Skip to content

Commit

Permalink
sweep: #7691 feat (IAM): fetch nickname attribute from scim interface
Browse files Browse the repository at this point in the history
  • Loading branch information
chaen authored and web-flow committed Jun 26, 2024
1 parent 95bb0b1 commit 7492be9
Showing 1 changed file with 14 additions and 2 deletions.
16 changes: 14 additions & 2 deletions src/DIRAC/Core/Security/IAMService.py
Original file line number Diff line number Diff line change
Expand Up @@ -87,9 +87,21 @@ def convert_iam_to_voms(iam_output):
cert_dict = {}
dn = convert_dn(cert["subjectDn"])
ca = convert_dn(cert["issuerDn"])

cert_dict["CA"] = ca
cert_dict["nickname"] = iam_output["userName"]

# The nickname is available in the list of attributes
# (if configured so)
# in the form {'name': 'nickname', 'value': 'chaen'}
# otherwise, we take the userName
try:
cert_dict["nickname"] = [
attr["value"]
for attr in iam_output["urn:indigo-dc:scim:schemas:IndigoUser"]["attributes"]
if attr["name"] == "nickname"
][0]
except (KeyError, IndexError):
cert_dict["nickname"] = iam_output["userName"]

# This is not correct, we take the overall status instead of the certificate one
# however there are no known case of cert suspended while the user isn't
cert_dict["certSuspended"] = not iam_output["active"]
Expand Down

0 comments on commit 7492be9

Please sign in to comment.