0001-merge-local-and-idp-logout-9865.patch
| mandayejs/applications.py | ||
|---|---|---|
| 136 | 136 | |
| 137 | 137 |
SITE_FORM_SUBMIT_ELEMENT = 'input[type=button]' |
| 138 | 138 | |
| 139 |
SITE_LOGOUT_LOCATOR = '#lnkDisconnect' |
|
| 140 | ||
| 139 | 141 | |
| 140 | 142 |
# Archimed App Settings |
| 141 | 143 |
class Archimed(AppSettings): |
| ... | ... | |
| 180 | 182 |
name='archimed-account-details'), |
| 181 | 183 |
) |
| 182 | 184 | |
| 185 |
SITE_LOGOUT_LOCATOR = '.account_logoff' |
|
| 186 | ||
| 183 | 187 | |
| 184 | 188 |
# Arpege App Settings |
| 185 | 189 |
class Arpege(AppSettings): |
| ... | ... | |
| 258 | 262 |
class ImuseFamilyMontpellier(Imuse): |
| 259 | 263 |
SITE_LOGIN_PATH = '/montpellier/extranet/login/usa_index_famille.php' |
| 260 | 264 | |
| 265 |
SITE_LOGOUT_LOCATOR = '#MENU_FAMILLE_QUITTER' |
|
| 266 | ||
| mandayejs/do_login.js | ||
|---|---|---|
| 35 | 35 |
} |
| 36 | 36 |
} |
| 37 | 37 | |
| 38 |
page.viewportSize = {width: 1280, height: 1024};
|
|
| 39 | ||
| 38 | 40 |
page.open(input.address, function(status) {
|
| 39 | 41 |
if (status !== 'success'){
|
| 40 | 42 |
console.log(JSON.stringify({'result':'failed to open resource'}));
|
| 41 | 43 |
phantom.exit(); |
| 42 | 44 |
} |
| 43 |
page.viewportSize = {width: 1280, height: 1024};
|
|
| 44 | 45 |
page.onLoadFinished = function() {
|
| 45 | 46 |
if (page.injectJs(input.auth_checker)){
|
| 46 | 47 |
input.auth_success = page.evaluate(function(){
|
| mandayejs/do_logout.js | ||
|---|---|---|
| 1 |
/* mandayejs - saml reverse proxy |
|
| 2 |
* Copyright (C) 2015 Entr'ouvert |
|
| 3 |
* |
|
| 4 |
* This program is free software: you can redistribute it and/or modify it |
|
| 5 |
* under the terms of the GNU Affero General Public License as published |
|
| 6 |
* by the Free Software Foundation, either version 3 of the License, or |
|
| 7 |
* (at your option) any later version. |
|
| 8 |
* |
|
| 9 |
* This program is distributed in the hope that it will be useful, |
|
| 10 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
| 11 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
| 12 |
* GNU Affero General Public License for more details. |
|
| 13 |
* |
|
| 14 |
* You should have received a copy of the GNU Affero General Public License |
|
| 15 |
* along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
| 16 |
*/ |
|
| 17 | ||
| 18 |
var page = require('webpage').create();
|
|
| 19 |
var system = require('system');
|
|
| 20 | ||
| 21 |
var input = JSON.parse(system.stdin.read(10000)); |
|
| 22 | ||
| 23 |
/* |
|
| 24 |
* Loading cookies |
|
| 25 |
*/ |
|
| 26 |
for (var i=0; i < input.cookies.length; i++){
|
|
| 27 |
phantom.addCookie(input.cookies[i]); |
|
| 28 |
} |
|
| 29 | ||
| 30 |
page.viewportSize = {width: 1280, height: 1024};
|
|
| 31 | ||
| 32 |
page.open(input.address, function(status){
|
|
| 33 |
if (status !== 'success'){
|
|
| 34 |
console.log(JSON.stringify({'result': 'failed to open resource'}));
|
|
| 35 |
phantom.exit(); |
|
| 36 |
} |
|
| 37 | ||
| 38 |
page.onLoadFinished = function(status){
|
|
| 39 |
page.render('after_logout.png');
|
|
| 40 |
console.log(JSON.stringify({'result': 'ok', 'cookies': page.cookies, 'url': page.url}));
|
|
| 41 |
phantom.exit(); |
|
| 42 |
}; |
|
| 43 | ||
| 44 |
page.render('before_logout.png');
|
|
| 45 |
var logout = page.evaluate(function(input){
|
|
| 46 |
element = input.logout_locator; |
|
| 47 |
