From ae81e867b7da831ff0755b3bf1ac1a95da3e77e8 Mon Sep 17 00:00:00 2001
From: root <root@adelauth>
Date: Wed, 19 Nov 2008 12:38:56 +0100
Subject: [PATCH] Add a confirmation page when asking for defederation

---
 extra/modules/alternatespui.ptl | 45 +++++++++++++++++++++++++++++++++
 extra/modules/liberty.py        |  3 +++
 extra/modules/root.ptl          |  4 +--
 3 files changed, 49 insertions(+), 3 deletions(-)
 create mode 100644 extra/modules/alternatespui.ptl

diff --git a/extra/modules/alternatespui.ptl b/extra/modules/alternatespui.ptl
new file mode 100644
index 0000000..d5d9ff1
--- /dev/null
+++ b/extra/modules/alternatespui.ptl
@@ -0,0 +1,45 @@
+import time
+import sys
+import re
+import base64
+import Cookie
+import StringIO
+import cgi
+import traceback
+import socket
+import xml.sax.saxutils
+
+import lasso
+
+try:
+    import lassodgme
+except ImportError:
+    print >> sys.stderr, 'Missing lassodgme module; ID-WSF proxy has been disabled'
+    lassodgme = None
+
+from quixote import get_session, get_session_manager, get_request, get_response, redirect, get_field, get_publisher
+from quixote.http_request import parse_header
+
+from qommon import get_cfg, get_logger
+from qommon import errors, template
+
+import misc
+
+import authentic.liberty.root
+from authentic.liberty.root import SOAPError
+
+
+class AlternateSpUI(authentic.liberty.root.SpUI):
+    _q_exports = ['proxy_terminate_confirm','terminate','login','proxy_terminate']
+
+    def proxy_terminate_confirm [html] (self):
+        template.html_top()
+        u'<p>Souhaitez-vous vraiment supprimer la liaison avec Mon Service Public ?</p>'
+        u'<p><ul>'
+        u'<li><a href="proxy_terminate">Valider<a/></li>'
+        u'<li><a href="../../..">Annuler</a></li>'
+        u'</ul></p>'
+
+class AlternateSpDir(authentic.liberty.root.SpDir):
+    def _q_lookup(self, component):
+        return AlternateSpUI(component)
diff --git a/extra/modules/liberty.py b/extra/modules/liberty.py
index 2ba3c48..0f935df 100644
--- a/extra/modules/liberty.py
+++ b/extra/modules/liberty.py
@@ -27,6 +27,7 @@ import misc
 
 import authentic.liberty.root
 from authentic.liberty.root import SOAPError
+from alternatespui import AlternateSpDir
 
 ED_MIGRATION_DISABLED = False
 ED_DOCUMENTS_MIGRATION_DISABLED = True
@@ -58,6 +59,8 @@ class AlternateLibertyDirectory(authentic.liberty.root.RootDirectory):
             "proxySoapEndpoint", "proxyAssertionConsumer", "proxySingleLogout",
             "proxySingleLogoutNext", 'mspProxyEndpoint', 'proxySingleLogoutReturn']
 
+    sp = AlternateSpDir()
+
     def perform_proxy_login(self, idp = None, nameIdPolicy = None, extensions = None):
         session = get_session()
         server = authentic.misc.get_lasso_server(lasso.PROVIDER_ROLE_SP)
diff --git a/extra/modules/root.ptl b/extra/modules/root.ptl
index 9a03552..9391341 100644
--- a/extra/modules/root.ptl
+++ b/extra/modules/root.ptl
@@ -52,8 +52,6 @@ class MspUserHash(StorableObject):
         return cls.get(hash)
     get_by_cookie = classmethod(get_by_cookie)
 
-
-
 class AlternateRootDirectory(OldRootDirectory):
     _q_exports = ['', 'admin', 'liberty', 'login', 'logout', 'change_password', 'register',
             'forgot_password', 'update_info', 'saml', 'singleLogout',
@@ -140,7 +138,7 @@ class AlternateRootDirectory(OldRootDirectory):
         if identity.is_federated_with_msp():
             msp_provider_id = get_cfg('adeline', {}).get('msp_idp')
             klp = get_key_from_provider_id(msp_provider_id)
-            terminate_url = '/liberty/sp/%s/proxy_terminate' % klp
+            terminate_url = '/liberty/sp/%s/proxy_terminate_confirm' % klp
             msp_portal_url = get_cfg('adeline', {}).get('msp_portal_url')
             '<li>%s <span class="but-right"><a href="%s">%s</a> <a href="%s">%s</a></span></li>' % (
                     _('Access MSP'), msp_portal_url, _('Connect'), terminate_url, _('Remove Link'))