Projet

Général

Profil

0001-allow-redirection-after-sso-19350.patch

Josué Kouka, 10 octobre 2017 17:35

Télécharger (3,41 ko)

Voir les différences: 

Subject: [PATCH] allow redirection after sso (#19350)


 .../mandaye/templates/mandaye/post-login.html      |  2 +-
 mandayejs/mandaye/views.py                         |  8 ++++++--
 tests/test_mandayejs.py                            | 24 ++++++++++++++++++++++
 3 files changed, 31 insertions(+), 3 deletions(-)
mandayejs/mandaye/templates/mandaye/post-login.html
6 6 
<body>
7 7 
	Please wait...
8 8 
 <br/>
9 
 <iframe id="post-login-frame" src="{% url 'post-login-do' %}" style="display: none;">
9 
 <iframe id="post-login-frame" src="{% url 'post-login-do' %}?next={{ next_url }}" style="display: none;">
10 10 
 </iframe>
11 11 
</body>
12 12 
</html>
mandayejs/mandaye/views.py
95 95 
        logger.debug(credentials)
96 96 
    except (UserCredentials.DoesNotExist,):
97 97 
        return HttpResponseRedirect(resolve_url('associate'))
98 

  		




  99
  
  
    
    return render(request, 'mandaye/post-login.html', {})

  		




  
  98
  
    
    next_url = ''

  		




  
  99
  
    
    if request.GET.get('next', None):

  		




  
  100
  
    
        next_url = request.GET['next']

  		




  
  101
  
    
    return render(request, 'mandaye/post-login.html', {'next_url': next_url})

  		




  100
  102
  
    

  		




  101
  103
  
    

  		




  102
  104
  
    
@login_required

  		




  ......




  170
  172
  
    
        credentials.save()

  		




  171
  173
  
    
        url = result.get('url', '/')

  		




  172
  174
  
    

  		




  
  175
  
    
    if request.GET.get('next'):

  		




  
  176
  
    
        url = request.GET['next']

  		




  173
  177
  
    
    template = Template('<script type="text/javascript">\

  		




  174
  178
  
    
                window.top.location = "{{url}}";</script>')

  		




  175
  179
  
    
    context = RequestContext(request, {'url': url})

  		












  

    
      tests/test_mandayejs.py
    
  





  370
  370
  
    
    mocked_popen.return_value = MockedPopen(expected_output=('<mandayejs></mandayejs>', None))

  		




  371
  371
  
    
    result = exec_phantom(LOGIN_INFO)

  		




  372
  372
  
    
    assert result['result'] == 'json_error'

  		




  
  373
  
    

  		




  
  374
  
    

  		




  
  375
  
    
@mock.patch('mandayejs.mandaye.utils.subprocess.Popen')

  		




  
  376
  
    
@mock.patch('mandayejs.applications.Test.SITE_LOCATORS', MOCKED_SITE_LOCATORS)

  		




  
  377
  
    
def test_post_login_do_with_next_url(mocked_popen, user_john):

  		




  
  378
  
    
    expected_output = {

  		




  
  379
  
    
        "result": "redirect",

  		




  
  380
  
    
        "reason": "password change required",

  		




  
  381
  
    
        "url": "http://mydomain.com/update_password.aspx"

  		




  
  382
  
    
    }

  		




  
  383
  
    
    expected_output = '<mandayejs>%s</mandayejs>' % json.dumps(expected_output)

  		




  
  384
  
    
    mocked_popen.return_value = MockedPopen(expected_output=(expected_output, None))

  		




  
  385
  
    

  		




  
  386
  
    
    UserCredentials.objects.create(user=user_john,

  		




  
  387
  
    
                                   locators={

  		




  
  388
  
    
                                       'login': 'johnny', 'password': 'jumper',

  		




  
  389
  
    
                                       'birth_date': '1995-06-11'})

  		




  
  390
  
    

  		




  
  391
  
    
    request = RequestFactory()

  		




  
  392
  
    
    url = '%s?next=http://example.net/' % reverse('post-login-do')

  		




  
  393
  
    
    request = request.get(url)

  		




  
  394
  
    
    request.user = user_john

  		




  
  395
  
    
    response = post_login_do(request)

  		




  
  396
  
    
    assert 'window.top.location = "http://example.net/"' in response.content

  		




  373
  
  
    
-