0001-implement-FranceConnect-logout-25696.patch

Benjamin Dauvergne, 08 octobre 2018 16:56

Voir les différences: en ligne côte à côte

Subject: [PATCH] implement FranceConnect logout (#25696)

 tests/test_fc_auth.py             |  4 ++++
 wcs/qommon/ident/franceconnect.py | 16 +++++++++++++++-
 wcs/root.py                       |  5 +++++
 3 files changed, 24 insertions(+), 1 deletion(-)

         assert session.extra_user_variables['fc_sub'] == 'ymca'
         resp = app.get('/logout')
         assert resp.location.endswith('/ident/fc/logout')
         resp = resp.follow()
         assert resp.location == 'https://fcp.integ01.dev-franceconnect.fr/api/v1/logout?post_logout_redirect_uri=http%3A%2F%2Fexample.net'
         assert not get_session(app)
         # Test error handling path
         resp = app.get('/ident/fc/callback?%s' % urllib.urlencode({

     class MethodDirectory(Directory):
         _q_exports = ['login', 'callback']
         _q_exports = ['login', 'logout', 'callback']
         def login(self):
             return FCAuthMethod().login()
         def logout(self):
             return FCAuthMethod().logout()
         def callback(self):
             return FCAuthMethod().callback()
-...
             r += _('Callback URL is %s.') % fc_callback
             r += htmltext('</p>')
             r += htmltext('<p>')
             r += _('Logout callback URL is %s.') % get_publisher().get_frontoffice_url()
             r += htmltext('</p>')
             r += htmltext('<p>')
             r += htmltext(_('See <a href="https://franceconnect.gouv.fr/fournisseur-service">'
                             'FranceConnect partners\'site</a> for getting a client_id and '
                             'a client_secret.'))
-...
             session.set_user(user.id)
             session.extra_user_variables = session_var_fc_user
             return redirect(next_url)
         def logout(self):
             logout_url = self.get_logout_url()
             post_logout_redirect_uri = get_publisher().get_frontoffice_url()
             logout_url += '?' + urllib.urlencode({
                 'post_logout_redirect_uri': post_logout_redirect_uri,
             })
             return redirect(logout_url)

             if not session:
                 return redirect(get_publisher().get_root_url())
             ident_methods = get_cfg('identification', {}).get('methods', [])
             if 'fc' in ident_methods and session.extra_user_variables and 'fc_sub' in session.extra_user_variables:
                 get_session_manager().expire_session()
                 return redirect(get_publisher().get_root_url() + 'ident/fc/logout')
             if not 'idp' in ident_methods:
                 get_session_manager().expire_session()
                 return redirect(get_publisher().get_root_url())
+    -

Projet

Général

Profil

Produits Entr'ouvert » w.c.s.

0001-implement-FranceConnect-logout-25696.patch