c00kiemon5ter/fallback_processor.py

## fallback_processor.py
from ..attribute_processor import AttributeProcessorError
from .base_processor import BaseProcessor


CONFIG_KEY_ERROR = 'on_error'
CONFIG_KEY_ERROR_DEFAULT = ''

CONFIG_KEY_FALLBACK = 'fallbacks'
CONFIG_KEY_FALLBACK_DEFAULT = []

CONFIG_KEY_FALLBACK_NAMES = 'names'
CONFIG_KEY_FALLBACK_NAMES_DEFAULT = []

CONFIG_KEY_FALLBACK_SCOPE = 'scope'
CONFIG_KEY_FALLBACK_SCOPE_DEFAULT = None

CONFIG_KEY_FALLBACK_FORMAT = 'format'
CONFIG_KEY_FALLBACK_FORMAT_DEFAULT = None


class CombineProcessor(BaseProcessor):
    """
    example configuration:
        # file attribute_processor.yaml
        module: satosa.micro_services.attribute_processor.AttributeProcessor
        name: AttributeProcessor
        config:
          process:
          - attribute: epuid
            processors:
            - name: CombineProcessor
              module: satosa.micro_services.processors.fallback_processor
              fallbacks:
              - names: [epuid, name_id]
                format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
              - names: [epuid]
              - names: [eppn, name_id]
                format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
              - names: [eppn, edupersontargetedid]
              - names: [eppn]
              - names: [name_id]
                scope: 'foo'
                format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
              - names: [edupersontargetedid]
                scope: 'bar'
              on_error: 'https://example.com/path/to/some/endpoint'
    """
    def process(self, internal_data, attribute, **kwargs):
        value = None
        attributes = internal_data.attributes
        fallbacks = kwargs.get(
            CONFIG_KEY_FALLBACK,
            CONFIG_KEY_FALLBACK_DEFAULT)

        for attr in fallbacks:
            names = attr.get(
                CONFIG_KEY_FALLBACK_NAMES,
                CONFIG_KEY_FALLBACK_NAMES_DEFAULT)
            scope = attr.get(
                CONFIG_KEY_FALLBACK_SCOPE,
                CONFIG_KEY_FALLBACK_SCOPE_DEFAULT)
            format = attr.get(
                CONFIG_KEY_FALLBACK_FORMAT,
                CONFIG_KEY_FALLBACK_FORMAT_DEFAULT)

            # add name_id as an internal attribute
            attributes['name_id'] = [internal_data.name_id.text]
            values = list(map(lambda n: attributes.get(n, [None])[0], names))

            # check all attributes have a value
            if None in values:
                continue

            # check name_id format
            if 'name_id' in names and format:
                if format != internal_data.name_id.format:
                    continue

            value = ''.join(values)

            if scope:
                value += '@' + scope

            attributes[attribute][0] = value
            break

        if not value:
            # TODO call on_error
            raise AttributeProcessorError("No value constructed.")
	from ..attribute_processor import AttributeProcessorError
	from .base_processor import BaseProcessor


	CONFIG_KEY_ERROR = 'on_error'
	CONFIG_KEY_ERROR_DEFAULT = ''

	CONFIG_KEY_FALLBACK = 'fallbacks'
	CONFIG_KEY_FALLBACK_DEFAULT = []

	CONFIG_KEY_FALLBACK_NAMES = 'names'
	CONFIG_KEY_FALLBACK_NAMES_DEFAULT = []

	CONFIG_KEY_FALLBACK_SCOPE = 'scope'
	CONFIG_KEY_FALLBACK_SCOPE_DEFAULT = None

	CONFIG_KEY_FALLBACK_FORMAT = 'format'
	CONFIG_KEY_FALLBACK_FORMAT_DEFAULT = None


	class CombineProcessor(BaseProcessor):
	"""
	example configuration:
	# file attribute_processor.yaml
	module: satosa.micro_services.attribute_processor.AttributeProcessor
	name: AttributeProcessor
	config:
	process:
	- attribute: epuid
	processors:
	- name: CombineProcessor
	module: satosa.micro_services.processors.fallback_processor
	fallbacks:
	- names: [epuid, name_id]
	format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
	- names: [epuid]
	- names: [eppn, name_id]
	format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
	- names: [eppn, edupersontargetedid]
	- names: [eppn]
	- names: [name_id]
	scope: 'foo'
	format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
	- names: [edupersontargetedid]
	scope: 'bar'
	on_error: 'https://example.com/path/to/some/endpoint'
	"""
	def process(self, internal_data, attribute, **kwargs):
	value = None
	attributes = internal_data.attributes
	fallbacks = kwargs.get(
	CONFIG_KEY_FALLBACK,
	CONFIG_KEY_FALLBACK_DEFAULT)

	for attr in fallbacks:
	names = attr.get(
	CONFIG_KEY_FALLBACK_NAMES,
	CONFIG_KEY_FALLBACK_NAMES_DEFAULT)
	scope = attr.get(
	CONFIG_KEY_FALLBACK_SCOPE,
	CONFIG_KEY_FALLBACK_SCOPE_DEFAULT)
	format = attr.get(
	CONFIG_KEY_FALLBACK_FORMAT,
	CONFIG_KEY_FALLBACK_FORMAT_DEFAULT)

	# add name_id as an internal attribute
	attributes['name_id'] = [internal_data.name_id.text]
	values = list(map(lambda n: attributes.get(n, [None])[0], names))

	# check all attributes have a value
	if None in values:
	continue

	# check name_id format
	if 'name_id' in names and format:
	if format != internal_data.name_id.format:
	continue

	value = ''.join(values)

	if scope:
	value += '@' + scope

	attributes[attribute][0] = value
	break

	if not value:
	# TODO call on_error
	raise AttributeProcessorError("No value constructed.")