search

snok / django-auth-adfs

A Django authentication backend for Microsoft ADFS and AzureAD
http://django-auth-adfs.readthedocs.io/
BSD 2-Clause "Simplified" License
272 stars 99 forks source link

feat: Added setting UPN_CLAIM allowing us to match the email instead of username #264

Open cusco opened 1 year ago

cusco commented 1 year ago

In our case we do not create new users. Instead, we onboard them previously through a different process and usernames follow a specific pattern instead of email address.

This PR adds the setting UPN_CLAIM that can be set to the email field. If this is set, the code will not attempt to match an existing user by username, but by the email field and claims upn instead.

If the user is being created it will still set the username field to the UPN

codecov[bot] commented 1 year ago

Codecov Report

Merging #264 (defb63b) into master (896d65b) will decrease coverage by 0.3%. The diff coverage is 72.7%.

@@           Coverage Diff            @@
##           master    #264     +/-   ##
========================================
- Coverage    86.3%   85.9%   -0.4%     
========================================
  Files           8       8             
  Lines         497     505      +8     
========================================
+ Hits          429     434      +5     
- Misses         68      71      +3
Impacted Files Coverage Δ
django_auth_adfs/backend.py 85.7% <71.4%> (-0.7%) :arrow_down:
django_auth_adfs/config.py 87.8% <75.0%> (-0.3%) :arrow_down:
JonasKs commented 1 year ago

I'm a bit confused, why don't this setting work?