From db458b3f22be5693e1a3a71a89efbc02abc12b1b Mon Sep 17 00:00:00 2001 From: Josue Kouka Date: Fri, 5 Feb 2016 14:29:08 +0100 Subject: [PATCH] merge local and idp logout (#9865) --- mandayejs/applications.py | 6 +++ mandayejs/do_login.js | 3 +- mandayejs/do_logout.js | 59 ++++++++++++++++++++++++++ mandayejs/mandaye/static/single.logout.js | 9 ++++ mandayejs/mandaye/templates/mandaye/panel.html | 4 +- mandayejs/mandaye/utils.py | 36 +++++++++++++--- mandayejs/mandaye/views.py | 28 +++++++----- mandayejs/urls.py | 5 ++- 8 files changed, 132 insertions(+), 18 deletions(-) create mode 100644 mandayejs/do_logout.js create mode 100644 mandayejs/mandaye/static/single.logout.js diff --git a/mandayejs/applications.py b/mandayejs/applications.py index 72cc369..a474043 100644 --- a/mandayejs/applications.py +++ b/mandayejs/applications.py @@ -136,6 +136,8 @@ class Duonet(AppSettings): SITE_FORM_SUBMIT_ELEMENT = 'input[type=button]' + SITE_LOGOUT_LOCATOR = '#lnkDisconnect' + # Archimed App Settings class Archimed(AppSettings): @@ -180,6 +182,8 @@ class Archimed(AppSettings): name='archimed-account-details'), ) + SITE_LOGOUT_LOCATOR = '.account_logoff' + # Arpege App Settings class Arpege(AppSettings): @@ -258,3 +262,5 @@ class ImuseTeacherMontpellier(Imuse): class ImuseFamilyMontpellier(Imuse): SITE_LOGIN_PATH = '/montpellier/extranet/login/usa_index_famille.php' + SITE_LOGOUT_LOCATOR = '#MENU_FAMILLE_QUITTER' + diff --git a/mandayejs/do_login.js b/mandayejs/do_login.js index ea48760..bbcb818 100644 --- a/mandayejs/do_login.js +++ b/mandayejs/do_login.js @@ -35,12 +35,13 @@ page.onResourceReceived = function(response){ } } +page.viewportSize = {width: 1280, height: 1024}; + page.open(input.address, function(status) { if (status !== 'success'){ console.log(JSON.stringify({'result':'failed to open resource'})); phantom.exit(); } - page.viewportSize = {width: 1280, height: 1024}; page.onLoadFinished = function() { if (page.injectJs(input.auth_checker)){ input.auth_success = page.evaluate(function(){ diff --git a/mandayejs/do_logout.js b/mandayejs/do_logout.js new file mode 100644 index 0000000..4128791 --- /dev/null +++ b/mandayejs/do_logout.js @@ -0,0 +1,59 @@ +/* mandayejs - saml reverse proxy + * Copyright (C) 2015 Entr'ouvert + * + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU Affero General Public License as published + * by the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +var page = require('webpage').create(); +var system = require('system'); + +var input = JSON.parse(system.stdin.read(10000)); + +/* + * Loading cookies +*/ +for (var i=0; i < input.cookies.length; i++){ + phantom.addCookie(input.cookies[i]); +} + +page.viewportSize = {width: 1280, height: 1024}; + +page.open(input.address, function(status){ + if (status !== 'success'){ + console.log(JSON.stringify({'result': 'failed to open resource'})); + phantom.exit(); + } + + page.onLoadFinished = function(status){ + page.render('after_logout.png'); + console.log(JSON.stringify({'result': 'ok', 'cookies': page.cookies, 'url': page.url})); + phantom.exit(); + }; + + page.render('before_logout.png'); + var logout = page.evaluate(function(input){ + element = input.logout_locator; + var logout_link = $(element).length > 0 ? $(element)[0] : $(element); + if ($(logout_link).length > 0){ + logout_link.click(); + return true; + } + return false; + }, input); + + if (logout == false){ + console.log(JSON.stringify({'result':'failed to logout'})); + phantom.exit(); + } +}); diff --git a/mandayejs/mandaye/static/single.logout.js b/mandayejs/mandaye/static/single.logout.js new file mode 100644 index 0000000..b5acd54 --- /dev/null +++ b/mandayejs/mandaye/static/single.logout.js @@ -0,0 +1,9 @@ +$(function(){ + if (typeof(mandaye_logout_locator) === 'undefined') + return false; + $(mandaye_logout_locator).click(function(){ + console.log("launching slo"); + window.location = '/_mandaye/logout/'; + }); + return false; +}); diff --git a/mandayejs/mandaye/templates/mandaye/panel.html b/mandayejs/mandaye/templates/mandaye/panel.html index 37c0e5d..7c3472d 100644 --- a/mandayejs/mandaye/templates/mandaye/panel.html +++ b/mandayejs/mandaye/templates/mandaye/panel.html @@ -3,9 +3,11 @@ + {% if site_scripts %} {%for script in site_scripts%} @@ -23,7 +25,7 @@ {% if user.is_authenticated %} - + {% if is_linked %} {% else %} diff --git a/mandayejs/mandaye/utils.py b/mandayejs/mandaye/utils.py index d1ca1e1..931e537 100644 --- a/mandayejs/mandaye/utils.py +++ b/mandayejs/mandaye/utils.py @@ -22,16 +22,21 @@ from Cookie import SimpleCookie from mandayejs.applications import get_app_settings -def exec_phantom(data): +def exec_phantom(data, script='do_login.js'): phantom = subprocess.Popen(['/usr/bin/phantomjs', '--ignore-ssl-errors=yes', '--ssl-protocol=any', - os.path.join(settings.BASE_DIR, 'mandayejs', 'do_login.js')], + os.path.join(settings.BASE_DIR, 'mandayejs', script)], close_fds=True, stdin=subprocess.PIPE, - stdout=subprocess.PIPE) + stdout=subprocess.PIPE + ) stdout, stderr = phantom.communicate(json.dumps(data)) - result = json.loads(stdout) + try: + result = json.loads(stdout) + except (ValueError,): + result = {"result": "failure, couldn't decode JSON"} + phantom.terminate() return result def cookie_builder(headers): @@ -43,6 +48,27 @@ def cookie_builder(headers): return cookie +def get_logout_info(request): + """Returns phantomjs logout prerequis + """ + app_settings = get_app_settings() + + data = {} + data['logout_locator'] = getattr(app_settings, 'SITE_LOGOUT_LOCATOR') + data['address'] = request.META.get('HTTP_REFERER') + cookies = SimpleCookie(request.META.get('HTTP_COOKIE')) + domain = request.META.get('SERVER_NAME') + + # Phantomjs Cookies Format + data['cookies'] = [{ + 'name': key, + 'value': value.value, + 'domain': domain, + 'path': '/' + } for key, value in cookies.items() ] + + return data + def get_password_field(): """Return name of the password field """ @@ -54,7 +80,7 @@ def get_password_field(): return None def get_login_info(request, credentials): - """Returns + """Returns phantomjs login prerequis """ app_settings = get_app_settings() diff --git a/mandayejs/mandaye/views.py b/mandayejs/mandaye/views.py index e2e4ea3..8f124e1 100644 --- a/mandayejs/mandaye/views.py +++ b/mandayejs/mandaye/views.py @@ -16,11 +16,7 @@ from __future__ import absolute_import -import os -import json import logging -import urlparse -import urllib from django.conf import settings from django.contrib.auth import views as auth_views @@ -41,19 +37,29 @@ from django.template import RequestContext, Template from .models import UserCredentials from mandayejs.mandaye.forms import FormFactory -from mandayejs.mandaye.utils import exec_phantom, cookie_builder, get_login_info +from mandayejs.mandaye.utils import exec_phantom, cookie_builder,\ + get_login_info, get_logout_info from mandayejs.applications import get_app_settings +from mellon.views import logout as mellon_logout + +import requests + app_settings = get_app_settings() logger = logging.getLogger(__name__) -def login(request, *args, **kwargs): - return auth_views.login(request, *args, **kwargs) - def logout(request, *args, **kwargs): - auth_logout(request) - return HttpResponseRedirect('/') + logger.debug("running slo") + data = get_logout_info(request) + logger.debug(data) + logger.debug("running phantomjs logout") + result = exec_phantom(data, script='do_logout.js') + logger.debug(result) + response = mellon_logout(request, *args, **kwargs) + for cookie in app_settings.SITE_AUTH_COOKIE_KEYS: + response.delete_cookie(cookie) + return response class Panel(TemplateView): @@ -67,6 +73,8 @@ class Panel(TemplateView): 'SITE_FORCE_REDIRECT_URL', '') context['force_redirect_locator'] = getattr(app_settings, 'SITE_FORCE_REDIRECT_LOCATOR', '') + context['logout_locator'] = getattr(app_settings, + 'SITE_LOGOUT_LOCATOR','') context['is_linked'] = self.is_account_linked() return context diff --git a/mandayejs/urls.py b/mandayejs/urls.py index d08360b..46e6c31 100644 --- a/mandayejs/urls.py +++ b/mandayejs/urls.py @@ -33,5 +33,8 @@ urlpatterns = patterns('', ) if 'mellon' in settings.INSTALLED_APPS: - urlpatterns += patterns('', url(r'^_mandaye/accounts/mellon/', include('mellon.urls'))) + urlpatterns += patterns('', + url(r'^_mandaye/logout/$', 'mandayejs.mandaye.views.logout', name='logout'), + url(r'^_mandaye/accounts/mellon/', include('mellon.urls')), + ) -- 2.7.0