do not logout from local session on unlink (fixes #17331)
This commit is contained in:
parent
9587e13780
commit
212d41fdbe
|
@ -17,7 +17,9 @@ class Plugin(object):
|
|||
return ['authentic2_auth_fc.auth_frontends.FcFrontend']
|
||||
|
||||
def redirect_logout_list(self, request, **kwargs):
|
||||
url = utils.build_logout_url(request)
|
||||
from django.core.urlresolvers import reverse
|
||||
|
||||
url = utils.build_logout_url(request, next_url=reverse('auth_logout'))
|
||||
# url is assumed empty if no active session on the OP.
|
||||
if url:
|
||||
return [url]
|
||||
|
|
|
@ -3,23 +3,35 @@ import logging
|
|||
import os
|
||||
import json
|
||||
import datetime
|
||||
import uuid
|
||||
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.conf import settings
|
||||
from django.shortcuts import resolve_url
|
||||
|
||||
from . import app_settings
|
||||
|
||||
|
||||
def build_logout_url(request):
|
||||
def build_logout_url(request, next_url=None):
|
||||
"""
|
||||
For now fc_id_token in request.session is used as the flag of an
|
||||
active session on the OP. It is set in the login view and deleted in the
|
||||
logout return view.
|
||||
"""
|
||||
if not next_url:
|
||||
next_url = resolve_url(settings.LOGIN_REDIRECT_URL)
|
||||
state = unicode(uuid.uuid4())
|
||||
states = request.session.setdefault('fc_states', {})
|
||||
request.session.modified = True
|
||||
states['state'] = {
|
||||
'next': next_url,
|
||||
}
|
||||
if 'fc_id_token' in request.session:
|
||||
callback = request.build_absolute_uri(reverse('fc-logout'))
|
||||
qs = {
|
||||
'id_token_hint': request.session.get('fc_id_token_raw'),
|
||||
'post_logout_redirect_uri': callback
|
||||
'post_logout_redirect_uri': callback,
|
||||
'state': state,
|
||||
}
|
||||
return app_settings.logout_url + '?' + urllib.urlencode(qs)
|
||||
return None
|
||||
|
|
|
@ -22,6 +22,7 @@ from django.core.cache import InvalidCacheBackendError, caches
|
|||
from django.core.exceptions import PermissionDenied
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.forms import Form
|
||||
from django.conf import settings
|
||||
|
||||
from authentic2 import app_settings as a2_app_settings
|
||||
from authentic2 import utils as a2_utils
|
||||
|
@ -409,9 +410,10 @@ class UnlinkView(LoggerMixin, SingleObjectMixin, FormView):
|
|||
template_name = 'authentic2_auth_fc/unlink.html'
|
||||
|
||||
def get_success_url(self):
|
||||
url = reverse('account_management')
|
||||
if app_settings.logout_when_unlink:
|
||||
return reverse('auth_logout')
|
||||
return reverse('account_management')
|
||||
url = utils.build_logout_url(self.request, next_url=url)
|
||||
return url
|
||||
|
||||
def get_form_class(self):
|
||||
form_class = Form
|
||||
|
@ -473,11 +475,17 @@ unlink = UnlinkView.as_view()
|
|||
|
||||
class LogoutReturnView(View):
|
||||
def get(self, request, *args, **kwargs):
|
||||
state = request.GET.get('state')
|
||||
request.session.pop('fc_id_token', None)
|
||||
request.session.pop('fc_id_token_raw', None)
|
||||
request.session.pop('fc_user_info', None)
|
||||
request.session.pop('fc_data', None)
|
||||
request.session.pop('fc_states', None)
|
||||
return HttpResponseRedirect(reverse('auth_logout'))
|
||||
states = request.session.pop('fc_states', None)
|
||||
next_url = None
|
||||
if state in states:
|
||||
next_url = states[state].get('next')
|
||||
if not next_url:
|
||||
next_url = settings.LOGIN_REDIRECT_URL
|
||||
return HttpResponseRedirect(next_url)
|
||||
|
||||
logout = LogoutReturnView.as_view()
|
||||
|
|
Loading…
Reference in New Issue