Classic as of right now.
Mathias,
Thanks again for the help. We're able to authenticate with our central admin's SSO which uses Oracle Access Manager (OAM).
we patched _updateUserProperties
userProps = {}
if "email" in userinfo:
userProps["email"] = make_string(userinfo["email"])
if "givenName" in userinfo and "sn" in userinfo:
userProps["fullname"] = "{} {}".format(
make_string(userinfo["givenName"]), make_string(userinfo["sn"])
)
elif "name" in userinfo and "sn" in userinfo:
userProps["fullname"] = "{} {}".format(
make_string(userinfo["name"]), make_string(userinfo["sn"])
)
if "givenName" in userinfo :
userProps["givenname"] = make_string(userinfo["givenName"])
if "sn" in userinfo :
userProps["sn"] = make_string(userinfo["sn"])
if "EMPLID" in userinfo:
userProps["emplid"] = make_string(userinfo["EMPLID"])
Also added a line at remember_identity to pickup the userID from basic attributes.
user_id = make_string(userinfo["email"]).lower().split('@')[0]
Works well and is performant.
I know that you said you're using classic at the moment, we've moved our front-end to Volto. I think I read/saw/see that your code follows roughly pas.plugins.oidc does that mean we could potentially use volto.authomatic? do you think this would be a heavy lift to get auth to work with Volto?
I am getting my POC/Dev Volto part together to test. Any comments/suggestions greatly appreciated.
In health,
Eric
@riker11451 I have no experience with Volto and will not work with it anytime soon. I mostly work on the backend side.
I will have a look at what's possible with saml2 and restapi.
@maethu we've been able to confirm that your add-on works with Volto! I checked the box for Create API Session and things seemed to work. We will have to update our Volto views & templates to reflect for example the different login URLs etc. But on the face of it, things work well in Volto. We're grateful for your work, and hopefully, we're able to contribute back.
Eric
Aweseom, I'm happy it worked out well.
Regarding Volto. It would be great if you could provide a brief explanation of what you did to make it work. I can add it then to the documentation.