0001-merge-local-and-idp-logout-9865.patch
mandayejs/applications.py | ||
---|---|---|
136 | 136 | |
137 | 137 |
SITE_FORM_SUBMIT_ELEMENT = 'input[type=button]' |
138 | 138 | |
139 |
SITE_LOGOUT_LOCATOR = '#lnkDisconnect' |
|
140 | ||
139 | 141 | |
140 | 142 |
# Archimed App Settings |
141 | 143 |
class Archimed(AppSettings): |
... | ... | |
180 | 182 |
name='archimed-account-details'), |
181 | 183 |
) |
182 | 184 | |
185 |
SITE_LOGOUT_LOCATOR = '.account_logoff' |
|
186 | ||
183 | 187 | |
184 | 188 |
# Arpege App Settings |
185 | 189 |
class Arpege(AppSettings): |
... | ... | |
258 | 262 |
class ImuseFamilyMontpellier(Imuse): |
259 | 263 |
SITE_LOGIN_PATH = '/montpellier/extranet/login/usa_index_famille.php' |
260 | 264 | |
265 |
SITE_LOGOUT_LOCATOR = '#MENU_FAMILLE_QUITTER' |
|
266 |
mandayejs/do_login.js | ||
---|---|---|
35 | 35 |
} |
36 | 36 |
} |
37 | 37 | |
38 |
page.viewportSize = {width: 1280, height: 1024}; |
|
39 | ||
38 | 40 |
page.open(input.address, function(status) { |
39 | 41 |
if (status !== 'success'){ |
40 | 42 |
console.log(JSON.stringify({'result':'failed to open resource'})); |
41 | 43 |
phantom.exit(); |
42 | 44 |
} |
43 |
page.viewportSize = {width: 1280, height: 1024}; |
|
44 | 45 |
page.onLoadFinished = function() { |
45 | 46 |
if (page.injectJs(input.auth_checker)){ |
46 | 47 |
input.auth_success = page.evaluate(function(){ |
mandayejs/do_logout.js | ||
---|---|---|
1 |
/* mandayejs - saml reverse proxy |
|
2 |
* Copyright (C) 2015 Entr'ouvert |
|
3 |
* |
|
4 |
* This program is free software: you can redistribute it and/or modify it |
|
5 |
* under the terms of the GNU Affero General Public License as published |
|
6 |
* by the Free Software Foundation, either version 3 of the License, or |
|
7 |
* (at your option) any later version. |
|
8 |
* |
|
9 |
* This program is distributed in the hope that it will be useful, |
|
10 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 |
* GNU Affero General Public License for more details. |
|
13 |
* |
|
14 |
* You should have received a copy of the GNU Affero General Public License |
|
15 |
* along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 |
*/ |
|
17 | ||
18 |
var page = require('webpage').create(); |
|
19 |
var system = require('system'); |
|
20 | ||
21 |
var input = JSON.parse(system.stdin.read(10000)); |
|
22 | ||
23 |
/* |
|
24 |
* Loading cookies |
|
25 |
*/ |
|
26 |
for (var i=0; i < input.cookies.length; i++){ |
|
27 |
phantom.addCookie(input.cookies[i]); |
|
28 |
} |
|
29 | ||
30 |
page.viewportSize = {width: 1280, height: 1024}; |
|
31 | ||
32 |
page.open(input.address, function(status){ |
|
33 |
if (status !== 'success'){ |
|
34 |
console.log(JSON.stringify({'result': 'failed to open resource'})); |
|
35 |
phantom.exit(); |
|
36 |
} |
|
37 | ||
38 |
page.onLoadFinished = function(status){ |
|
39 |
page.render('after_logout.png'); |
|
40 |
console.log(JSON.stringify({'result': 'ok', 'cookies': page.cookies, 'url': page.url})); |
|
41 |
phantom.exit(); |
|
42 |
}; |
|
43 | ||
44 |
page.render('before_logout.png'); |
|
45 |
var logout = page.evaluate(function(input){ |
|
46 |
element = input.logout_locator; |
|
47 |
var logout_link = $(element).length > 0 ? $(element)[0] : $(element); |
