feat: add metadata_store to context

Added a function that collects metadata for swamid-satosa metainfo plugin for non-SAML backends. The metadata is collected into dictionary and added to the context. The functionality added is similar to saml backend where the context is decorated with metadata of mdstore type.
IdentityPython · May 21, 2023 · af3885f · af3885f
1 parent 497aa9c
commit af3885f
Show file tree

Hide file tree

Showing 6 changed files with 42 additions and 4 deletions.
diff --git a/src/satosa/backends/apple.py b/src/satosa/backends/apple.py
@@ -19,18 +19,20 @@
 from satosa.internal import InternalData
 from .base import BackendModule
 from .oauth import get_metadata_desc_for_oauth_backend
+from .oauth import _get_metadata_to_decorate
+from ..context import Context
 from ..exception import SATOSAAuthenticationError, SATOSAError
 from ..response import Redirect
 
 import json
 import requests
 
-
 logger = logging.getLogger(__name__)
 
 NONCE_KEY = "oidc_nonce"
 STATE_KEY = "oidc_state"
 
+
 # https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple
 class AppleBackend(BackendModule):
     """Sign in with Apple backend"""
@@ -240,8 +242,8 @@ def response_endpoint(self, context, *args):
             )
             logger.error(logline)
             raise SATOSAAuthenticationError(context.state, "No user info available.")
-
         all_user_claims = dict(list(userinfo.items()) + list(id_token_claims.items()))
+        context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
         msg = "UserInfo: {}".format(all_user_claims)
         logline = lu.LOG_FMT.format(id=lu.get_session_id(context.state), message=msg)
         logger.debug(logline)
@@ -314,7 +316,7 @@ def _create_client(provider_metadata, client_metadata, verify_ssl=True):
         )
 
     client.subject_type = (
-        client.registration_response.get("subject_type")
-        or client.provider_info["subject_types_supported"][0]
+            client.registration_response.get("subject_type")
+            or client.provider_info["subject_types_supported"][0]
     )
     return client
diff --git a/src/satosa/backends/github.py b/src/satosa/backends/github.py
@@ -10,6 +10,8 @@
 from oic.oauth2.message import AuthorizationResponse
 
 from satosa.backends.oauth import _OAuthBackend
+from .oauth import _get_metadata_to_decorate
+from satosa.context import Context
 from satosa.internal import AuthenticationInformation
 from satosa.internal import InternalData
 from satosa.response import Redirect
@@ -99,6 +101,7 @@ def _authn_response(self, context):
         internal_response.attributes = self.converter.to_internal(
             self.external_type, user_info)
         internal_response.subject_id = str(user_info[self.user_id_attr])
+        context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
         del context.state[self.name]
         return self.auth_callback_func(context, internal_response)
 

diff --git a/src/satosa/backends/linkedin.py b/src/satosa/backends/linkedin.py
@@ -10,6 +10,8 @@
 from oic.oauth2.message import AuthorizationResponse
 
 from satosa.backends.oauth import _OAuthBackend
+from .oauth import _get_metadata_to_decorate
+from satosa.context import Context
 from satosa.internal import AuthenticationInformation
 from satosa.internal import InternalData
 from satosa.response import Redirect
@@ -110,6 +112,7 @@ def _authn_response(self, context):
             self.external_type, user_info)
 
         internal_response.subject_id = user_info[self.user_id_attr]
+        context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
         del context.state[self.name]
         return self.auth_callback_func(context, internal_response)
 

diff --git a/src/satosa/backends/oauth.py b/src/satosa/backends/oauth.py
@@ -12,6 +12,7 @@
 from oic.utils.authn.authn_context import UNSPECIFIED
 
 import satosa.logging_util as lu
+from satosa.context import Context
 from satosa.internal import AuthenticationInformation
 from satosa.internal import InternalData
 from satosa.exception import SATOSAAuthenticationError
@@ -145,6 +146,7 @@ def _authn_response(self, context):
         internal_response = InternalData(auth_info=self.auth_info(context.request))
         internal_response.attributes = self.converter.to_internal(self.external_type, user_info)
         internal_response.subject_id = user_info[self.user_id_attr]
+        context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
         del context.state[self.name]
         return self.auth_callback_func(context, internal_response)
 
@@ -324,3 +326,22 @@ def get_metadata_desc_for_oauth_backend(entity_id, config):
 
     metadata_description.append(description)
     return metadata_description
+
+
+def _get_metadata_to_decorate(config):
+    metadata_dict = {}
+    if "entity_info" in config:
+        entity_info = config["entity_info"]
+        if "ui_info" in entity_info:
+            ui_info = entity_info["ui_info"]
+            for name in ui_info.get("display_name", []):
+                if name[1] == "en":
+                    metadata_dict["client_name"] = name[0]
+                metadata_dict["client_name#" + name[1]] = name[0]
+            for logo in ui_info.get("logo", []):
+                if logo["lang"] == "en":
+                    metadata_dict["logo_uri"] = logo["image"]
+                    metadata_dict["logo_width"] = logo["width"]
+                    metadata_dict["logo_height"] = logo["height"]
+                metadata_dict["logo_uri#" + logo["lang"]] = logo["image"]
+    return metadata_dict
diff --git a/src/satosa/backends/openid_connect.py b/src/satosa/backends/openid_connect.py
@@ -18,6 +18,8 @@
 from satosa.internal import InternalData
 from .base import BackendModule
 from .oauth import get_metadata_desc_for_oauth_backend
+from .oauth import _get_metadata_to_decorate
+from ..context import Context
 from ..exception import SATOSAAuthenticationError, SATOSAError
 from ..response import Redirect
 
@@ -208,6 +210,7 @@ def response_endpoint(self, context, *args):
             logger.error(logline)
             raise SATOSAAuthenticationError(context.state, "No user info available.")
 
+        context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
         all_user_claims = dict(list(userinfo.items()) + list(id_token_claims.items()))
         msg = "UserInfo: {}".format(all_user_claims)
         logline = lu.LOG_FMT.format(id=lu.get_session_id(context.state), message=msg)
@@ -278,3 +281,6 @@ def _create_client(provider_metadata, client_metadata, verify_ssl=True):
     client.subject_type = (client.registration_response.get("subject_type") or
                            client.provider_info["subject_types_supported"][0])
     return client
+
+
+
diff --git a/src/satosa/backends/orcid.py b/src/satosa/backends/orcid.py
@@ -9,8 +9,10 @@
 from oic.utils.authn.authn_context import UNSPECIFIED
 from oic.oauth2.consumer import stateID
 from oic.oauth2.message import AuthorizationResponse
+from .oauth import _get_metadata_to_decorate
 
 from satosa.backends.oauth import _OAuthBackend
+from satosa.context import Context
 from satosa.internal import InternalData
 from satosa.internal import AuthenticationInformation
 from satosa.util import rndstr
@@ -79,6 +81,7 @@ def _authn_response(self, context):
         internal_response.attributes = self.converter.to_internal(
             self.external_type, user_info)
         internal_response.subject_id = user_info[self.user_id_attr]
+        context.decorate(Context.KEY_METADATA_STORE, _get_metadata_to_decorate(self.config))
         del context.state[self.name]
         return self.auth_callback_func(context, internal_response)