72 |
72 |
def get_next_url(self, default=None):
|
73 |
73 |
return self.get_state('next_url', default=default)
|
74 |
74 |
|
|
75 |
def show_message_status_is_not_success(self, profile, prefix):
|
|
76 |
status_codes, idp_message = utils.get_status_codes_and_message(profile)
|
|
77 |
args = [u'%s: status is not success codes: %r', prefix, status_codes]
|
|
78 |
if idp_message:
|
|
79 |
args[0] += u' message: %s'
|
|
80 |
args.append(idp_message)
|
|
81 |
self.log.warning(*args)
|
|
82 |
|
75 |
83 |
|
76 |
84 |
class LoginView(ProfileMixin, LogMixin, View):
|
77 |
85 |
def get_idp(self, request):
|
... | ... | |
107 |
115 |
except (lasso.LoginStatusNotSuccessError,
|
108 |
116 |
lasso.ProfileStatusNotSuccessError,
|
109 |
117 |
lasso.ProfileRequestDeniedError):
|
110 |
|
status = login.response.status
|
111 |
|
a = status
|
112 |
|
while a.statusCode:
|
113 |
|
status_codes.append(a.statusCode.value)
|
114 |
|
a = a.statusCode
|
115 |
|
args = ['SAML authentication failed: status is not success codes: %r', status_codes]
|
116 |
|
if status.statusMessage:
|
117 |
|
idp_message = status.statusMessage.decode('utf-8')
|
118 |
|
args[0] += ' message: %r'
|
119 |
|
args.append(status.statusMessage)
|
120 |
|
self.log.warning(*args)
|
|
118 |
self.show_message_status_is_not_success(login, 'SAML authentication failed')
|
121 |
119 |
except lasso.Error, e:
|
122 |
120 |
return HttpResponseBadRequest('error processing the authentication response: %r' % e)
|
123 |
121 |
else:
|
... | ... | |
201 |
199 |
utils.get_seconds_expiry(
|
202 |
200 |
attributes['session_not_on_or_after']))
|
203 |
201 |
else:
|
|
202 |
self.log.warning('user %r (NameID is %r) is inactive, login refused', unicode(user),
|
|
203 |
attributes['name_id_content'])
|
204 |
204 |
return render(request, 'mellon/inactive_user.html', {
|
205 |
205 |
'user': user,
|
206 |
206 |
'saml_attributes': attributes})
|
207 |
207 |
else:
|
|
208 |
self.log.warning('no user found for NameID %r', attributes['name_id_content'])
|
208 |
209 |
return render(request, 'mellon/user_not_found.html',
|
209 |
210 |
{'saml_attributes': attributes})
|
210 |
211 |
request.session['lasso_session_dump'] = login.session.dump()
|
... | ... | |
427 |
428 |
auth.logout(request)
|
428 |
429 |
try:
|
429 |
430 |
logout.processResponseMsg(request.META['QUERY_STRING'])
|
|
431 |
except lasso.ProfileStatusNotSuccessError:
|
|
432 |
self.show_message_status_is_not_success(logout, 'SAML logout failed')
|
430 |
433 |
except lasso.LogoutPartialLogoutError:
|
431 |
434 |
self.log.warning('partial logout')
|
432 |
435 |
except lasso.Error, e:
|
433 |
|
self.log.error('unable to process a logout response %r', e)
|
|
436 |
self.log.warning('unable to process a logout response: %s', e)
|
434 |
437 |
return HttpResponseRedirect(resolve_url(settings.LOGIN_REDIRECT_URL))
|
435 |
438 |
next_url = self.get_next_url(default=resolve_url(settings.LOGIN_REDIRECT_URL))
|
436 |
439 |
return HttpResponseRedirect(next_url)
|
437 |
|
-
|