|
48 |
if ($(logout_link).length > 0){ |
|
49 |
logout_link.click(); |
|
50 |
return true; |
|
51 |
} |
|
52 |
return false; |
|
53 |
}, input); |
|
54 | ||
55 |
if (logout == false){ |
|
56 |
console.log(JSON.stringify({'result':'failed to logout'})); |
|
57 |
phantom.exit(); |
|
58 |
} |
|
59 |
}); |
mandayejs/mandaye/static/single.logout.js | ||
---|---|---|
1 |
$(function(){ |
|
2 |
if (typeof(mandaye_logout_locator) === 'undefined') |
|
3 |
return false; |
|
4 |
$(mandaye_logout_locator).click(function(){ |
|
5 |
console.log("launching slo"); |
|
6 |
window.location = '/_mandaye/logout/'; |
|
7 |
}); |
|
8 |
}); |
mandayejs/mandaye/templates/mandaye/panel.html | ||
---|---|---|
3 | 3 |
<script type="text/javascript"> |
4 | 4 |
var mandaye_redirect_url = '{{force_redirect_url}}'; |
5 | 5 |
var mandaye_redirect_locator = '{{force_redirect_locator}}'; |
6 |
var mandaye_logout_locator = '{{logout_locator}}'; |
|
6 | 7 |
</script> |
7 | 8 | |
8 | 9 |
<script type="text/javascript" src="{% static 'force.redirect.js' %}"></script> |
10 |
<script type="text/javascript" src="{% static 'single.logout.js' %}"></script> |
|
9 | 11 | |
10 | 12 |
{% if site_scripts %} |
11 | 13 |
{%for script in site_scripts%} |
... | ... | |
23 | 25 |
{% if user.is_authenticated %} |
24 | 26 |
<div id="mandaye-username"><a href="{{idp_url}}/accounts">{{ user.get_full_name }}</a></div> |
25 | 27 |
<div id="mandaye-advances"><a href="{{wcs_url}}">{% trans 'advances' %}</a></div> |
26 |
<div id="mandaye-logon-url"><a href="{% url 'mellon_logout' %}">{% trans 'logout' %}</a></div>
|
|
28 |
<div id="mandaye-logon-url"><a href="{% url 'logout' %}">{% trans 'logout' %}</a></div> |
|
27 | 29 |
{% if is_linked %} |
28 | 30 |
<div id="mandaye-association-url"><a href="{% url 'dissociate' %}">{% trans 'dissociate' %}</a></div> |
29 | 31 |
{% else %} |
mandayejs/mandaye/utils.py | ||
---|---|---|
22 | 22 | |
23 | 23 |
from mandayejs.applications import get_app_settings |
24 | 24 | |
25 |
def exec_phantom(data): |
|
25 |
def exec_phantom(data, script='do_login.js'):
|
|
26 | 26 |
phantom = subprocess.Popen(['/usr/bin/phantomjs', |
27 | 27 |
'--ignore-ssl-errors=yes', |
28 | 28 |
'--ssl-protocol=any', |
29 |
os.path.join(settings.BASE_DIR, 'mandayejs', 'do_login.js')],
|
|
29 |
os.path.join(settings.BASE_DIR, 'mandayejs', script)],
|
|
30 | 30 |
close_fds=True, |
31 | 31 |
stdin=subprocess.PIPE, |
32 |
stdout=subprocess.PIPE) |
|
32 |
stdout=subprocess.PIPE |
|
33 |
) |
|
33 | 34 |
stdout, stderr = phantom.communicate(json.dumps(data)) |
34 |
result = json.loads(stdout) |
|
35 |
try: |
|
36 |
result = json.loads(stdout) |
|
37 |
except (ValueError,): |
|
38 |
result = {"result": "failure, couldn't decode JSON"} |
|
39 |
phantom.terminate() |
|
35 | 40 |
return result |
36 | 41 | |
37 | 42 |
def cookie_builder(headers): |
... | ... | |
43 | 48 | |
44 | 49 |
return cookie |
45 | 50 | |
51 |
def get_logout_info(request): |
|
52 |
"""Returns phantomjs logout prerequis |
|
53 |
""" |
|
54 |
app_settings = get_app_settings() |
|
55 | ||
56 |
data = {} |
|
57 |
data['logout_locator'] = getattr(app_settings, 'SITE_LOGOUT_LOCATOR') |
|
58 |
data['address'] = request.META.get('HTTP_REFERER') |
|
59 |
