From 4ef61afcc44a88f1d3ba042269b297a561683421 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Wed, 6 Jul 2022 16:06:33 +0200
Subject: [PATCH] middleware: clear PASSIVE_TRIED_COOKIE when logged in
 (#67084)

---
 tests/test_sso_slo.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/test_sso_slo.py b/tests/test_sso_slo.py
index 3fd86f3..0968039 100644
--- a/tests/test_sso_slo.py
+++ b/tests/test_sso_slo.py
@@ -717,12 +717,14 @@ def test_passive_auth_middleware_ok(db, app, idp, caplog, settings):
     url, body, relay_state = idp.process_authn_request_redirect(response['Location'])
     response = app.post(reverse('mellon_login'), params={'SAMLResponse': body, 'RelayState': relay_state})
     assert app.session['mellon_opened_session_cookie'] == '5678'
+    assert 'MELLON_PASSIVE_TRIED' not in app.cookies
     assert '_auth_user_id' in app.session
     # ok change the idp session id
     app.set_cookie('IDP_SESSION', '1234')
     # if we try a request, we are logged out and redirected to try a new passive login
     response = app.get('/', headers={'Accept': 'text/html'}, status=302)
     assert '_auth_user_id' not in app.session
+    assert 'MELLON_PASSIVE_TRIED' in app.cookies
 
 
 def test_passive_auth_middleware_no_passive_auth_parameter(db, app, idp, caplog, settings):
-- 
2.35.1