Merge lp:~roadmr/canonical-identity-provider/dont-clobber-saml-attribute-email into lp:canonical-identity-provider/release
Proposed by
Daniel Manrique
Status: | Merged |
---|---|
Approved by: | Daniel Manrique |
Approved revision: | 1733 |
Merge reported by: | Otto Co-Pilot |
Merged at revision: | not available |
Proposed branch: | lp:~roadmr/canonical-identity-provider/dont-clobber-saml-attribute-email |
Merge into: | lp:canonical-identity-provider/release |
Diff against target: |
81 lines (+31/-6) 2 files modified
src/ubuntu_sso_saml/processors.py (+11/-6) src/ubuntu_sso_saml/tests/test_processors.py (+20/-0) |
To merge this branch: | bzr merge lp:~roadmr/canonical-identity-provider/dont-clobber-saml-attribute-email |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Jonathan Hartley (community) | Approve | ||
Review via email: mp+381788@code.launchpad.net |
Commit message
ensure persistent id-honoring SAML peers don't mess with {{email}} attrib substitution
Description of the change
to QA:
- setup a saml config with "honor persistent id" and "don't use email as persistent id"
- add an attribute using the {{email}} substitution
- hit it form a suitably-configured RP
- ensure the attribute contains the email and not the sha256 persistent id
To post a comment you must log in.
Looks good to me, but with one nitwit idea attached. My apologies.