Projet

Général

Profil

0001-ldap-override-password_change-route-with-a-URL-in-ap.patch

Loïc Dachary, 08 avril 2021 13:51

Télécharger (2,83 ko)

Voir les différences:

Subject: [PATCH] ldap: override password_change route with a URL in
 app_settings

Fixes: https://dev.entrouvert.org/issues/52183

License: MIT
 src/authentic2/app_settings.py   | 3 +++
 src/authentic2/authenticators.py | 3 ++-
 tests/test_ldap.py               | 8 ++++++++
 3 files changed, 13 insertions(+), 1 deletion(-)
src/authentic2/app_settings.py
132 132
    ),
133 133
    A2_PROFILE_DISPLAY_EMPTY_FIELDS=Setting(default=False, definition='Include empty fields in profile view'),
134 134
    A2_HOMEPAGE_URL=Setting(default=None, definition='IdP has no homepage, redirect to this one.'),
135
    A2_EXTERNAL_CHANGE_PASSWORD_URL=Setting(
136
        default=None,
137
        definition='Redirect URL when a password change is required'),
135 138
    A2_USER_CAN_RESET_PASSWORD=Setting(default=None, definition='Allow online reset of passwords'),
136 139
    A2_USER_CAN_RESET_PASSWORD_BY_USERNAME=Setting(
137 140
        default=False, definition='Allow password reset request by username'
src/authentic2/authenticators.py
142 142

  
143 143
                if hasattr(request, 'needs_password_change'):
144 144
                    del request.needs_password_change
145
                    url = app_settings.A2_EXTERNAL_CHANGE_PASSWORD_URL or 'password_change'
145 146
                    return utils.redirect(
146
                        request, 'password_change', params={'next': response.url}, resolve=True
147
                        request, url, params={'next': response.url}, resolve=True
147 148
                    )
148 149

  
149 150
                return response
tests/test_ldap.py
1339 1339
    response = response.form.submit('login-password-submit')
1340 1340
    assert '/password/change/' in response['Location']
1341 1341

  
1342
    response = app.get('/login/')
1343
    response.form['username'] = USERNAME
1344
    response.form['password'] = password
1345
    settings.A2_EXTERNAL_CHANGE_PASSWORD_URL = 'http://example.com'
1346
    settings.A2_REDIRECT_WHITELIST = ('http://example.com',)
1347
    response = response.form.submit('login-password-submit')
1348
    assert 'example.com' in response['Location']
1349

  
1342 1350

  
1343 1351
def test_authenticate_ppolicy_pwdAllowUserChange(slapd_ppolicy, settings, db, caplog):
1344 1352
    settings.LDAP_AUTH_SETTINGS = [
1345
-