From 52ef22b03e5985602d70fae53e90957f136b056a Mon Sep 17 00:00:00 2001
From: Krish M <krish94@uab.edu>
Date: Thu, 14 Apr 2022 10:08:08 -0500
Subject: [PATCH] Feat- Parse Shibboleth eduPersonAffiliationValues attribute
1. Set a valid set of eppa values
2. Check if user's attributes match with any of the valid set of eppa values
3. If no match with user's eppa and valid set, redir to shib error page
---
app/__init__.py | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/app/__init__.py b/app/__init__.py
index 3c08d4d..c54bb01 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -40,7 +40,7 @@ def create_app(config_name):
@app.route('/', methods=['GET', 'POST']) # initial route to display the reg page
def index():
- invalid_eppa = ["alum", "library-walk-in"]
+ valid_eppa = ["faculty", "staff", "student", "affliate"]
if 'uid' not in session:
session['uid']=str(uuid.uuid4())
@@ -50,8 +50,8 @@ def create_app(config_name):
session['return_url'] = request.args.get('redir', vars.default_referrer)
-# if(any(item in session['user'].get('eppa') for item in invalid_eppa)):
-# return render_template('errors/shibboleth.html', title='shibboleth error')
+ if (not any(item in session['user'].get('eppa') for item in valid_eppa)):
+ return render_template('errors/shibboleth.html', title='shibboleth error')
if rc_util.check_state(session['user'].get('username')) == "blocked":
return render_template('errors/blocked.html')
@@ -71,7 +71,7 @@ def create_app(config_name):
referrer=session['return_url'], cancel_url=vars.default_referrer,
welcome_msg=messages.welcome_message,
cancel_msg=messages.cancel_message,
- error_msg=messages.error_message)
+ if (not any(item in session['user'].get('eppa') for item in valid_eppa)): error_msg=messages.error_message)
@app.route('/blocked_account')
--
GitLab