Merge branch 'main' of ssh://gitlab.digitallearning.gmbh:2222/polaris/rights-engine

src/consents/serializers.py

@@ -93,3 +93,6 @@ class CreateUserSerializer(serializers.Serializer):
     email = serializers.CharField()
     first_name = serializers.CharField()
     last_name = serializers.CharField()
+
+class CreateUserShibbolethSerializer(serializers.Serializer):
+    email = serializers.CharField()
\ No newline at end of file

src/consents/urls.py

@@ -8,6 +8,7 @@ urlpatterns = [
     path('provider/create', views.CreateProviderConsentView.as_view()),
     path('user/save', views.SaveUserConsentView.as_view()),
     path('user/create', views.CreateUserConsentView.as_view()),
+    path('user/create-via-shibboleth', views.CreateUserConsentViaShibbolethView.as_view()),
     path('user/status', views.GetUserConsentStatusView.as_view()),
     path('user/analytics-tokens', views.GetUserConsentAnalyticsTokens.as_view()),
     path('user/analytics-tokens/consent', views.SaveUserConsentAnalyticsTokens.as_view()),

src/consents/views.py

 import json
+import string
+import random
 import os
 import secrets
 
@@ -15,12 +17,12 @@ from rest_framework.views import APIView
 from backend.role_permission import IsProvider
 from consents.serializers import (ProviderSchemaSerializer,
                                   ProvidersSerializer,
-                                  SaveUserConsentSerializer, CreateUserSerializer)
+                                  SaveUserConsentSerializer, CreateUserSerializer, CreateUserShibbolethSerializer)
 from providers.models import AnalyticsToken, AnalyticsTokenVerb, Provider, ProviderAuthorization, ProviderSchema
 from providers.serializers import (AnalyticsTokenSerializer, ConsentUserVerbThirdPartySerializer,
                                    GetUsersConsentsThirdPartySerializer)
 from users.models import CustomUser
-from xapi.views import shib_connector_resolver
+from xapi.views import shib_connector_resolver, shib_connector_resolver_to_pairwaise_id
 
 from .models import UserConsents
 
@@ -352,7 +354,6 @@ class CreateUserConsentView(APIView):
         serializer.is_valid(raise_exception=True) 
         
         email = serializer.validated_data["email"]
-        email = shib_connector_resolver(email=email, provider=provider)
 
         if CustomUser.objects.filter(email=email).first() is None:
            user = CustomUser.objects.create(
@@ -369,6 +370,40 @@ class CreateUserConsentView(APIView):
                     status=status.HTTP_200_OK,
                 )
     
+class CreateUserConsentViaShibbolethView(APIView):
+    
+    def post(self, request):
+        application_token = request.headers.get("Authorization", "").split("Basic ")[-1]
+        provider = ProviderAuthorization.objects.filter(key=application_token).first()
+        if provider is None:
+            return JsonResponse(
+                {"message": "invalid access token"},
+                safe=False,
+                status=status.HTTP_401_UNAUTHORIZED,
+            )
+       
+        serializer = CreateUserShibbolethSerializer(data=request.data, many=True)
+        serializer.is_valid(raise_exception=True) 
+        
+        email = serializer.validated_data["email"]
+        shib_id = shib_connector_resolver_to_pairwaise_id(email=email, provider=provider)
+
+        if CustomUser.objects.filter(uid=shib_id).first() is None:
+           user = CustomUser.objects.create(
+                uid=shib_id, # this is the pairwaise id 
+                email=''.join(random.choices(string.ascii_uppercase + string.digits, k=8)) + "@manual-created.polaris",
+                first_name=''.join(random.choices(string.ascii_uppercase + string.digits, k=8)),
+                last_name=''.join(random.choices(string.ascii_uppercase + string.digits, k=8))
+           )
+
+        return JsonResponse(
+                    {
+                        "user": user,
+                    },
+                    safe=False,
+                    status=status.HTTP_200_OK,
+                )
+
 class SaveUserConsentView(APIView):
     """
     Saves a user consent.