summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenjamin Dauvergne <bdauvergne@entrouvert.com>2019-12-03 16:26:53 (GMT)
committerBenjamin Dauvergne <bdauvergne@entrouvert.com>2019-12-03 18:53:37 (GMT)
commit09c32c83d5a9e03a1781e5a70f18e289f7d1e2d2 (patch)
tree66fd04f9e5ab92fc4c0cea9fbb9c72bed9e68b82
parent9c26934e0e88ce25051004300129284809b990a2 (diff)
downloaddjango-mellon-09c32c83d5a9e03a1781e5a70f18e289f7d1e2d2.zip
django-mellon-09c32c83d5a9e03a1781e5a70f18e289f7d1e2d2.tar.gz
django-mellon-09c32c83d5a9e03a1781e5a70f18e289f7d1e2d2.tar.bz2
misc: make login_hint works without next parameter (#38163)
-rw-r--r--mellon/views.py6
-rw-r--r--tests/test_sso_slo.py7
2 files changed, 10 insertions, 3 deletions
diff --git a/mellon/views.py b/mellon/views.py
index 98ba2ab..39a3c78 100644
--- a/mellon/views.py
+++ b/mellon/views.py
@@ -446,7 +446,7 @@ class LoginView(ProfileMixin, LogMixin, View):
</samlp:Extensions>''' % eo_next_url)
)
self.set_next_url(next_url)
- self.add_login_hints(idp, authn_request, request=request, next_url=next_url)
+ self.add_login_hints(idp, authn_request, request=request, next_url=next_url or '/')
login.buildAuthnRequestMsg()
except lasso.Error as e:
return HttpResponseBadRequest('error initializing the authentication request: %r' % e)
@@ -469,14 +469,14 @@ class LoginView(ProfileMixin, LogMixin, View):
def is_in_backoffice(self, request, next_url):
path = utils.get_local_path(request, next_url)
- return path.startswith(('/admin/', '/manage/', '/manager/'))
+ return path and path.startswith(('/admin/', '/manage/', '/manager/'))
def add_login_hints(self, idp, authn_request, request, next_url=None):
login_hints = utils.get_setting(idp, 'LOGIN_HINTS', [])
hints = []
for login_hint in login_hints:
if login_hint == 'backoffice':
- if self.is_in_backoffice(request, next_url):
+ if next_url and self.is_in_backoffice(request, next_url):
hints.append('backoffice')
if login_hint == 'always_backoffice':
hints.append('backoffice')
diff --git a/tests/test_sso_slo.py b/tests/test_sso_slo.py
index 758fa80..05b7aa3 100644
--- a/tests/test_sso_slo.py
+++ b/tests/test_sso_slo.py
@@ -382,6 +382,13 @@ def test_sso_slo_pass_login_hints_always_backoffice(db, app, idp, caplog, sp_set
def test_sso_slo_pass_login_hints_backoffice(db, app, idp, caplog, sp_settings):
sp_settings.MELLON_LOGIN_HINTS = ['backoffice']
+
+ response = app.get(reverse('mellon_login'))
+ url, body, relay_state = idp.process_authn_request_redirect(response['Location'])
+ root = ET.fromstring(idp.request)
+ login_hints = root.findall('.//{https://www.entrouvert.com/}login-hint')
+ assert len(login_hints) == 0
+
response = app.get(reverse('mellon_login') + '?next=/whatever/')
url, body, relay_state = idp.process_authn_request_redirect(response['Location'])
root = ET.fromstring(idp.request)