Add group membership reporting in userinfo endpoint
This commit is contained in:
parent
15e3c059eb
commit
ffd3e8561b
3 changed files with 19 additions and 0 deletions
|
@ -30,6 +30,7 @@ class LDAPUserProxy(object):
|
|||
self.username = re.sub(app.config["LDAP_STRIP_RE"], "", username)
|
||||
self.is_authenticated = True
|
||||
self.is_anonymous = False
|
||||
self.groups = []
|
||||
|
||||
if app.config.get("TESTING"):
|
||||
self.gecos = "Testing User"
|
||||
|
@ -56,6 +57,16 @@ class LDAPUserProxy(object):
|
|||
self.phone = data.get("mobile", [b""])[0].decode() or None
|
||||
self.personal_email = data.get("mailRoutingAddress", [b""])[0].decode() or None
|
||||
|
||||
self.groups = [
|
||||
data["cn"][0].decode()
|
||||
for dn, data in conn.search_s(
|
||||
app.config["LDAP_GROUPS_BASEDN"],
|
||||
ldap.SCOPE_SUBTREE,
|
||||
app.config["LDAP_GROUP_MEMBERSHIP_FILTER"] % dn,
|
||||
["cn"],
|
||||
)
|
||||
]
|
||||
|
||||
def __repr__(self):
|
||||
active = "active" if self.is_active else "inactive"
|
||||
return "<LDAPUserProxy {}, {}>".format(self.username, active)
|
||||
|
|
|
@ -34,6 +34,13 @@ LDAP_UID_FILTER = env.str(
|
|||
"LDAP_UID_FILTER", default="(&(objectClass=hsMember)(uid=%s))"
|
||||
)
|
||||
|
||||
LDAP_GROUPS_BASEDN = env.str(
|
||||
"LDAP_GROUPS_BASEDN", default="ou=Group,dc=hackerspace,dc=pl"
|
||||
)
|
||||
LDAP_GROUP_MEMBERSHIP_FILTER = env.str(
|
||||
"LDAP_GROUP_MEMBERSHIP_FILTER", default="(&(objectClass=*)(uniqueMember=%s))",
|
||||
)
|
||||
|
||||
LDAP_BIND_DN = env.str(
|
||||
"LDAP_BIND_DN", default="cn=auth,ou=Services,dc=hackerspace,dc=pl"
|
||||
)
|
||||
|
|
|
@ -213,6 +213,7 @@ def api_userinfo():
|
|||
email=user.email,
|
||||
preferred_username=user.username,
|
||||
nickname=user.username,
|
||||
groups=user.groups,
|
||||
)
|
||||
|
||||
|
||||
|
|
Loading…
Add table
Reference in a new issue