Feat- Parse Shibboleth eduPersonAffiliationValues attribute

1. Set a valid set of eppa values
2. Check if user's attributes match with any of the valid set of eppa values
3. If no match with user's eppa and valid set, redir to shib error page

app/__init__.py

@@ -40,7 +40,7 @@ def create_app(config_name):
     @app.route('/', methods=['GET', 'POST']) # initial route to display the reg page
     def index():
 
-        invalid_eppa = ["alum", "library-walk-in"]
+        valid_eppa = ["faculty", "staff", "student", "affliate"]
 
         if 'uid' not in session:
             session['uid']=str(uuid.uuid4())
@@ -50,8 +50,8 @@ def create_app(config_name):
 
         session['return_url'] = request.args.get('redir', vars.default_referrer)
 
-#        if(any(item in session['user'].get('eppa') for item in invalid_eppa)):
-#            return render_template('errors/shibboleth.html', title='shibboleth error')
+        if (not any(item in session['user'].get('eppa') for item in valid_eppa)):
+            return render_template('errors/shibboleth.html', title='shibboleth error')
 
         if rc_util.check_state(session['user'].get('username')) == "blocked":
             return render_template('errors/blocked.html')
@@ -71,7 +71,7 @@ def create_app(config_name):
                                referrer=session['return_url'], cancel_url=vars.default_referrer,
                                welcome_msg=messages.welcome_message,
                                cancel_msg=messages.cancel_message,
-                               error_msg=messages.error_message)
+         if (not any(item in session['user'].get('eppa') for item in valid_eppa)):                      error_msg=messages.error_message)
 
 
     @app.route('/blocked_account')