From 2ed8c7d75b1fadf3f01da61eff31a98e8893b22e Mon Sep 17 00:00:00 2001 From: Paul Schilling Date: Wed, 11 Dec 2024 11:10:15 +0100 Subject: [PATCH] [#2932] Update eHerkenning SAML flow: get & store vestigingsnummer --- src/eherkenning/backends.py | 12 +++++++++++- src/open_inwoner/accounts/backends.py | 1 - 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/eherkenning/backends.py b/src/eherkenning/backends.py index b29a1d2788..4af05c57be 100644 --- a/src/eherkenning/backends.py +++ b/src/eherkenning/backends.py @@ -4,6 +4,8 @@ from digid_eherkenning.exceptions import eHerkenningError from digid_eherkenning.utils import get_client_ip +from open_inwoner.kvk.branches import KVK_BRANCH_SESSION_VARIABLE + UserModel = get_user_model() @@ -12,7 +14,11 @@ class eHerkenningBackend(_eHerkenningBackend): Custom backend to identify users based on the KvK number instead of RSIN """ - # TODO: get vestigingsnummer from saml_response + def get_company_branch_number(self, attributes): + company_branch_number = attributes.get( + "urn:etoegang:1.9:ServiceRestriction:Vestigingsnr", None + ) + return company_branch_number def get_or_create_user(self, request, saml_response, saml_attributes): kvk = self.get_kvk_number(saml_attributes) @@ -28,6 +34,10 @@ def get_or_create_user(self, request, saml_response, saml_attributes): user = UserModel.eherkenning_objects.eherkenning_create(kvk) created = True + if vestigingsnummer := self.get_company_branch_number(saml_attributes): + self.request.session[KVK_BRANCH_SESSION_VARIABLE] = vestigingsnummer + self.request.session.save() + success_message = self.error_messages["login_success"] % { "user": str(user), "user_info": " (new account)" if created else "", diff --git a/src/open_inwoner/accounts/backends.py b/src/open_inwoner/accounts/backends.py index 0099e303c7..f24113bc9d 100644 --- a/src/open_inwoner/accounts/backends.py +++ b/src/open_inwoner/accounts/backends.py @@ -6,7 +6,6 @@ from django.contrib.auth.backends import ModelBackend from django.contrib.auth.hashers import check_password from django.contrib.auth.models import AbstractUser -from django.core.exceptions import SuspiciousOperation from django.urls import reverse, reverse_lazy from axes.backends import AxesBackend