From 0a030cb6c7df204298d12cf061c22e7a3d9028f8 Mon Sep 17 00:00:00 2001 From: Ivan Kanakarakis Date: Tue, 28 Jun 2022 15:30:50 +0300 Subject: [PATCH] Add the voPerson v2 attributes mappings Signed-off-by: Ivan Kanakarakis --- src/saml2/attributemaps/saml_uri.py | 76 +++++++++++++++++++++-------- 1 file changed, 55 insertions(+), 21 deletions(-) diff --git a/src/saml2/attributemaps/saml_uri.py b/src/saml2/attributemaps/saml_uri.py index 5ffa80785..5dd83caec 100644 --- a/src/saml2/attributemaps/saml_uri.py +++ b/src/saml2/attributemaps/saml_uri.py @@ -2,6 +2,10 @@ EDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.' EDUMEMBER1_OID = 'urn:oid:1.3.6.1.4.1.5923.1.5.1.' +# voPerson class References: +# - https://github.com/voperson/voperson/blob/2.0.0/voPerson.md#voperson-object-class-definition +VOPERSON_V2_OID = 'urn:oid:1.3.6.1.4.1.25178.4.1.' + # ldap.gv.at definitions as specified in: # http://www.ref.gv.at/AG-IZ-PVP2-Version-2-1-0-2.2754.0.html LDAPGVAT_OID = 'urn:oid:1.2.40.0.10.2.1.1.' @@ -48,20 +52,20 @@ MAP = { 'identifier': 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri', 'fro': { - DIGG_OID + '1': 'orgAffiliation', - DIGG_OID + '2': 'transactionIdentifier', - DIGG_OID + '3': 'authContextParams', - DIGG_OID + '4': 'prid', - DIGG_OID + '5': 'pridPersistence', - DIGG_OID + '6': 'personalIdentityNumberBinding', - DIGG_OID + '7': 'eidasPersonIdentifier', - DIGG_OID + '8': 'birthName', - DIGG_OID + '9': 'eidasNaturalPersonAddress', - DIGG_OID + '10': 'userCertificate', - DIGG_OID + '11': 'userSignature', - DIGG_OID + '12': 'sad', - DIGG_OID + '13': 'authServerSignature', - DIGG_OID + '14': 'signMessageDigest', + DIGG_OID+'1': 'orgAffiliation', + DIGG_OID+'2': 'transactionIdentifier', + DIGG_OID+'3': 'authContextParams', + DIGG_OID+'4': 'prid', + DIGG_OID+'5': 'pridPersistence', + DIGG_OID+'6': 'personalIdentityNumberBinding', + DIGG_OID+'7': 'eidasPersonIdentifier', + DIGG_OID+'8': 'birthName', + DIGG_OID+'9': 'eidasNaturalPersonAddress', + DIGG_OID+'10': 'userCertificate', + DIGG_OID+'11': 'userSignature', + DIGG_OID+'12': 'sad', + DIGG_OID+'13': 'authServerSignature', + DIGG_OID+'14': 'signMessageDigest', EIDAS_LEGALPERSON+'LegalPersonIdentifier': 'LegalPersonIdentifier', EIDAS_LEGALPERSON+'LegalPersonAddress': 'LegalAddress', EIDAS_LEGALPERSON+'LegalName': 'LegalName', @@ -98,8 +102,8 @@ EDUPERSON_OID+'12': 'eduPersonPrincipalNamePrior', EDUPERSON_OID+'13': 'eduPersonUniqueId', EDUPERSON_OID+'16': 'eduPersonOrcid', - INERA_OID + '1': 'employeeHsaId', - INERA_OID + '13': 'personalIdentityNumber', + INERA_OID+'1': 