|
|
|
user.first_name = claims.get('given_name', '') |
|
|
|
|
user.last_name = claims.get('family_name', '') |
|
|
|
|
user.save() |
|
|
|
|
|
|
|
|
|
idnumber = claims.get('eduperson_principal_name', '').split('@')[0].lower() |
|
|
|
|
user.researcher.idnumber = idnumber |
|
|
|
|
user.researcher.save() |
|
|
|
|
self.__enhance_user(user, claims) |
|
|
|
|
|
|
|
|
|
return user |
|
|
|
|