Révision 462211e6
Ajouté par Josué Kouka il y a plus de 6 ans
mandayejs/mandaye/templates/mandaye/post-login.html | ||
---|---|---|
6 | 6 |
<body> |
7 | 7 |
Please wait... |
8 | 8 |
<br/> |
9 |
<iframe id="post-login-frame" src="{% url 'post-login-do' %}" style="display: none;"> |
|
9 |
<iframe id="post-login-frame" src="{% url 'post-login-do' %}{% if next_url %}?next_url={{ next_url|iriencode }}{% endif %}" style="display: none;">
|
|
10 | 10 |
</iframe> |
11 | 11 |
</body> |
12 | 12 |
</html> |
mandayejs/mandaye/views.py | ||
---|---|---|
95 | 95 |
logger.debug(credentials) |
96 | 96 |
except (UserCredentials.DoesNotExist,): |
97 | 97 |
return HttpResponseRedirect(resolve_url('associate')) |
98 |
|
|
99 |
return render(request, 'mandaye/post-login.html', {}) |
|
98 |
next_url = request.GET.get('next_url') |
|
99 |
return render(request, 'mandaye/post-login.html', {'next_url': next_url})
|
|
100 | 100 |
|
101 | 101 |
|
102 | 102 |
@login_required |
... | ... | |
170 | 170 |
credentials.save() |
171 | 171 |
url = result.get('url', '/') |
172 | 172 |
|
173 |
# redirect user only if SSO successful |
|
174 |
if request.GET.get('next_url') and result['result'] == 'ok': |
|
175 |
url = request.GET['next_url'] |
|
173 | 176 |
template = Template('<script type="text/javascript">\ |
174 | 177 |
window.top.location = "{{url}}";</script>') |
175 | 178 |
context = RequestContext(request, {'url': url}) |
tests/test_mandayejs.py | ||
---|---|---|
370 | 370 |
mocked_popen.return_value = MockedPopen(expected_output=('<mandayejs></mandayejs>', None)) |
371 | 371 |
result = exec_phantom(LOGIN_INFO) |
372 | 372 |
assert result['result'] == 'json_error' |
373 |
|
|
374 |
|
|
375 |
@mock.patch('mandayejs.mandaye.utils.subprocess.Popen') |
|
376 |
@mock.patch('mandayejs.applications.Test.SITE_LOCATORS', MOCKED_SITE_LOCATORS) |
|
377 |
def test_post_login_do_with_next_url(mocked_popen, user_john): |
|
378 |
# when sso fails |
|
379 |
expected_output = { |
|
380 |
"result": "redirect", |
|
381 |
"reason": "password change required", |
|
382 |
"url": "http://mydomain.com/update_password.aspx" |
|
383 |
} |
|
384 |
expected_output = '<mandayejs>%s</mandayejs>' % json.dumps(expected_output) |
|
385 |
mocked_popen.return_value = MockedPopen(expected_output=(expected_output, None)) |
|
386 |
|
|
387 |
UserCredentials.objects.create(user=user_john, |
|
388 |
locators={ |
|
389 |
'login': 'johnny', 'password': 'jumper', |
|
390 |
'birth_date': '1995-06-11'}) |
|
391 |
|
|
392 |
request = RequestFactory() |
|
393 |
url = '%s?next=http://example.net/' % reverse('post-login-do') |
|
394 |
request = request.get(url) |
|
395 |
request.user = user_john |
|
396 |
response = post_login_do(request) |
|
397 |
assert 'window.top.location = "http://example.net/"' not in response.content |
|
398 |
|
|
399 |
# when SSO succeeds |
|
400 |
expected_output = { |
|
401 |
"result": "ok", |
|
402 |
"url": "http://mydomain.com/account.aspx" |
|
403 |
} |
|
404 |
expected_output = '<mandayejs>%s</mandayejs>' % json.dumps(expected_output) |
|
405 |
mocked_popen.return_value = MockedPopen(expected_output=(expected_output, None)) |
|
406 |
request = RequestFactory() |
|
407 |
url = '%s?next_url=http://example.net/' % reverse('post-login-do') |
|
408 |
request = request.get(url) |
|
409 |
request.user = user_john |
|
410 |
response = post_login_do(request) |
|
411 |
assert 'window.top.location = "http://example.net/"' in response.content |
Formats disponibles : Unified diff
allow redirection after sso (#19350)