src/STS/Controllers/ShibbolethController.cs

@@ -54,8 +54,8 @@ namespace Coscine.Api.STS.Controllers
             var entityId = entity[(entity.IndexOf("NameQualifier=\"") + "NameQualifier=\"".Length)..];
             entityId = entityId.Substring(0, entityId.IndexOf("\""));
 
-            var mapping = externalIdModel.GetAllWhere((map) => 
-                map.ExternalId1 == identifier 
+            var mapping = externalIdModel.GetAllWhere((map) =>
+                map.ExternalId1 == identifier
                 && map.ExternalAuthenticatorId == shibbolethAuthItem.Id
                 && map.Organization == entityId
             );
@@ -88,20 +88,24 @@ namespace Coscine.Api.STS.Controllers
             var organization = _rdfStoreConnector.GetOrganization(entityId, identifier);
 
             // Can only update data if an org was found.
-            if(organization != null)
+            if (organization != null)
             {
                 // Drop old membership infromation.
                 _rdfStoreConnector.RemoveMembershipData(userGraphName, organization);
 
                 // Reverse lookup...
                 var eduPersonScopedAffiliation = info.Principal.FindAll(ShibbolethAttributeMapping.LabelMapping.FirstOrDefault(x => x.Value == "Entitlement").Key);
-                if (eduPersonScopedAffiliation.Any(x => x.Value.StartsWith("employee@"))
-                    // Check for test shib (employee user is actually member...).
-                    || (eduPersonScopedAffiliation.Any(x => x.Value.StartsWith("member@") && entityId == "https://login-test.rz.rwth-aachen.de/shibboleth")))
+                var orgFromId = _rdfStoreConnector.GetOrgnizationWithIdentifier(identifier);
+                if (eduPersonScopedAffiliation.Any(x => x.Value.StartsWith("employee@")))
                 {
                     // Add membership information.
                     _rdfStoreConnector.AddMemebershipData(userGraphName, organization);
                 }
+                else if (orgFromId != null)
+                {
+                    // Add membership information.
+                    _rdfStoreConnector.AddMemebershipData(userGraphName, orgFromId);
+                }
             }
 
             var coscineUser = new CoscineUser()
@@ -109,12 +113,12 @@ namespace Coscine.Api.STS.Controllers
                 UserName = user.Id.ToString(),
                 Email = user.EmailAddress ?? ""
             };
-            
+
             var result = await _signInManager.UserManager.CreateAsync(coscineUser);
             result = await _signInManager.UserManager.AddLoginAsync(coscineUser, info);
-            await _signInManager.SignInAsync(coscineUser, isPersistent: false);            
+            await _signInManager.SignInAsync(coscineUser, isPersistent: false);
 
-            return Redirect(UrlGenerator.ExtendReturnUrl(returnUrl, Request));            
+            return Redirect(UrlGenerator.ExtendReturnUrl(returnUrl, Request));
         }
 
         /// <summary>

src/STS/STS.csproj

@@ -6,7 +6,7 @@
 	<GenerateDocumentationFile>true</GenerateDocumentationFile>
     <TargetFramework>net5.0</TargetFramework>
     <GenerateAssemblyInfo>false</GenerateAssemblyInfo>
-  <Version>2.2.4</Version></PropertyGroup>
+  <Version>2.3.0</Version></PropertyGroup>
 	<PropertyGroup>
 		<Authors>RWTH Aachen University</Authors>
 		<Company>IT Center, RWTH Aachen University</Company>