diff options
| -rw-r--r-- | src/saml2/attribute_converter.py | 42 | ||||
| -rw-r--r-- | tests/test_19_attribute_converter.py | 18 |
2 files changed, 54 insertions, 6 deletions
diff --git a/src/saml2/attribute_converter.py b/src/saml2/attribute_converter.py index 4d411597..cd40fe79 100644 --- a/src/saml2/attribute_converter.py +++ b/src/saml2/attribute_converter.py @@ -432,12 +432,7 @@ class AttributeConverter(object): if name: if name == "urn:oid:1.3.6.1.4.1.5923.1.1.1.10": # special case for eduPersonTargetedID - attr_value = [] - for v in value: - extension_element = ExtensionElement("NameID", NAMESPACE, - attributes={'Format': NAMEID_FORMAT_PERSISTENT}, text=v) - attrval = saml.AttributeValue(extension_elements=[extension_element]) - attr_value.append(attrval) + attr_value = self.to_eptid_value(value) else: attr_value = do_ava(value) attributes.append(factory(saml.Attribute, @@ -452,6 +447,41 @@ class AttributeConverter(object): return attributes + def to_eptid_value(self, value): + """ + Special handling for the attribute with name + urn:oid:1.3.6.1.4.1.5923.1.1.1.10, usually known by the friendly + name eduPersonTargetedID. Create the AttributeValue instance(s) + for the attribute. + + value is either a string or a dictionary with keys 'value', + 'NameQualifier', and 'SPNameQualifier'. + + Returns a list of AttributeValue instances. + """ + attribute_values = [] + + for v in value: + if isinstance(v, dict): + element_attributes = { + 'Format': NAMEID_FORMAT_PERSISTENT, + 'NameQualifier': v['NameQualifier'], + 'SPNameQualifier': v['SPNameQualifier'] + } + text = v['value'] + else: + element_attributes = {'Format': NAMEID_FORMAT_PERSISTENT} + text = v + + element = ExtensionElement("NameID", NAMESPACE, element_attributes, + text=text) + + attrval = saml.AttributeValue(extension_elements=[element]) + + attribute_values.append(attrval) + + return attribute_values + class AttributeConverterNOOP(AttributeConverter): """ Does a NOOP conversion, that is no conversion is made """ diff --git a/tests/test_19_attribute_converter.py b/tests/test_19_attribute_converter.py index 5f60f6d5..99eef12a 100644 --- a/tests/test_19_attribute_converter.py +++ b/tests/test_19_attribute_converter.py @@ -221,6 +221,24 @@ class TestAC(): assert attributes[0].attribute_value[0].extension_elements[0].text == "test value1" assert attributes[0].attribute_value[1].extension_elements[0].text == "test value2" + def test_from_local_eduPersonTargetedID_with_qualifiers(self): + IDP_ENTITY_ID = 'https://some.org/idp' + SP_ENTITY_ID = 'https://some.org/sp' + + ava = {"edupersontargetedid": [{ + 'value': "test value1", + 'NameQualifier': IDP_ENTITY_ID, + 'SPNameQualifier': SP_ENTITY_ID}]} + attributes = from_local(self.acs, ava, URI_NF) + + assert len(attributes) == 1 + + element = attributes[0].attribute_value[0].extension_elements[0] + + assert element.text == "test value1" + assert element.attributes['NameQualifier'] == IDP_ENTITY_ID + assert element.attributes['SPNameQualifier'] == SP_ENTITY_ID + def test_noop_attribute_conversion(): ava = {"urn:oid:2.5.4.4": "Roland", "urn:oid:2.5.4.42": "Hedberg"} |