0001-allow-redirection-after-sso-19350.patch
| mandayejs/mandaye/templates/mandaye/post-login.html | ||
|---|---|---|
| 6 | 6 |
<body> |
| 7 | 7 |
Please wait... |
| 8 | 8 |
<br/> |
| 9 |
<iframe id="post-login-frame" src="{% url 'post-login-do' %}" style="display: none;">
|
|
| 9 |
<iframe id="post-login-frame" src="{% url 'post-login-do' %}{% if next_url %}?next_url={{ next_url|iriencode }}{% endif %}" style="display: none;">
|
|
| 10 | 10 |
</iframe> |
| 11 | 11 |
</body> |
| 12 | 12 |
</html> |
| mandayejs/mandaye/views.py | ||
|---|---|---|
| 95 | 95 |
logger.debug(credentials) |
| 96 | 96 |
except (UserCredentials.DoesNotExist,): |
| 97 | 97 |
return HttpResponseRedirect(resolve_url('associate'))
|
| 98 | ||
| 99 |
return render(request, 'mandaye/post-login.html', {})
|
|
| 98 |
next_url = None |
|
| 99 |
if request.GET.get('next_url'):
|
|
| 100 |
next_url = request.GET['next_url'] |
|
| 101 |
return render(request, 'mandaye/post-login.html', {'next_url': next_url})
|
|
| 100 | 102 | |
| 101 | 103 | |
| 102 | 104 |
@login_required |
| ... | ... | |
| 170 | 172 |
credentials.save() |
| 171 | 173 |
url = result.get('url', '/')
|
| 172 | 174 | |
| 175 |
# redirect user only if SSO successful |
|
| 176 |
if request.GET.get('next_url') and result['result'] == 'ok':
|
|
| 177 |
url = request.GET['next_url'] |
|
| 173 | 178 |
template = Template('<script type="text/javascript">\
|
| 174 | 179 |
window.top.location = "{{url}}";</script>')
|
| 175 | 180 |
context = RequestContext(request, {'url': url})
|
| tests/test_mandayejs.py | ||
|---|---|---|
| 370 | 370 |
mocked_popen.return_value = MockedPopen(expected_output=('<mandayejs></mandayejs>', None))
|
| 371 | 371 |
result = exec_phantom(LOGIN_INFO) |
| 372 | 372 |
assert result['result'] == 'json_error' |
| 373 | ||
| 374 | ||
| 375 |
@mock.patch('mandayejs.mandaye.utils.subprocess.Popen')
|
|
| 376 |
@mock.patch('mandayejs.applications.Test.SITE_LOCATORS', MOCKED_SITE_LOCATORS)
|
|
| 377 |
def test_post_login_do_with_next_url(mocked_popen, user_john): |
|
| 378 |
# when sso fails |
|
| 379 |
expected_output = {
|
|
| 380 |
"result": "redirect", |
|
| 381 |
"reason": "password change required", |
|
| 382 |
"url": "http://mydomain.com/update_password.aspx" |
|
| 383 |
} |
|
| 384 |
expected_output = '<mandayejs>%s</mandayejs>' % json.dumps(expected_output) |
|
| 385 |
mocked_popen.return_value = MockedPopen(expected_output=(expected_output, None)) |
|
| 386 | ||
| 387 |
UserCredentials.objects.create(user=user_john, |
|
| 388 |
locators={
|
|
| 389 |
'login': 'johnny', 'password': 'jumper', |
|
| 390 |
'birth_date': '1995-06-11'}) |
|
| 391 | ||
| 392 |
request = RequestFactory() |
|
| 393 |
url = '%s?next=http://example.net/' % reverse('post-login-do')
|
|
| 394 |
request = request.get(url) |
|
| 395 |
request.user = user_john |
|
| 396 |
response = post_login_do(request) |
|
| 397 |
assert 'window.top.location = "http://example.net/"' not in response.content |
|
| 398 | ||
| 399 |
# when SSO succeeds |
|
| 400 |
expected_output = {
|
|
| 401 |
"result": "ok", |
|
| 402 |
"url": "http://mydomain.com/account.aspx" |
|
| 403 |
} |
|
| 404 |
expected_output = '<mandayejs>%s</mandayejs>' % json.dumps(expected_output) |
|
| 405 |
mocked_popen.return_value = MockedPopen(expected_output=(expected_output, None)) |
|
| 406 |
request = RequestFactory() |
|
| 407 |
url = '%s?next_url=http://example.net/' % reverse('post-login-do')
|
|
| 408 |
request = request.get(url) |
|
| 409 |
request.user = user_john |
|
| 410 |
response = post_login_do(request) |
|
| 411 |
assert 'window.top.location = "http://example.net/"' in response.content |
|
| 373 |
- |
|