var logout_link = $(element).length > 0 ? $(element)[0] : $(element); |
|
| 48 |
if ($(logout_link).length > 0){
|
|
| 49 |
logout_link.click(); |
|
| 50 |
return true; |
|
| 51 |
} |
|
| 52 |
return false; |
|
| 53 |
}, input); |
|
| 54 | ||
| 55 |
if (logout == false){
|
|
| 56 |
console.log(JSON.stringify({'result':'failed to logout'}));
|
|
| 57 |
phantom.exit(); |
|
| 58 |
} |
|
| 59 |
}); |
|
| mandayejs/mandaye/static/single.logout.js | ||
|---|---|---|
| 1 |
$(function(){
|
|
| 2 |
if (typeof(mandaye_logout_locator) === 'undefined') |
|
| 3 |
return false; |
|
| 4 |
$(mandaye_logout_locator).click(function(){
|
|
| 5 |
console.log("launching slo");
|
|
| 6 |
window.location = '/_mandaye/logout/'; |
|
| 7 |
}); |
|
| 8 |
}); |
|
| mandayejs/mandaye/templates/mandaye/panel.html | ||
|---|---|---|
| 3 | 3 |
<script type="text/javascript"> |
| 4 | 4 |
var mandaye_redirect_url = '{{force_redirect_url}}';
|
| 5 | 5 |
var mandaye_redirect_locator = '{{force_redirect_locator}}';
|
| 6 |
var mandaye_logout_locator = '{{logout_locator}}';
|
|
| 6 | 7 |
</script> |
| 7 | 8 | |
| 8 | 9 |
<script type="text/javascript" src="{% static 'force.redirect.js' %}"></script>
|
| 10 |
<script type="text/javascript" src="{% static 'single.logout.js' %}"></script>
|
|
| 9 | 11 | |
| 10 | 12 |
{% if site_scripts %}
|
| 11 | 13 |
{%for script in site_scripts%}
|
| ... | ... | |
| 23 | 25 |
{% if user.is_authenticated %}
|
| 24 | 26 |
<div id="mandaye-username"><a href="{{idp_url}}/accounts">{{ user.get_full_name }}</a></div>
|
| 25 | 27 |
<div id="mandaye-advances"><a href="{{wcs_url}}">{% trans 'advances' %}</a></div>
|
| 26 |
<div id="mandaye-logon-url"><a href="{% url 'mellon_logout' %}">{% trans 'logout' %}</a></div>
|
|
| 28 |
<div id="mandaye-logon-url"><a href="{% url 'logout' %}">{% trans 'logout' %}</a></div>
|
|
| 27 | 29 |
{% if is_linked %}
|
| 28 | 30 |
<div id="mandaye-association-url"><a href="{% url 'dissociate' %}">{% trans 'dissociate' %}</a></div>
|
| 29 | 31 |
{% else %}
|
| mandayejs/mandaye/utils.py | ||
|---|---|---|
| 22 | 22 | |
| 23 | 23 |
from mandayejs.applications import get_app_settings |
| 24 | 24 | |
| 25 |
def exec_phantom(data): |
|
| 25 |
def exec_phantom(data, script='do_login.js'):
|
|
| 26 | 26 |
phantom = subprocess.Popen(['/usr/bin/phantomjs', |
| 27 | 27 |
'--ignore-ssl-errors=yes', |
| 28 | 28 |
'--ssl-protocol=any', |
| 29 |
os.path.join(settings.BASE_DIR, 'mandayejs', 'do_login.js')],
|
|
| 29 |
os.path.join(settings.BASE_DIR, 'mandayejs', script)],
|
|
| 30 | 30 |
close_fds=True, |
| 31 | 31 |
stdin=subprocess.PIPE, |
| 32 |
stdout=subprocess.PIPE) |
|
| 32 |
stdout=subprocess.PIPE |
|
| 33 |
) |
|
| 33 | 34 |
stdout, stderr = phantom.communicate(json.dumps(data)) |
| 34 |
result = json.loads(stdout) |
|
| 35 |
try: |
|
| 36 |
result = json.loads(stdout) |
|
| 37 |
except (ValueError,): |
|
| 38 |
result = {"result": "failure, couldn't decode JSON"}
|
|
| 39 |
phantom.terminate() |
|
| 35 | 40 |
return result |
| 36 | 41 | |
| 37 | 42 |
def cookie_builder(headers): |
| ... | ... | |
| 43 | 48 | |
| 44 | 49 |
return cookie |
| 45 | 50 | |
| 51 |
def get_logout_info(request): |
|
| 52 |
"""Returns phantomjs logout prerequis |
|
| 53 |
""" |
|
| 54 |
app_settings = get_app_settings() |
|
| 55 | ||
| 56 |
data = {}
|
|
| 57 |
data['logout_locator'] = getattr(app_settings, 'SITE_LOGOUT_LOCATOR') |
|
| 58 |
data['address'] = request.META.get('HTTP_REFERER')
|
|
| 59 |
