0001-middleware-clear-PASSIVE_TRIED_COOKIE-when-logged-in.patch
mellon/middleware.py | ||
---|---|---|
31 | 31 |
if ( |
32 | 32 |
app_settings.OPENED_SESSION_COOKIE_NAME |
33 | 33 |
and PASSIVE_TRIED_COOKIE in request.COOKIES |
34 |
and app_settings.OPENED_SESSION_COOKIE_NAME not in request.COOKIES |
|
34 |
and ( |
|
35 |
app_settings.OPENED_SESSION_COOKIE_NAME not in request.COOKIES |
|
36 |
or (hasattr(request, 'user') and request.user.is_authenticated) |
|
37 |
) |
|
35 | 38 |
): |
36 | 39 |
response.delete_cookie(PASSIVE_TRIED_COOKIE) |
37 | 40 |
return response |
tests/test_sso_slo.py | ||
---|---|---|
717 | 717 |
url, body, relay_state = idp.process_authn_request_redirect(response['Location']) |
718 | 718 |
response = app.post(reverse('mellon_login'), params={'SAMLResponse': body, 'RelayState': relay_state}) |
719 | 719 |
assert app.session['mellon_opened_session_cookie'] == '5678' |
720 |
assert 'MELLON_PASSIVE_TRIED' not in app.cookies |
|
720 | 721 |
assert '_auth_user_id' in app.session |
721 | 722 |
# ok change the idp session id |
722 | 723 |
app.set_cookie('IDP_SESSION', '1234') |
723 | 724 |
# if we try a request, we are logged out and redirected to try a new passive login |
724 | 725 |
response = app.get('/', headers={'Accept': 'text/html'}, status=302) |
725 | 726 |
assert '_auth_user_id' not in app.session |
727 |
assert 'MELLON_PASSIVE_TRIED' in app.cookies |
|
726 | 728 | |
727 | 729 | |
728 | 730 |
def test_passive_auth_middleware_no_passive_auth_parameter(db, app, idp, caplog, settings): |
729 |
- |