diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/saml2/attribute_converter.py | 44 |
1 files changed, 38 insertions, 6 deletions
diff --git a/src/saml2/attribute_converter.py b/src/saml2/attribute_converter.py index 4d411597..bc937702 100644 --- a/src/saml2/attribute_converter.py +++ b/src/saml2/attribute_converter.py @@ -432,12 +432,7 @@ class AttributeConverter(object): if name: if name == "urn:oid:1.3.6.1.4.1.5923.1.1.1.10": # special case for eduPersonTargetedID - attr_value = [] - for v in value: - extension_element = ExtensionElement("NameID", NAMESPACE, - attributes={'Format': NAMEID_FORMAT_PERSISTENT}, text=v) - attrval = saml.AttributeValue(extension_elements=[extension_element]) - attr_value.append(attrval) + attr_value = self.to_eptid_value(value) else: attr_value = do_ava(value) attributes.append(factory(saml.Attribute, @@ -452,6 +447,43 @@ class AttributeConverter(object): return attributes + def to_eptid_value(self, values): + """ + Create AttributeValue instances of NameID from the given values. + + Special handling for the "eptid" attribute + Name=urn:oid:1.3.6.1.4.1.5923.1.1.1.10 + FriendlyName=eduPersonTargetedID + + values is a list of items of type str or dict. When an item is a + dictionary it has the keys: "NameQualifier", "SPNameQualifier", and + "text". + + Returns a list of AttributeValue instances of NameID elements. + """ + + def _create_nameid_ext_el(value): + text = value["text"] if isinstance(value, dict) else value + attributes = ( + { + "Format": NAMEID_FORMAT_PERSISTENT, + "NameQualifier": value["NameQualifier"], + "SPNameQualifier": value["SPNameQualifier"], + } + if isinstance(value, dict) + else {"Format": NAMEID_FORMAT_PERSISTENT} + ) + element = ExtensionElement( + "NameID", NAMESPACE, attributes=attributes, text=text + ) + return element + + attribute_values = [ + saml.AttributeValue(extension_elements=[_create_nameid_ext_el(v)]) + for v in values + ] + return attribute_values + class AttributeConverterNOOP(AttributeConverter): """ Does a NOOP conversion, that is no conversion is made """ |