cookies = SimpleCookie(request.META.get('HTTP_COOKIE'))
|
|
| 60 |
domain = request.META.get('SERVER_NAME')
|
|
| 61 | ||
| 62 |
# Phantomjs Cookies Format |
|
| 63 |
data['cookies'] = [{
|
|
| 64 |
'name': key, |
|
| 65 |
'value': value.value, |
|
| 66 |
'domain': domain, |
|
| 67 |
'path': '/' |
|
| 68 |
} for key, value in cookies.items() ] |
|
| 69 | ||
| 70 |
return data |
|
| 71 | ||
| 46 | 72 |
def get_password_field(): |
| 47 | 73 |
"""Return name of the password field |
| 48 | 74 |
""" |
| ... | ... | |
| 54 | 80 |
return None |
| 55 | 81 | |
| 56 | 82 |
def get_login_info(request, credentials): |
| 57 |
"""Returns |
|
| 83 |
"""Returns phantomjs login prerequis
|
|
| 58 | 84 |
""" |
| 59 | 85 |
app_settings = get_app_settings() |
| 60 | 86 | |
| mandayejs/mandaye/views.py | ||
|---|---|---|
| 16 | 16 | |
| 17 | 17 |
from __future__ import absolute_import |
| 18 | 18 | |
| 19 |
import os |
|
| 20 |
import json |
|
| 21 | 19 |
import logging |
| 22 |
import urlparse |
|
| 23 |
import urllib |
|
| 24 | 20 | |
| 25 | 21 |
from django.conf import settings |
| 26 | 22 |
from django.contrib.auth import views as auth_views |
| ... | ... | |
| 41 | 37 | |
| 42 | 38 |
from .models import UserCredentials |
| 43 | 39 |
from mandayejs.mandaye.forms import FormFactory |
| 44 |
from mandayejs.mandaye.utils import exec_phantom, cookie_builder, get_login_info |
|
| 40 |
from mandayejs.mandaye.utils import exec_phantom, cookie_builder,\ |
|
| 41 |
get_login_info, get_logout_info |
|
| 45 | 42 |
from mandayejs.applications import get_app_settings |
| 46 | 43 | |
| 44 |
from mellon.views import logout as mellon_logout |
|
| 45 | ||
| 46 |
import requests |
|
| 47 | ||
| 47 | 48 |
app_settings = get_app_settings() |
| 48 | 49 | |
| 49 | 50 |
logger = logging.getLogger(__name__) |
| 50 | 51 | |
| 51 |
def login(request, *args, **kwargs): |
|
| 52 |
return auth_views.login(request, *args, **kwargs) |
|
| 53 | ||
| 54 | 52 |
def logout(request, *args, **kwargs): |
| 55 |
auth_logout(request) |
|
| 56 |
return HttpResponseRedirect('/')
|
|
| 53 |
logger.debug("running slo")
|
|
| 54 |
data = get_logout_info(request) |
|
| 55 |
logger.debug(data) |
|
| 56 |
logger.debug("running phantomjs logout")
|
|
| 57 |
result = exec_phantom(data, script='do_logout.js') |
|
| 58 |
logger.debug(result) |
|
| 59 |
response = mellon_logout(request, *args, **kwargs) |
|
| 60 |
for cookie in app_settings.SITE_AUTH_COOKIE_KEYS: |
|
| 61 |
response.delete_cookie(cookie) |
|
| 62 |
return response |
|
| 57 | 63 | |
| 58 | 64 | |
| 59 | 65 |
class Panel(TemplateView): |
| ... | ... | |
| 67 | 73 |
'SITE_FORCE_REDIRECT_URL', '') |
| 68 | 74 |
context['force_redirect_locator'] = getattr(app_settings, |
| 69 | 75 |
'SITE_FORCE_REDIRECT_LOCATOR', '') |
| 76 |
context['logout_locator'] = getattr(app_settings, |
|
| 77 |
'SITE_LOGOUT_LOCATOR','') |
|
| 70 | 78 |
context['is_linked'] = self.is_account_linked() |
| 71 | 79 |
return context |
| 72 | 80 | |
| mandayejs/urls.py | ||
|---|---|---|
| 33 | 33 |
) |
| 34 | 34 | |
| 35 | 35 |
if 'mellon' in settings.INSTALLED_APPS: |
| 36 |
urlpatterns += patterns('', url(r'^_mandaye/accounts/mellon/', include('mellon.urls')))
|
|
| 36 |
urlpatterns += patterns('',
|
|
| 37 |
url(r'^_mandaye/logout/$', 'mandayejs.mandaye.views.logout', name='logout'), |
|
| 38 |
url(r'^_mandaye/accounts/mellon/', include('mellon.urls')),
|
|
| 39 |
) |
|
| 37 | 40 | |
| 38 |
- |
|