allow OIDC providers to deliver email on comma-separated list form ra…

…ther than individual email args. Explicitly unpack into the individual email addresses as first step in autocreate where it's used.

git-svn-id: svn+ssh://svn.code.sf.net/p/migrid/code/trunk@6032 b75ad72c-e7d7-11dd-a971-7dbc132099af

mig/shared/functionality/autocreate.py

@@ -219,6 +219,18 @@ def handle_proxy(proxy_string, client_id, config):
     return output
 
 
+def split_comma_concat(value_list, sep=','):
+    """Take a list of values and adjust it so that any values with given sep
+    inside is expanded to the individual values without the separator.
+    I.e. the list ['abc,def'] is transformed into ['abc', 'def'].
+    """
+    result = []
+    for val in value_list:
+        parts = val.split(sep)
+        result += parts
+    return result
+
+
 def main(client_id, user_arguments_dict, environ=None):
     """Main function used by front end"""
 
@@ -384,7 +396,10 @@ def main(client_id, user_arguments_dict, environ=None):
                                 if i])
         locality = accepted['oidc.claim.locality'][-1].strip()
         timezone = accepted['oidc.claim.timezone'][-1].strip()
-        email = accepted['oidc.claim.email'][-1].strip()
+        # NOTE: some OIDC providers may comma-separate values concatenated
+        #       translate to individual args instead in that case. E.g. as in
+        #       'john@doe.org,jd@doe.org' -> ['john@doe.org', 'jd@doe.org']
+        email = split_comma_concat(accepted['oidc.claim.email'])[-1].strip()
 
     # We may encounter results without an email, fall back to try plain IDs then
     if not email:

mig/shared/safeinput.py

@@ -1960,7 +1960,6 @@ def guess_type(name):
             'openid.sreg.nickname',
             'openid.sreg.email',
             'openid.sreg.mail',
-            'oidc.claim.email',
             'adminemail',
         ):
             __type_map[key] = valid_email_address
@@ -1975,8 +1974,11 @@ def guess_type(name):
             # NOTE: allow space or comma as delimiter
             __type_map[key] = lambda x: valid_commonname(
                 x, extra_chars=',')
+        # NOTE: some OIDCs concat email list into comma-separated string
+        #       accept and handle unpacking explicitly in autocreate.py
         for key in (
             'peers_email',
+            'oidc.claim.email',
         ):
             # NOTE: allow space or comma as delimiter
             __type_map[key] = lambda x: valid_email_addresses(
@@ -2440,7 +2442,7 @@ def __str__(self):
         print("\t%s: %s" % (key, val))
     user_arguments_dict = {'oidc.claim.aud': ['http://somedomain.org'],
                            'oidc.claim.country': ['DK'],
-                           'oidc.claim.email': ['bardino@science.ku.dk'],
+                           'oidc.claim.email': ['bardino@nbi.ku.dk,bardino@science.ku.dk'],
                            'oidc.claim.iss': ['https://wayf.wayf.dk'],
                            'oidc.claim.name': ['Jonas Bardino'],
                            'oidc.claim.organization': ['ku.dk'],