Développement #7879
When an authnrequest is canceled, statusMessage should contain a message telling what happened.
0%
Files
Related issues
History
Updated by Benjamin Dauvergne over 9 years ago
- Related to Bug #7878: Erreur lors de l'annulation d'une tentative de SSO added
Updated by Benjamin Dauvergne about 9 years ago
In response messages of the SAML protocol there is a part called the Status (an XML element), it contains an unique element the StatusCode which is usually success (see https://www.samltool.com/generic_sso_res.php for an exemple). When the statuscode is not success, it can be accompanied by another element named "StatusMessage" which is a freeform message intended to the user. Currently we do not set such a message when we return a not success error (for example if the user select "cancel" instead of login in).
Points where not succes is returned by authentic must be found (in authentic2/idp/saml2/saml2_endpoints.py) and a statusmessage should be set using a translatable string (lasso expect UTF-8 strings, so the string must be encoded before being set in login.response.status.statusMessage).
Updated by Josué Kouka about 9 years ago
- File 0001-Status-message-added-when-user-refuse-to-consent-or-.patch 0001-Status-message-added-when-user-refuse-to-consent-or-.patch added
- Status changed from Nouveau to En cours
- Patch proposed changed from No to Yes
statusMessage added when user refuses to consent or cancel the login process
Updated by Josué Kouka about 9 years ago
- File 0001-7879-adding-translation-to-SAML-response-statusMessa.patch 0001-7879-adding-translation-to-SAML-response-statusMessa.patch added
- Patch proposed changed from Yes to No
translation added
Updated by Benjamin Dauvergne about 9 years ago
I forgot that set_saml2_response_responder_status_code
did already handle this, good catch.
This line is erroneous:
_('User canceled login process'.decode('utf-8'))
you must encode and not decode, and it must be done after getting the translated string, like this:
_('msg').encode('utf-8')
Also I would prefer only one patch for these changes (use git rebase), but with one more patch for the translations (do makemessages, then modify src/authentic2/saml/locale/fr/.../django.po
to translate both strings).
Updated by Josué Kouka about 9 years ago
Updated by Benjamin Dauvergne about 9 years ago
Ok, par contre on a pour habitude de séparer les patchs au code et aux fichiers des traductions, les patchs aux fichiers de traductions on les nomme générale "update french translation" ou "update translations".
Updated by Josué Kouka about 9 years ago
- File 0001-7879-statusMessage-in-SAML-Response-and-tests-added.patch 0001-7879-statusMessage-in-SAML-Response-and-tests-added.patch added
- File 0001-7879-update-french-translation.patch 0001-7879-update-french-translation.patch added
It should be ok now
Updated by Frédéric Péters about 9 years ago
De mon côté, je suggérerais que le .encode('utf-8') soit placé à l'intérieur de set_saml2_response_responder_status_code().
Updated by Benjamin Dauvergne about 9 years ago
Ok avec ça, il manque un test sur le consentement.
Updated by Benjamin Dauvergne about 9 years ago
- Assignee changed from Benjamin Dauvergne to Josué Kouka
Updated by Benjamin Dauvergne over 8 years ago
- Related to Gestion de projet #10245: Gérer les autorisations de se connecter à un service dans authentic added
Updated by Benjamin Dauvergne almost 7 years ago
- Patch proposed changed from Yes to No
Il manque toujours un test sur le consentement (ouais c'est chiant d'avoir à faire des tests qui devraient être là :) ).