zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-05-15 17:17:02 +02:00
Code Issues Projects Releases Packages Wiki Activity

Intercept userinfo from login.gov and append given_name and family_name if user requires ial1 and exists in DB

Browse source
This commit is contained in:
Rachid Mrad 2023-12-11 17:20:47 -05:00
parent 1001454a85
commit e25dad495e
No known key found for this signature in database
GPG key ID: EF38E4CEC4A8F3CF
2 changed files with 25 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

17
src/djangooidc/oidc.py
View file

@ -87,7 +87,7 @@ class Client(oic.Client):
extra_args=None,
):
"""Step 2: Construct a login URL at OP's domain and send the user to it."""
logger.debug("Creating the OpenID Connect authn request...")
logger.info("create_authn_request() Creating the OpenID Connect authn request...")
state = rndstr(size=32)
try:
session["state"] = state
@ -112,7 +112,7 @@ class Client(oic.Client):
logger.error("Failed to assemble request arguments for %s" % state)
raise o_e.InternalError(locator=state)
logger.debug("request args: %s" % request_args)
logger.info("request args: %s" % request_args)
try:
# prepare the request for sending
@ -126,9 +126,9 @@ class Client(oic.Client):
method="GET",
request_args=request_args,
)
logger.debug("body: %s" % body)
logger.debug("URL: %s" % url)
logger.debug("headers: %s" % headers)
logger.info("body: %s" % body)
logger.info("URL: %s" % url)
logger.info("headers: %s" % headers)
except Exception as err:
logger.error(err)
logger.error("Failed to prepare request for %s" % state)
@ -150,7 +150,7 @@ class Client(oic.Client):
def callback(self, unparsed_response, session):
"""Step 3: Receive OP's response, request an access token, and user info."""
logger.debug("Processing the OpenID Connect callback response...")
logger.info("callback() Processing the OpenID Connect callback response...")
state = session.get("state", "")
try:
# parse the response from OP
@ -174,7 +174,7 @@ class Client(oic.Client):
logger.error("Unable to process response %s for %s" % (error, state))
raise o_e.AuthenticationFailed(locator=state)
logger.debug("authn_response %s" % authn_response)
logger.info("callback() authn_response %s" % authn_response)
if not authn_response.get("state", None):
logger.error("State value not received from OP for %s" % state)
@ -213,7 +213,8 @@ class Client(oic.Client):
logger.error("Unable to get user info (%s) for %s" % (info_response.get("error", ""), state))
raise o_e.AuthenticationFailed(locator=state)
logger.debug("user info: %s" % info_response)
logger.info("_get_user_info() user info: %s" % info_response)
return info_response.to_dict()
def _request_token(self, state, code, session):

16
src/djangooidc/views.py
View file

@ -58,6 +58,7 @@ def openid(request):
request.session["next"] = request.GET.get("next", "/")
try:
logger.info('openid() calls create_authn_request in oidc')
return CLIENT.create_authn_request(request.session)
except Exception as err:
return error_page(request, err)
@ -71,9 +72,24 @@ def login_callback(request):
# test for need for identity verification and if it is satisfied
# if not satisfied, redirect user to login with stepped up acr_value
if requires_step_up_auth(userinfo):
logger.info('login_callback() calls get_step_up_acr_value and create_authn_request in oidc')
# add acr_value to request.session
request.session["acr_value"] = CLIENT.get_step_up_acr_value()
return CLIENT.create_authn_request(request.session)
logger.info(f'login_callback() before calling authenticate: {userinfo}')
try:
user_in_db = User.objects.get(username=userinfo["sub"])
if user_in_db:
logger.info(f"This user exists in the DB (before authenticate): {user_in_db.first_name}")
userinfo["given_name"] = user_in_db.first_name
userinfo["family_name"] = user_in_db.last_name
except:
pass
user = authenticate(request=request, **userinfo)
if user:
login(request, user)