Project

General

Profile

Development #7879

When an authnrequest is canceled, statusMessage should contain a message telling what happened.

Added by Benjamin Dauvergne over 5 years ago. Updated over 1 year ago.

Status:
En cours
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
20 Jul 2015
Due date:
% Done:

0%

Estimated time:
Patch proposed:
No
Planning:
No

Files


Related issues

Related to django-mellon - Bug #7878: Erreur lors de l'annulation d'une tentative de SSOFermé20 Jul 2015

Actions
Related to Publik - Project management #10245: Gérer les autorisations de se connecter à un service dans authenticFermé09 Mar 2016

Actions

History

#1

Updated by Benjamin Dauvergne over 5 years ago

  • Related to Bug #7878: Erreur lors de l'annulation d'une tentative de SSO added
#2

Updated by Benjamin Dauvergne over 5 years ago

In response messages of the SAML protocol there is a part called the Status (an XML element), it contains an unique element the StatusCode which is usually success (see https://www.samltool.com/generic_sso_res.php for an exemple). When the statuscode is not success, it can be accompanied by another element named "StatusMessage" which is a freeform message intended to the user. Currently we do not set such a message when we return a not success error (for example if the user select "cancel" instead of login in).

Points where not succes is returned by authentic must be found (in authentic2/idp/saml2/saml2_endpoints.py) and a statusmessage should be set using a translatable string (lasso expect UTF-8 strings, so the string must be encoded before being set in login.response.status.statusMessage).

#3

Updated by Josué Kouka over 5 years ago

statusMessage added when user refuses to consent or cancel the login process

#4

Updated by Josué Kouka over 5 years ago

translation added

#5

Updated by Benjamin Dauvergne over 5 years ago

I forgot that set_saml2_response_responder_status_code did already handle this, good catch.

This line is erroneous:

_('User canceled login process'.decode('utf-8'))

you must encode and not decode, and it must be done after getting the translated string, like this:

_('msg').encode('utf-8')

Also I would prefer only one patch for these changes (use git rebase), but with one more patch for the translations (do makemessages, then modify src/authentic2/saml/locale/fr/.../django.po to translate both strings).

#7

Updated by Benjamin Dauvergne over 5 years ago

Ok, par contre on a pour habitude de séparer les patchs au code et aux fichiers des traductions, les patchs aux fichiers de traductions on les nomme générale "update french translation" ou "update translations".

#9

Updated by Frédéric Péters over 5 years ago

  • Patch proposed changed from No to Yes
#10

Updated by Frédéric Péters over 5 years ago

De mon côté, je suggérerais que le .encode('utf-8') soit placé à l'intérieur de set_saml2_response_responder_status_code().

#11

Updated by Benjamin Dauvergne over 5 years ago

Ok avec ça, il manque un test sur le consentement.

#12

Updated by Benjamin Dauvergne over 5 years ago

  • Assignee changed from Benjamin Dauvergne to Josué Kouka
#13

Updated by Benjamin Dauvergne almost 5 years ago

#14

Updated by Benjamin Dauvergne over 3 years ago

  • Patch proposed changed from Yes to No

Il manque toujours un test sur le consentement (ouais c'est chiant d'avoir à faire des tests qui devraient être là :) ).

#15

Updated by Frédéric Péters over 1 year ago

  • Assignee deleted (Josué Kouka)

Also available in: Atom PDF