Commit 738d4040 authored by Mihai Patrascoiu's avatar Mihai Patrascoiu
Browse files

Change VOMS attributes generation for OIDC tokens

parent c9222934
Pipeline #2071937 passed with stage
in 2 minutes and 11 seconds
...@@ -252,18 +252,14 @@ class FTS3OAuth2ResourceProvider(ResourceProvider): ...@@ -252,18 +252,14 @@ class FTS3OAuth2ResourceProvider(ResourceProvider):
return Session.query(Credential).filter(Credential.dlg_id == dlg_id).first() return Session.query(Credential).filter(Credential.dlg_id == dlg_id).first()
def _generate_voms_attrs(self, credential): def _generate_voms_attrs(self, credential):
if 'email' in credential: attrs = [
if 'username' in credential: credential.get("email"),
# 'username' is never there whether offline or online credential.get("username") or credential.get("user_id") or credential.get("client_id")
return credential['email'] + " " + credential['username'] ]
else:
# 'user_id' is there only online voms_attrs = ' '.join(filter(None, attrs))
return credential['email'] + " " + credential['user_id'] log.debug('voms_attrs::: {}'.format(voms_attrs))
else: return voms_attrs
if 'username' in credential:
return credential['username'] + " "
else:
return credential['user_id'] + " "
def _validate_token_offline(self, access_token): def _validate_token_offline(self, access_token):
""" """
......
...@@ -116,16 +116,14 @@ class OIDCmanager: ...@@ -116,16 +116,14 @@ class OIDCmanager:
method='POST', method='POST',
authn_method="client_secret_basic" authn_method="client_secret_basic"
) )
log.debug("after do any")
response = response.json() response = response.json()
log.debug("response: {}".format(response)) log.debug("response: {}".format(response))
refresh_token = response['refresh_token'] refresh_token = response['refresh_token']
log.debug("REFRESH TOKEN IS {}".format(refresh_token)) log.debug('refresh_token_response::: {}'.format(refresh_token))
except Exception as ex: except Exception as ex:
log.warning("Exception raised when requesting refresh token") log.warning("Exception raised when requesting refresh token")
log.warning(ex) log.warning(ex)
raise ex raise ex
log.debug('refresh_token_response::: {}'.format(refresh_token))
return refresh_token return refresh_token
def request_token_exchange(self, issuer, access_token, scope=None, audience=None): def request_token_exchange(self, issuer, access_token, scope=None, audience=None):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment