views: fix logout is user is already logged out (#50155)
This commit is contained in:
parent
956a8651c2
commit
7cd78e96ab
|
@ -659,6 +659,9 @@ class LogoutView(ProfileMixin, LogMixin, View):
|
|||
if logout:
|
||||
self.set_next_url(next_url)
|
||||
self.log.info('user logged out, SLO request sent to IdP')
|
||||
else:
|
||||
# anonymous user: if next_url is None redirect to referer
|
||||
return HttpResponseRedirect(next_url or referer)
|
||||
else:
|
||||
self.log.warning('logout refused referer %r is not of the same origin', referer)
|
||||
return HttpResponseRedirect(next_url)
|
||||
|
|
|
@ -233,8 +233,11 @@ def test_sso_slo(db, app, idp, caplog, sp_settings):
|
|||
assert 'created new user' in caplog.text
|
||||
assert 'logged in using SAML' in caplog.text
|
||||
assert urlparse.urlparse(response['Location']).path == '/whatever/'
|
||||
response = app.get(reverse('mellon_logout'))
|
||||
response = app.get(reverse('mellon_logout'), extra_environ={'HTTP_REFERER': str('/some/path')})
|
||||
assert urlparse.urlparse(response['Location']).path == '/singleLogout'
|
||||
# again, user is already logged out
|
||||
response = app.get(reverse('mellon_logout'), extra_environ={'HTTP_REFERER': str('/some/path')})
|
||||
assert urlparse.urlparse(response['Location']).path == '/some/path'
|
||||
|
||||
|
||||
def test_sso_idp_slo(db, app, idp, caplog, sp_settings):
|
||||
|
|
Loading…
Reference in New Issue