Projet

Général

Profil

« Précédent | Suivant » 

Révision ffc3aa92

Ajouté par Serghei Mihai il y a environ 9 ans

slo done by checking the refer instead of POST

Voir les différences:

ckanext/ozwillo_pyoidc/plugin.py
57 57
        map.connect('/organization/{id:.*}/callback',
58 58
                    controller=plugin_controller,
59 59
                    action='callback')
60
        map.connect('/logout', controller=plugin_controller,
61
                    action='logout')
62 60
        map.connect('/user/slo',
63 61
                    controller=plugin_controller,
64
                    action='slo',
65
                    conditions={'method': ['POST']})
62
                    action='slo')
66 63
        map.redirect('/organization/{id:.*}/logout', '/user/_logout')
67 64

  
68 65
        return map
......
193 190

  
194 191
        redirect_to(org_url)
195 192

  
196
    def logout(self):
197
        toolkit.c.slo_url = toolkit.url_for(host=request.host,
198
                                            controller=plugin_controller,
199
                                            action="slo",
200
                                            qualified=True)
201
        return base.render('logout_confirm.html')
202 193

  
203 194
    def slo(self):
204 195
        """
205 196
        Revokes the delivered access token. Logs out the user
206 197
        """
198

  
199
        if not request.referer or request.host not in request.referer:
200
            redirect_to('/')
201

  
207 202
        g = model.Group.get(session['organization_id'])
208 203
        org_url = toolkit.url_for(host=request.host,
209 204
                                  controller='organization',
......
212 207
                                  qualified=True)
213 208
        org_url = str(org_url)
214 209

  
215
        if toolkit.c.user and request.method == 'POST':
210
        if toolkit.c.user:
216 211
            client = Clients.get(g)
217 212
            logout_url = client.end_session_endpoint
218 213

  
ckanext/ozwillo_pyoidc/templates/logout_confirm.html
1
{% extends "page.html" %}
2

  
3
{% block primary_content %}
4
  <section class="module">
5
    <div class="module-content">
6
      <h3>
7
        {% block page_heading %}
8
        {{ _('Logout from CKAN') }}
9
        {% endblock %}
10
      </h3>
11
      <form method="post" action="{{ c.slo_url }}">
12
        <button>{% trans %}Logout{% endtrans %}</button>
13
        <a href="{{ h.url_for('/') }}" class="portal">{% trans %}Go back to CKAN{% endtrans %}</a>
14
      </form>
15
    </div>
16
  </section>
17
{% endblock %}

Formats disponibles : Unified diff