OM-188 Implemented mconnect client, Added some configs

openimis · Aug 23, 2024 · 446f30e · 446f30e
1 parent b74686d
commit 446f30e
Show file tree

Hide file tree

Showing 5 changed files with 63 additions and 44 deletions.
diff --git a/msystems/apps.py b/msystems/apps.py
@@ -6,6 +6,14 @@
     # URL to be redirected to after successful login
     "mpass_login_redirect": "",
 
+    "mpass_first_name": "FirstName",
+    "mpass_last_name": "LastName",
+    "mpass_dob": "BirthDate",
+    "mpass_key_roles": "Role",
+    "mpass_key_legal_entities": "OrganizationAdministrator",
+    #"mpass_key_legal_entities": "AdministeredLegalEntity"
+
+
     # Mpass configurations
     "mpass_config": {
         # Strict mode: SAML responses must be validated strictly.
@@ -98,6 +106,12 @@ class MsystemsConfig(AppConfig):
     default_auto_field = "django.db.models.BigAutoField"
     name = "msystems"
 
+    mpass_key_first_name = None
+    mpass_key_last_name = None
+    mpass_dob = None
+    mpass_key_roles = None
+    mpass_key_legal_entities = None
+
     # DO NOT  CHANGE THIS ####
     ADMIN = "Admin"
     INSPECTOR = "Inspector"

diff --git a/msystems/client/mconnect.py b/msystems/client/mconnect.py
@@ -1,40 +1,7 @@
-from zeep import Client, Plugin, Settings
-from zeep.exceptions import SignatureVerificationFailed
+from zeep import Client, Settings
 
 from msystems.apps import MsystemsConfig
-from msystems.xml_utils import add_signature, verify_signature, add_timestamp, verify_timestamp
-
-
-class MconnectClientError(Exception):
-    pass
-
-
-class SoapWssePlugin(Plugin):
-    def __init__(self, service_private_key, service_certificate, mconnect_certificate):
-        self.service_certificate = service_certificate
-        self.service_private_key = service_private_key
-        self.mconnect_certificate = mconnect_certificate
-
-    def egress(self, envelope, http_headers, operation, binding_options):
-        root = envelope
-
-        add_timestamp(root)
-        add_signature(root, self.service_private_key, self.service_certificate)
-
-        return envelope, http_headers
-
-    def ingress(self, envelope, http_headers, operation):
-        try:
-            verify_timestamp(envelope)
-        except ValueError as e:
-            raise MconnectClientError(str(e))
-
-        try:
-            verify_signature(envelope, self.mconnect_certificate)
-        except SignatureVerificationFailed:
-            raise MconnectClientError("Envelope signature verification failed")
-
-        return envelope, http_headers
+from msystems.client.utils import SoapWssePlugin, SoapClientError
 
 
 class MconnectClient:
@@ -43,13 +10,14 @@ def __init__(self):
         self.url = MsystemsConfig.mconnect_config['url']
 
         settings = Settings(strict=False, raw_response=True)
-        self.client = Client(self.url, settings,
+        self.client = Client(wsdl=self.url,
+                             settings=settings,
                              plugins=[SoapWssePlugin(MsystemsConfig.mconnect_config['service_private_key'],
                                                      MsystemsConfig.mconnect_config['service_certificate'],
                                                      MsystemsConfig.mconnect_config['mconnect_certificate'])])
 
     def get_person(self, idpn):
-        service_handle = self.client.service.get('GetPerson')
+        service_handle = self.client.service['GetPerson']
         if not service_handle:
-            raise MconnectClientError("Service GetPerson not found")
+            raise SoapClientError("Service GetPerson not found")
         return service_handle(IDPN=idpn)
diff --git a/msystems/client/utils.py b/msystems/client/utils.py
@@ -0,0 +1,36 @@
+from zeep import Plugin
+from zeep.exceptions import SignatureVerificationFailed
+
+from msystems.xml_utils import add_timestamp, add_signature, verify_timestamp, verify_signature
+
+
+class SoapClientError(Exception):
+    pass
+
+
+class SoapWssePlugin(Plugin):
+    def __init__(self, service_private_key, service_certificate, mconnect_certificate):
+        self.service_certificate = service_certificate
+        self.service_private_key = service_private_key
+        self.mconnect_certificate = mconnect_certificate
+
+    def egress(self, envelope, http_headers, operation, binding_options):
+        root = envelope
+
+        add_timestamp(root)
+        add_signature(root, self.service_private_key, self.service_certificate)
+
+        return envelope, http_headers
+
+    def ingress(self, envelope, http_headers, operation):
+        try:
+            verify_timestamp(envelope)
+        except ValueError as e:
+            raise SoapClientError(str(e))
+
+        try:
+            verify_signature(envelope, self.mconnect_certificate)
+        except SignatureVerificationFailed:
+            raise SoapClientError("Envelope signature verification failed")
+
+        return envelope, http_headers
diff --git a/msystems/services/saml_user_service.py b/msystems/services/saml_user_service.py
@@ -51,8 +51,8 @@ def _get_or_create_user(self, username: str, user_data: dict):
     def _create_user(self, username: str, user_data: dict) -> User:
         i_user = InteractiveUser(
             login_name=username,
-            other_names=user_data.get('FirstName')[0],
-            last_name=user_data.get('LastName')[0],
+            other_names=user_data.get(MsystemsConfig.mpass_key_first_name)[0],
+            last_name=user_data.get(MsystemsConfig.mpass_key_last_name)[0],
             language_id=MsystemsConfig.default_mpass_language,
             audit_user_id=0,
             is_associated=False,
@@ -70,22 +70,22 @@ def _create_user(self, username: str, user_data: dict) -> User:
         return core_user
 
     def _update_user(self, user: User, user_data: dict) -> None:
-        data_first_name = user_data.get('FirstName')[0]
-        data_last_name = user_data.get('LastName')[0]
+        data_first_name = user_data.get(MsystemsConfig.mpass_key_first_name)[0]
+        data_last_name = user_data.get(MsystemsConfig.mpass_key_last_name)[0]
 
         # Update first and last name if they are different
         if user.i_user.other_names != data_first_name or user.i_user.last_name != data_last_name:
             self._update_user_name(user.i_user, data_first_name, data_last_name)
 
     def _update_user_legal_entities(self, user: User, user_data: dict) -> None:
-        legal_entities = self._parse_legal_entities(user_data.get('AdministeredLegalEntity', []))
+        legal_entities = self._parse_legal_entities(user_data.get(MsystemsConfig.mpass_key_legal_entities, []))
         policyholders = [self._get_or_create_policy_holder(user, line[1], line[0]) for line in legal_entities]
 
         self._delete_old_user_policyholders(user, policyholders)
         self._add_new_user_policyholders(user, policyholders)
 
     def _update_user_roles(self, user, user_data):
-        msystem_roles_list = user_data.get('Role', [MsystemsConfig.EMPLOYER])
+        msystem_roles_list = user_data.get(MsystemsConfig.mpass_key_legal_entities, [MsystemsConfig.EMPLOYER])
 
         for role in msystem_roles_list:
             self._validate_incoming_roles(role)

diff --git a/msystems/xml_utils.py b/msystems/xml_utils.py
@@ -1,5 +1,6 @@
 import re
 import datetime as py_datetime
+
 from zeep.wsse.signature import _make_sign_key, _sign_envelope_with_key, _make_verify_key, _verify_envelope_with_key
 from lxml import etree