Ticket #1124 (new task)

Opened 8 years ago

[S] API for consumer app to interogate OpenID AX parameters

Reported by: pjkersha Owned by: pjkersha
Priority: desirable Milestone:
Component: security Version:
Keywords: Cc: astephen


Consumer apps may need API to access OpenID AX parameters. Currently, this info is exposed via an environ key. This runs the danger of brittle code which doesn't incorrectly assumes key names.

Ag has done some work on an API for the WPS:


Holds the UserManager class that links to security layer and session.


from pylons import request

class UserManager(object):

    def __init__(self):
        self.session = request.environ['beaker.session.ndg.security']
        self.dict = self.session['openid.ax']

        # Assign a logged_in attribute that detects whether cookie holds a currently valid session
        self.logged_in = request.environ.get("REMOTE_USER", False)

    def _get(self, key, strict = False):
        Returns value of ``key`` in self.dict or None if not found.
        If ``strict`` == True then raise an error if not found.
        if self.dict.has_key(key):
            value = self.dict[key]

            if type(value) == type((1,2)) and len(value) == 1:
                value = value[0]

            return value

            if strict == True:
                raise KeyError("No such item '%s' in security session dictionary." % key)
                return None

    def getUserName(self, strict = False):
        first_name = self._get("firstName", strict = strict)
        last_name = self._get("lastName", strict = strict)
        return first_name + "." + last_name

    def getEmailAddress(self, strict = False):
        return self._get("emailAddress", strict = strict) 
Note: See TracTickets for help on using tickets.