From 6cbe18108955a1207efe59a119cb84a72b6fd7de Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Tue, 22 Nov 2022 15:08:07 +0100
Subject: [PATCH 1/3] auth_fc: store id_token in session when linking (#69989)

Password change view is hidden only if the current session was opened
with FranceConnect and if the id_token is visible in the session, this
change will enforce the second condition when during the same session
the account is unlinked and linked again to FranceConnect.

It will also permit to launch a logout if the link fails.
---
 src/authentic2_auth_fc/views.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/authentic2_auth_fc/views.py b/src/authentic2_auth_fc/views.py
index 8e4ab138..8514b7dc 100644
--- a/src/authentic2_auth_fc/views.py
+++ b/src/authentic2_auth_fc/views.py
@@ -334,6 +334,10 @@ class LoginOrLinkView(View):
 
     def link(self, request):
         '''Request an access grant code and associate it to the current user'''
+        # keep id_token around for logout
+        request.session['fc_id_token'] = self.id_token
+        request.session['fc_id_token_raw'] = self.token['id_token']
+
         try:
             self.fc_account, created = models.FcAccount.objects.get_or_create(
                 sub=self.sub,
-- 
2.37.2