views: send all related SessionIndex in LogoutRequest (#69955)
As we do not known which one the IdP remember, we must send them all.
This commit is contained in:
parent
cce77e82e5
commit
817314b8ee
|
@ -753,12 +753,14 @@ class LogoutView(ProfileMixin, LogMixin, View):
|
|||
self.get_relay_state(create=True)
|
||||
try:
|
||||
session_indexes = models.SessionIndex.objects.filter(
|
||||
saml_identifier__user=request.user, saml_identifier__issuer__entity_id=issuer
|
||||
).order_by('-id')
|
||||
saml_identifier__user=request.user,
|
||||
saml_identifier__issuer__entity_id=issuer,
|
||||
session_key=request.session.session_key,
|
||||
)
|
||||
if not session_indexes:
|
||||
self.log.error('unable to find lasso session dump')
|
||||
else:
|
||||
session_dump = utils.make_session_dump(session_indexes[:1])
|
||||
session_dump = utils.make_session_dump(session_indexes)
|
||||
logout.setSessionFromDump(session_dump)
|
||||
session_indexes.update(logout_timestamp=now())
|
||||
logout.initRequest(issuer, lasso.HTTP_METHOD_REDIRECT)
|
||||
|
@ -812,7 +814,10 @@ class LogoutView(ProfileMixin, LogMixin, View):
|
|||
token_content = signing.loads(token, salt=self.TOKEN_SALT)
|
||||
next_url = token_content['next_url'] or logout_next_url
|
||||
session_index_pk = token_content['session_index_pk']
|
||||
session_indexes = models.SessionIndex.objects.filter(pk=session_index_pk)
|
||||
session_index = models.SessionIndex.objects.filter(pk=session_index_pk).first()
|
||||
session_indexes = models.SessionIndex.objects.filter(
|
||||
saml_identifier=session_index.saml_identifier, session_key=session_index.session_key
|
||||
)
|
||||
if session_indexes:
|
||||
session_dump = utils.make_session_dump(session_indexes)
|
||||
logout = utils.create_logout(request)
|
||||
|
|
Loading…
Reference in New Issue