Merge pull request #135 from italia/acrspid

spid backend acr selection

Author: MdreW

example/backends/spidsaml2.py

@@ -562,9 +562,25 @@ def authn_response(self, context, binding):
         recipient = _sp_config["service"]["sp"]["endpoints"][
             "assertion_consumer_service"
         ][0][0]
-        authn_context_classref = self.config["acr_mapping"][""]
 
-        issuer = authn_response.response.issuer
+        # ACR
+        issuer = authn_response.response.issuer.text.strip()
+        acr_map :dict = {}
+
+        try:
+            acr_map = self.config["acr_mapping"]
+        except Exception as e:
+            logger.warning(
+                "acr_mapping not defined in the spid backend"
+            )
+            return self.handle_error(
+                **{
+                    "message": "acr_mapping not defined in the spid backend", 
+                    "troubleshoot": "Please contact the administrators of the platform and tell them to configure properly the acr_mapping in the SPID/CIE backend"
+                   }
+            )
+        acr_default = acr_map.get("", "https://www.spid.gov.it/SpidL2")
+        authn_context_classref = acr_map.get(issuer, acr_default)
 
         # this will get the entity name in state
         if len(context.state.keys()) < 2: