[#2932] Update eHerkenning SAML flow: get & store vestigingsnummer

Paul Schilling · Paul Schilling · commit fcb4c6bc462a · 2024-12-13T10:45:32.000+01:00
diff --git a/src/eherkenning/backends.py b/src/eherkenning/backends.py
@@ -4,6 +4,8 @@
 from digid_eherkenning.exceptions import eHerkenningError
 from digid_eherkenning.utils import get_client_ip
 
+from open_inwoner.kvk.branches import KVK_BRANCH_SESSION_VARIABLE
+
 UserModel = get_user_model()
 
 
@@ -12,7 +14,11 @@ class eHerkenningBackend(_eHerkenningBackend):
     Custom backend to identify users based on the KvK number instead of RSIN
     """
 
-    # TODO: get vestigingsnummer from saml_response
+    def get_company_branch_number(self, attributes):
+        company_branch_number = attributes.get(
+            "urn:etoegang:1.9:ServiceRestriction:Vestigingsnr", None
+        )
+        return company_branch_number
 
     def get_or_create_user(self, request, saml_response, saml_attributes):
         kvk = self.get_kvk_number(saml_attributes)
@@ -28,6 +34,10 @@ def get_or_create_user(self, request, saml_response, saml_attributes):
             user = UserModel.eherkenning_objects.eherkenning_create(kvk)
             created = True
 
+        if vestigingsnummer := self.get_company_branch_number(saml_attributes):
+            self.request.session[KVK_BRANCH_SESSION_VARIABLE] = vestigingsnummer
+            self.request.session.save()
+
         success_message = self.error_messages["login_success"] % {
             "user": str(user),
             "user_info": " (new account)" if created else "",
diff --git a/src/eherkenning/mock/backends.py b/src/eherkenning/mock/backends.py
@@ -22,8 +22,6 @@ class eHerkenningBackend(BaseBackend):
         }
     )
 
-    # TODO: update mock to test retrieval/storage of vestigingsnummer
-
     def get_or_create_user(self, request, kvk):
         created = False
         try:
diff --git a/src/open_inwoner/accounts/backends.py b/src/open_inwoner/accounts/backends.py
@@ -6,7 +6,6 @@
 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth.hashers import check_password
 from django.contrib.auth.models import AbstractUser
-from django.core.exceptions import SuspiciousOperation
 from django.urls import reverse, reverse_lazy
 
 from axes.backends import AxesBackend
diff --git a/src/open_inwoner/kvk/views.py b/src/open_inwoner/kvk/views.py
@@ -59,7 +59,6 @@ def get(self, request, *args, **kwargs):
             return HttpResponse(_("Unauthorized"), status=401)
 
         redirect = self.get_redirect()
-
         context = super().get_context_data()
 
         form = context["form"]

Original file line number	Diff line number	Diff line change
`@@ -22,8 +22,6 @@ class eHerkenningBackend(BaseBackend):`
`22`	`22`	`}`
`23`	`23`	`)`
`24`	`24`
`25`		`- # TODO: update mock to test retrieval/storage of vestigingsnummer`
`26`		`-`
`27`	`25`	`def get_or_create_user(self, request, kvk):`
`28`	`26`	`created = False`
`29`	`27`	`try:`