cookies = SimpleCookie(request.META.get('HTTP_COOKIE')) |
|
60 |
domain = request.META.get('SERVER_NAME') |
|
61 | ||
62 |
# Phantomjs Cookies Format |
|
63 |
data['cookies'] = [{ |
|
64 |
'name': key, |
|
65 |
'value': value.value, |
|
66 |
'domain': domain, |
|
67 |
'path': '/' |
|
68 |
} for key, value in cookies.items() ] |
|
69 | ||
70 |
return data |
|
71 | ||
46 | 72 |
def get_password_field(): |
47 | 73 |
"""Return name of the password field |
48 | 74 |
""" |
... | ... | |
54 | 80 |
return None |
55 | 81 | |
56 | 82 |
def get_login_info(request, credentials): |
57 |
"""Returns |
|
83 |
"""Returns phantomjs login prerequis
|
|
58 | 84 |
""" |
59 | 85 |
app_settings = get_app_settings() |
60 | 86 |
mandayejs/mandaye/views.py | ||
---|---|---|
16 | 16 | |
17 | 17 |
from __future__ import absolute_import |
18 | 18 | |
19 |
import os |
|
20 |
import json |
|
21 | 19 |
import logging |
22 |
import urlparse |
|
23 |
import urllib |
|
24 | 20 | |
25 | 21 |
from django.conf import settings |
26 | 22 |
from django.contrib.auth import views as auth_views |
... | ... | |
41 | 37 | |
42 | 38 |
from .models import UserCredentials |
43 | 39 |
from mandayejs.mandaye.forms import FormFactory |
44 |
from mandayejs.mandaye.utils import exec_phantom, cookie_builder, get_login_info |
|
40 |
from mandayejs.mandaye.utils import exec_phantom, cookie_builder,\ |
|
41 |
get_login_info, get_logout_info |
|
45 | 42 |
from mandayejs.applications import get_app_settings |
46 | 43 | |
44 |
from mellon.views import logout as mellon_logout |
|
45 | ||
46 |
import requests |
|
47 | ||
47 | 48 |
app_settings = get_app_settings() |
48 | 49 | |
49 | 50 |
logger = logging.getLogger(__name__) |
50 | 51 | |
51 |
def login(request, *args, **kwargs): |
|
52 |
return auth_views.login(request, *args, **kwargs) |
|
53 | ||
54 | 52 |
def logout(request, *args, **kwargs): |
55 |
auth_logout(request) |
|
56 |
return HttpResponseRedirect('/') |
|
53 |
logger.debug("running slo") |
|
54 |
data = get_logout_info(request) |
|
55 |
logger.debug(data) |
|
56 |
logger.debug("running phantomjs logout") |
|
57 |
result = exec_phantom(data, script='do_logout.js') |
|
58 |
logger.debug(result) |
|
59 |
response = mellon_logout(request, *args, **kwargs) |
|
60 |
for cookie in app_settings.SITE_AUTH_COOKIE_KEYS: |
|
61 |
response.delete_cookie(cookie) |
|
62 |
return response |
|
57 | 63 | |
58 | 64 | |
59 | 65 |
class Panel(TemplateView): |
... | ... | |
67 | 73 |
'SITE_FORCE_REDIRECT_URL', '') |
68 | 74 |
context['force_redirect_locator'] = getattr(app_settings, |
69 | 75 |
'SITE_FORCE_REDIRECT_LOCATOR', '') |
76 |
context['logout_locator'] = getattr(app_settings, |
|
77 |
'SITE_LOGOUT_LOCATOR','') |
|
70 | 78 |
context['is_linked'] = self.is_account_linked() |
71 | 79 |
return context |
72 | 80 |
mandayejs/urls.py | ||
---|---|---|
33 | 33 |
) |
34 | 34 | |
35 | 35 |
if 'mellon' in settings.INSTALLED_APPS: |
36 |
urlpatterns += patterns('', url(r'^_mandaye/accounts/mellon/', include('mellon.urls'))) |
|
36 |
urlpatterns += patterns('', |
|
37 |
url(r'^_mandaye/logout/$', 'mandayejs.mandaye.views.logout', name='logout'), |
|
38 |
url(r'^_mandaye/accounts/mellon/', include('mellon.urls')), |
|
39 |
) |
|
37 | 40 | |
38 |
- |