From 7f4fa477af4d37f1d36d15807bf5af742681bee3 Mon Sep 17 00:00:00 2001
From: Valentin Deniaud {% trans "SAML artifact:" %} {{ login.msgBody }}
{% trans "SAML response:" %}
{{ login.response.dump }}+
{% trans "Attributes:" %}
{{ attributes|pprint }}+{% endblock %} diff --git a/mellon/urls.py b/mellon/urls.py index 1660264..dca25b5 100644 --- a/mellon/urls.py +++ b/mellon/urls.py @@ -8,6 +8,7 @@ from . import views urlpatterns = [ url('login/$', views.login, name='mellon_login'), + url('login/debug/$', views.debug_login, name='mellon_debug_login'), url('logout/$', views.logout, name='mellon_logout'), url('metadata/$', views.metadata, name='mellon_metadata'), ] diff --git a/mellon/views.py b/mellon/views.py index dcea735..213812d 100644 --- a/mellon/views.py +++ b/mellon/views.py @@ -26,7 +26,7 @@ import xml.etree.ElementTree as ET import django.http from django.views.generic import View -from django.http import HttpResponseRedirect, HttpResponse +from django.http import HttpResponseRedirect, HttpResponse, HttpResponseForbidden from django.contrib import auth from django.contrib.auth import get_user_model from django.conf import settings @@ -142,6 +142,17 @@ class ProfileMixin(object): class LoginView(ProfileMixin, LogMixin, View): + allow_redirect_to_debug = True + + def dispatch(self, request, *args, **kwargs): + if request.user.is_superuser and request.session.get('mellon_debug_login') and self.allow_redirect_to_debug: + url = reverse('mellon_debug_login') + url = "%s?%s" % (url, request.META.get('QUERY_STRING', '')) + if request.method == 'POST': + url += '&' + request.POST.urlencode() + return HttpResponseRedirect(url) + return super().dispatch(request, *args, **kwargs) + @property def template_base(self): return self.kwargs.get('template_base', 'base.html') @@ -719,3 +730,19 @@ logout = csrf_exempt(LogoutView.as_view()) def metadata(request, **kwargs): metadata = utils.create_metadata(request) return HttpResponse(metadata, content_type='text/xml') + + +class DebugLoginView(LoginView): + allow_redirect_to_debug = False + + def dispatch(self, request, *args, **kwargs): + if not request.user.is_superuser: + return HttpResponseForbidden() + request.session['mellon_debug_login'] = True + return super().dispatch(request, *args, **kwargs) + + def authenticate(self, request, login, attributes): + return self.render(request, 'mellon/debug_login.html', {'login': login, 'attributes': attributes}) + + +debug_login = csrf_exempt(DebugLoginView.as_view()) -- 2.20.1