[#2932] Update eHerkenning SAML flow: get & store vestigingsnummer

maykinmedia · Dec 12, 2024 · 359d14c · 359d14c
1 parent a6b7b94
commit 359d14c
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 5 deletions.
diff --git a/src/eherkenning/backends.py b/src/eherkenning/backends.py
@@ -4,6 +4,8 @@
 from digid_eherkenning.exceptions import eHerkenningError
 from digid_eherkenning.utils import get_client_ip
 
+from open_inwoner.kvk.branches import KVK_BRANCH_SESSION_VARIABLE
+
 UserModel = get_user_model()
 
 
@@ -12,7 +14,11 @@ class eHerkenningBackend(_eHerkenningBackend):
     Custom backend to identify users based on the KvK number instead of RSIN
     """
 
-    # TODO: get vestigingsnummer from saml_response
+    def get_company_branch_number(self, attributes):
+        company_branch_number = attributes.get(
+            "urn:etoegang:1.9:ServiceRestriction:Vestigingsnr", None
+        )
+        return company_branch_number
 
     def get_or_create_user(self, request, saml_response, saml_attributes):
         kvk = self.get_kvk_number(saml_attributes)
@@ -28,6 +34,10 @@ def get_or_create_user(self, request, saml_response, saml_attributes):
             user = UserModel.eherkenning_objects.eherkenning_create(kvk)
             created = True
 
+        if vestigingsnummer := self.get_company_branch_number(saml_attributes):
+            self.request.session[KVK_BRANCH_SESSION_VARIABLE] = vestigingsnummer
+            self.request.session.save()
+
         success_message = self.error_messages["login_success"] % {
             "user": str(user),
             "user_info": " (new account)" if created else "",

diff --git a/src/eherkenning/mock/backends.py b/src/eherkenning/mock/backends.py
@@ -22,8 +22,6 @@ class eHerkenningBackend(BaseBackend):
         }
     )
 
-    # TODO: update mock to test retrieval/storage of vestigingsnummer
-
     def get_or_create_user(self, request, kvk):
         created = False
         try:

diff --git a/src/open_inwoner/accounts/backends.py b/src/open_inwoner/accounts/backends.py
@@ -6,7 +6,6 @@
 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth.hashers import check_password
 from django.contrib.auth.models import AbstractUser
-from django.core.exceptions import SuspiciousOperation
 from django.urls import reverse, reverse_lazy
 
 from axes.backends import AxesBackend

diff --git a/src/open_inwoner/kvk/views.py b/src/open_inwoner/kvk/views.py
@@ -59,7 +59,6 @@ def get(self, request, *args, **kwargs):
             return HttpResponse(_("Unauthorized"), status=401)
 
         redirect = self.get_redirect()
-
         context = super().get_context_data()
 
         form = context["form"]
-Original file line number
+Diff line change
@@ Expand Up / @@ -22,8 +22,6 @@ class eHerkenningBackend(BaseBackend): @@
             }
         )
-        # TODO: update mock to test retrieval/storage of vestigingsnummer
         def get_or_create_user(self, request, kvk):
             created = False
             try:
@@ Expand Down @@