0001-views-handle-a-nonce-parameter-on-login-view-55953.patch

Benjamin Dauvergne, 03 août 2021 16:46

Voir les différences: en ligne côte à côte

Subject: [PATCH 1/2] views: handle a nonce parameter on login view (#55953)

 mellon/views.py       | 10 ++++++++++
 tests/test_sso_slo.py |  7 +++++++
 2 files changed, 17 insertions(+)

                 return
             self.set_state('next_url', next_url)
         def set_nonce(self, nonce):
             self.set_state('nonce', nonce)
         def set_state(self, name, value):
             assert self.profile
             relay_state = self.get_relay_state(create=True)
-...
         def get_next_url(self, default=None):
             return self.get_state('next_url', default=default)
         def get_nonce(self):
             return self.get_state('nonce')
         def show_message_status_is_not_success(self, profile, prefix):
             status_codes, idp_message = utils.get_status_codes_and_message(profile)
             args = ['%s: status is not success codes: %r', prefix, status_codes]
-...
                         if content is not None:
                             values.append(content)
             attributes['issuer'] = login.remoteProviderId
             attributes['nonce'] = self.get_nonce()
             if login.nameIdentifier:
                 name_id = login.nameIdentifier
                 name_id_format = force_text(name_id.format or lasso.SAML2_NAME_IDENTIFIER_FORMAT_UNSPECIFIED)
-...
                 policy.allowCreate = utils.get_setting(idp, 'NAME_ID_POLICY_ALLOW_CREATE')
                 policy.format = utils.get_setting(idp, 'NAME_ID_POLICY_FORMAT')
                 force_authn = utils.get_setting(idp, 'FORCE_AUTHN')
                 # link the nonce to the request-id
                 if 'nonce' in request.GET:
                     self.set_nonce(request.GET['nonce'][:128])
                 if force_authn:
                     authn_request.forceAuthn = True
                 if request.GET.get('passive') == '1':

         assert '<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"' in response_text
         assert '<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"' in response_text
         assert 'mellon: created new user _' in response_text
     def test_nonce(db, app, idp, caplog, sp_settings):
         response = app.get(reverse('mellon_login') + '?nonce=1234')
         url, body, relay_state = idp.process_authn_request_redirect(response['Location'])
         response = app.post(reverse('mellon_login'), params={'SAMLResponse': body, 'RelayState': relay_state})
         assert app.session['mellon_session']['nonce'] == '1234'
+    -

Projet

Général

Profil

Produits Entr'ouvert » django-mellon

0001-views-handle-a-nonce-parameter-on-login-view-55953.patch