'employeeHsaId', + INERA_OID+'13': 'personalIdentityNumber', LDAPGVAT_OID+'1': 'PVP-GID', LDAPGVAT_OID+'149': 'PVP-BPK', LDAPGVAT_OID+'153': 'PVP-OU-OKZ', @@ -147,11 +151,11 @@ OPENOSI_OID+'109': 'osiOtherHomePhone', OPENOSI_OID+'120': 'osiWorkURL', PKCS_9+'1': 'email', - PKIX_OID + '1': 'dateOfBirth', - PKIX_OID + '2': 'placeOfBirth', - PKIX_OID + '3': 'gender', - PKIX_OID + '4': 'countryOfCitizenship', - PKIX_OID + '5': 'countryOfResidence', + PKIX_OID+'1': 'dateOfBirth', + PKIX_OID+'2': 'placeOfBirth', + PKIX_OID+'3': 'gender', + PKIX_OID+'4': 'countryOfCitizenship', + PKIX_OID+'5': 'countryOfResidence', SAML_SUBJECT_ID+'subject-id': 'subject-id', SAML_SUBJECT_ID+'pairwise-id': 'pairwise-id', SCHAC+'1': 'schacMotherTongue', @@ -249,6 +253,21 @@ SWISSEDUPERSON_OID+'13': 'swissEduID', SWISSEDUPERSON_OID+'1023': 'swissLibraryPersonAffiliation', SWISSEDUPERSON_OID+'1025': 'swissLibraryPersonResidence', + VOPERSON_V2_OID+'1': 'voPersonApplicationUID', + VOPERSON_V2_OID+'2': 'voPersonAuthorName', + VOPERSON_V2_OID+'3': 'voPersonCertificateDN', + VOPERSON_V2_OID+'4': 'voPersonCertificateIssuerDN', + VOPERSON_V2_OID+'5': 'voPersonExternalID', + VOPERSON_V2_OID+'6': 'voPersonID', + VOPERSON_V2_OID+'7': 'voPersonPolicyAgreement', + VOPERSON_V2_OID+'8': 'voPersonSoRID', + VOPERSON_V2_OID+'9': 'voPersonStatus', + VOPERSON_V2_OID+'10': 'voPersonAffiliation', + VOPERSON_V2_OID+'11': 'voPersonExternalAffiliation', + VOPERSON_V2_OID+'12': 'voPersonScopedAffiliation', + VOPERSON_V2_OID+'13': 'voPersonApplicationPassword', + VOPERSON_V2_OID+'14': 'voPersonVerifiedEmail', + VOPERSON_V2_OID+'15': 'voPersonToken', }, 'to': { 'LegalPersonIdentifier': EIDAS_LEGALPERSON+'LegalPersonIdentifier', @@ -452,5 +471,20 @@ 'swissEduID': SWISSEDUPERSON_OID+'13', 'swissLibraryPersonAffiliation': SWISSEDUPERSON_OID+'1023', 'swissLibraryPersonResidence': SWISSEDUPERSON_OID+'1025', + 'voPersonAffiliation': VOPERSON_V2_OID+'10', + 'voPersonApplicationPassword': VOPERSON_V2_OID+'13', + 'voPersonApplicationUID': VOPERSON_V2_OID+'1', + 'voPersonAuthorName': VOPERSON_V2_OID+'2', + 'voPersonCertificateDN': VOPERSON_V2_OID+'3', + 'voPersonCertificateIssuerDN': VOPERSON_V2_OID+'4', + 'voPersonExternalAffiliation': VOPERSON_V2_OID+'11', + 'voPersonExternalID': VOPERSON_V2_OID+'5', + 'voPersonID': VOPERSON_V2_OID+'6', + 'voPersonPolicyAgreement': VOPERSON_V2_OID+'7', + 'voPersonScopedAffiliation': VOPERSON_V2_OID+'12', + 'voPersonSoRID': VOPERSON_V2_OID+'8', + 'voPersonStatus': VOPERSON_V2_OID+'9', + 'voPersonToken': VOPERSON_V2_OID+'15', + 'voPersonVerifiedEmail': VOPERSON_V2_OID+'14', } }