Initial functionality #1

cbartz · 2023-07-28T07:12:23Z

This PR adds the basic functionality to support the SAML group attributes using Flask Multipass within Indico.
The current SAML Identity Provider in Flask Multipass does not support the SAML group attributes, see this issue for further explanation.

Implementation notes:

Groups are stored/cached in the Indico provided database, as Indico does not do this for external auth providers (see this issue), and group membership information would otherwise be lost on a server restart/crash.
Group membership information is updated on every user login.
Currently the package is designed as an Indico plugin and the code directly uses the SQLAlchemy instance from the Indico package, but this could be extended to be independent of Indico to be used for other services.
The code has only been tested locally and not yet with a real SAML IdP service, so it should be considered experimental. I have added a warning to the README.

github-actions

license-eye has totally checked 36 files.

Valid	Invalid	Ignored	Fixed
24	1	11	0

Click to see the invalid file list

flask_multipass_saml_groups/migrations/20230725_1640_ae387f5fc14a_initial_migration.py

flask_multipass_saml_groups/migrations/20230725_1640_ae387f5fc14a_initial_migration.py

.github/workflows/integration_test.yaml

.github/workflows/test.yaml

pytest.ini

setup.cfg

arturo-seijas

LGTM!

flask_multipass_saml_groups/group_provider/sql.py

setup.cfg

install-libs.sh

flask_multipass_saml_groups/group_provider/sql.py

This reverts commit eca8641.

mthaddon

We're missing docstrings for a few methods - are there plans to add those later or is that something that could be addressed now?

flask_multipass_saml_groups/group_provider/sql.py

cbartz · 2023-07-31T11:35:27Z

We're missing docstrings for a few methods - are there plans to add those later or is that something that could be addressed now?

Any missing docstrings should be docstrings equivalent to the base class docstring. I avoided copy & paste there.
I always mention it on the first disable rule # noqa: D102,DCO010 docstring in base class, but did not repeat the reason "docstring in base class" everywhere.

mthaddon

Looks good to me, thanks. And thanks for the thorough PR description.

cbartz added 23 commits July 27, 2023 14:52

Add basic provider functionality

4abf1bd

Add basic group functionality

c4b65eb

Restructure code

61696be

Use iterator instead of iterable in get_members

3a6760b

WIP: Persist group information in database

25f031c

WIP: Use indico.core.db.db

7abd7c6

Restructure code

536f095

Disable indico pytest plugins

7e2451e

Create Indico plugin

4325a07

Add integration tests

4bca315

Add/fix tests

52a2aff

Adapt code so that tox run passes

c609f42

Remove memory group provider

bede13a

Use random values in tests

89fc2ce

Add setup configuration

82a5e04

Set ignore_missing_imports to true for mypy

9a419cb

Add README

aff975d

Add Github Actions

1a38fed

Add note to README that SAML auth provider must be used

6211a80

Shorten requirements.txt

50f8591

ci: Install requirements for xmlsec

5a52eaf

Init app after provider registration in tests

94898fd

Add experimental status warning to README

35d368d

github-actions bot reviewed Jul 28, 2023

View reviewed changes

flask_multipass_saml_groups/migrations/20230725_1640_ae387f5fc14a_initial_migration.py Show resolved Hide resolved

cbartz added 5 commits July 28, 2023 11:02

Add license header to migration module

ac5a4ad

Add pre-run-script to install xmlsec deps

f201d22

Add libpq-dev to install-packages.sh

a477a87

Adapt README

712f905

Change author to is-devops in setup.cfg

2e43854

cbartz marked this pull request as ready for review July 28, 2023 12:40

cbartz requested a review from a team as a code owner July 28, 2023 12:40