add oidc login signal handling (#1367)

bihealth · Jul 8, 2024 · 7931cd6 · 7931cd6
1 parent 4b72557
commit 7931cd6
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 4 deletions.
diff --git a/config/settings/base.py b/config/settings/base.py
@@ -448,7 +448,6 @@
             AUTHENTICATION_BACKENDS,
         )
     )
-    MIDDLEWARE.append('social_django.middleware.SocialAuthExceptionMiddleware')
     TEMPLATES[0]['OPTIONS']['context_processors'] += [
         'social_django.context_processors.backends',
         'social_django.context_processors.login_redirect',

diff --git a/projectroles/models.py b/projectroles/models.py
@@ -65,6 +65,7 @@
 REMOTE_PROJECT_UNIQUE_MSG = (
     'RemoteProject with the same project UUID and site anready exists'
 )
+AUTH_PROVIDER_OIDC = 'oidc'
 
 
 # Project ----------------------------------------------------------------------
@@ -1344,8 +1345,13 @@ def get_form_label(self, email=False):
         return ret
 
     def set_group(self):
-        """Set user group based on user name."""
-        if self.username.find('@') != -1:
+        """Set user group based on user name or social auth provider"""
+        social_auth = getattr(self, 'social_auth', None)
+        if social_auth:
+            social_auth = social_auth.first()
+        if social_auth and social_auth.provider == AUTH_PROVIDER_OIDC:
+            group_name = AUTH_PROVIDER_OIDC
+        elif self.username.find('@') != -1:
             group_name = self.username.split('@')[1].lower()
         else:
             group_name = SODAR_CONSTANTS['SYSTEM_USER_GROUP']
@@ -1354,6 +1360,8 @@ def set_group(self):
             group.user_set.add(self)
             return group_name
 
+    # TODO: Add get_user_type(), replace is_local()
+
     def is_local(self):
         return not bool(re.search('@[A-Za-z0-9._-]+$', self.username))
 

diff --git a/projectroles/signals.py b/projectroles/signals.py
@@ -9,6 +9,8 @@
     user_login_failed,
 )
 
+from projectroles.models import AUTH_PROVIDER_OIDC
+
 
 logger = logging.getLogger(__name__)
 
@@ -29,6 +31,22 @@ def handle_ldap_login(sender, user, **kwargs):
             raise ex
 
 
+def handle_oidc_login(sender, user, **kwargs):
+    """Signal for OIDC login handling"""
+    social_auth = getattr(user, 'social_auth', None)
+    if not social_auth:
+        return
+    try:
+        social_auth = social_auth.first()
+        if social_auth and social_auth.provider == AUTH_PROVIDER_OIDC:
+            logger.debug('Updating OIDC user..')
+            user.update_full_name()
+    except Exception as ex:
+        logger.error('Exception in handle_oidc_login(): {}'.format(ex))
+        if settings.DEBUG:
+            raise ex
+
+
 def assign_user_group(sender, user, **kwargs):
     """Signal for user group assignment"""
     try:
@@ -56,6 +74,7 @@ def log_user_login_failure(sender, credentials, **kwargs):
 
 
 user_logged_in.connect(handle_ldap_login)
+user_logged_in.connect(handle_oidc_login)
 user_logged_in.connect(assign_user_group)
 user_logged_in.connect(log_user_login)
 user_logged_out.connect(log_user_logout)

diff --git a/projectroles/tests/test_models.py b/projectroles/tests/test_models.py
@@ -283,7 +283,7 @@ def set_up_as_target(cls, projects):
 
 
 class SODARUserMixin:
-    """Helper mixin for LDAP SodarUser creation"""
+    """Helper mixin for SodarUser creation"""
 
     def make_sodar_user(
         self,