cco/py-scopes
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

auth: principal with correct groups => login and auth basically working

Browse source
This commit is contained in:
Helmut Merz 2025-04-07 10:21:25 +02:00
parent 2a52d8a481
commit 4b791cf83b
1 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
scopes/server/auth.py
View file

@ -55,6 +55,8 @@ authentication = OidcAuthentication(None)
@implementer(IGroupAwarePrincipal) @implementer(IGroupAwarePrincipal)
class Principal: class Principal:
group_prefix = 'gloops.'
def __init__(self, id, data): def __init__(self, id, data):
self.id = id self.id = id
self.data = data self.data = data
@ -65,7 +67,9 @@ class Principal:
@property @property
def groups(self): def groups(self):
return self.data.get('groups', []) groups = [self.group_prefix + g for g in self.data.get('groups', [])]
print('*** Principal.groups', groups)
return groups
def asDict(self): def asDict(self):
data = self.data.copy() data = self.data.copy()
@ -94,7 +98,7 @@ class Authenticator(DummyFolder):
data = self.loadSession() data = self.loadSession()
print('*** authenticate', data) print('*** authenticate', data)
if data and 'userid' in data: if data and 'userid' in data:
id = self.params['principal_prefix'] + data.pop('userid') id = self.params.get('principal_prefix', '') + data.pop('userid')
return Principal(id, data) return Principal(id, data)
return None return None
@ -149,7 +153,7 @@ class Authenticator(DummyFolder):
userid=userData['preferred_username'], userid=userData['preferred_username'],
name=userData['name'], name=userData['name'],
email=userData['email'], email=userData['email'],
groups=groupInfo.keys(), groups=list(groupInfo.keys()),
access_token=tdata['access_token'], access_token=tdata['access_token'],
) )
self.storeSession(ndata) self.storeSession(ndata)