perf: Support SAML2, OIDC user authentication services, mapping user group field information

2025-09-01 15:37:19 +00:00 · 2024-08-29 19:23:04 +08:00
parent 1068662ab1
commit c545e2a3aa
4 changed files with 67 additions and 17 deletions
--- a/apps/authentication/backends/saml2/backends.py
+++ b/apps/authentication/backends/saml2/backends.py
@@ -27,9 +27,13 @@ class SAML2Backend(JMSModelBackend):
        log_prompt = "Get or Create user [SAML2Backend]: {}"
        logger.debug(log_prompt.format('start'))

+        groups = saml_user_data.pop('groups', None)
+
        user, created = get_user_model().objects.get_or_create(
            username=saml_user_data['username'], defaults=saml_user_data
        )
+
+        saml_user_data['groups'] = groups
        logger.debug(log_prompt.format("user: {}|created: {}".format(user, created)))

        logger.debug(log_prompt.format("Send signal => saml2 create or update user"))
--- a/apps/authentication/backends/saml2/views.py
+++ b/apps/authentication/backends/saml2/views.py
@@ -87,6 +87,7 @@ class PrepareRequestMixin:
            ('name', 'name', False),
            ('phone', 'phone', False),
            ('comment', 'comment', False),
+            ('groups', 'groups', False),
        )
        attr_list = []
        for name, friend_name, is_required in need_attrs:
@@ -185,7 +186,7 @@ class PrepareRequestMixin:
        user_attrs = {}
        attr_mapping = settings.SAML2_RENAME_ATTRIBUTES
        attrs = saml_instance.get_attributes()
-        valid_attrs = ['username', 'name', 'email', 'comment', 'phone']
+        valid_attrs = ['username', 'name', 'email', 'comment', 'phone', 'groups']

        for attr, value in attrs.items():
            attr = attr.rsplit('/', 1)[-1]