entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 35 Releases Activity

use only underscores in session variables to allow access from templates

This commit is contained in:
Benjamin Dauvergne 2017-06-21 11:16:51 +02:00
parent 6461daab81
commit 68fdf61c9a
3 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/authentic2_auth_fc/auth_frontends.py
View File

@ -22,8 +22,8 @@ class FcFrontend(object):
if 'nofc' in request.GET:
return
tpl_parameters = {'about_url': app_settings.about_url}
if 'fc-user_info' in request.session:
tpl_parameters['fc_user_info'] = request.session['fc-user_info']
if 'fc_user_info' in request.session:
tpl_parameters['fc_user_info'] = request.session['fc_user_info']
context_instance = kwargs.pop('context_instance', None)
return render(request, 'authentic2_auth_fc/login.html',
tpl_parameters, context_instance=context_instance)
@ -44,7 +44,7 @@ class FcFrontend(object):
context_instance=context_instance)
def registration(self, request, *args, **kwargs):
if 'fc-user_info' in request.session:
if 'fc_user_info' in request.session:
return []
context_instance = kwargs.get('context_instance', RequestContext(request))
tpl_parameters = {'about_url': app_settings.about_url}

18
src/authentic2_auth_fc/utils.py
View File

@ -11,14 +11,14 @@ from . import app_settings
def build_logout_url(request):
"""
For now fc-id_token in request.session is used as the flag of an
For now fc_id_token in request.session is used as the flag of an
active session on the OP. It is set in the login view and deleted in the
logout return view.
"""
if 'fc-id_token' in request.session:
if 'fc_id_token' in request.session:
callback = request.build_absolute_uri(reverse('fc-logout'))
qs = {
'id_token_hint': request.session.get('fc-id_token_raw'),
'id_token_hint': request.session.get('fc_id_token_raw'),
'post_logout_redirect_uri': callback
}
return app_settings.logout_url + '?' + urllib.urlencode(qs)
@ -27,19 +27,19 @@ def build_logout_url(request):
def get_mapped_attributes(request):
values = {}
if 'fc-user_info' in request.session:
if 'fc_user_info' in request.session:
for fc_name, local_name in app_settings.attributes_mapping.items():
if fc_name in request.session['fc-user_info']:
values[local_name] = [request.session['fc-user_info'][fc_name]]
if fc_name in request.session['fc_user_info']:
values[local_name] = [request.session['fc_user_info'][fc_name]]
return values
def get_mapped_attributes_flat(request):
values = {}
if 'fc-user_info' in request.session:
if 'fc_user_info' in request.session:
for fc_name, local_name in app_settings.attributes_mapping.items():
if fc_name in request.session['fc-user_info']:
values[local_name] = request.session['fc-user_info'][fc_name]
if fc_name in request.session['fc_user_info']:
values[local_name] = request.session['fc_user_info'][fc_name]
return values

26
src/authentic2_auth_fc/views.py
View File

@ -64,7 +64,7 @@ def ask_authorization(request, scopes, logger):
scopes = [scopes]
redirect_uri = request.build_absolute_uri()
state = unicode(uuid.uuid4())
states = request.session.setdefault('fc-states', {})
states = request.session.setdefault('fc_states', {})
states[state] = {
'redirect_uri': redirect_uri,
}
@ -129,7 +129,7 @@ def access_token_from_request(request, logger):
return
if not state:
return
states = request.session.get('fc-states', {})
states = request.session.get('fc_states', {})
if state not in states:
return
# there should not be many FC SSO in flight
@ -257,7 +257,7 @@ class FcOAuthSessionViewMixin(LoggerMixin):
messages.warning(request, _('Unable to connect to FranceConnect.'))
return self.redirect(request)
nonce = self.id_token.get('nonce')
states = request.session.get('fc-states', {})
states = request.session.get('fc_states', {})
if not nonce or nonce not in states:
self.logger.warning(u'invalid nonce in id_token %s, known ones %s', nonce,
u', '.join(states.keys()))
@ -275,18 +275,18 @@ class FcOAuthSessionViewMixin(LoggerMixin):
messages.warning(request, _('Unable to connect to FranceConnect.'))
return self.redirect(request)
self.logger.debug('fc user_info %s', self.user_info)
self.request.session['fc-id_token'] = self.id_token
self.request.session['fc-id_token_raw'] = self.token['id_token']
self.request.session['fc-user_info'] = self.user_info
self.request.session['fc_id_token'] = self.id_token
self.request.session['fc_id_token_raw'] = self.token['id_token']
self.request.session['fc_user_info'] = self.user_info
if 'fd_scopes' in request.GET:
scopes = request.GET.get('fd_scopes')
scopes = scopes.split()
self.data = self.get_data(scopes)
self.logger.debug('fc data %s', self.data)
fc_data = self.request.session.setdefault('fc-data', {})
fc_data = self.request.session.setdefault('fc_data', {})
for scope in self.data:
fc_data.setdefault(scope, []).extend(self.data[scope])
self.logger.debug('fc data in session %s', self.request.session['fc-data'])
self.logger.debug('fc data in session %s', self.request.session['fc_data'])
return super(FcOAuthSessionViewMixin, self).dispatch(request,
*args,
**kwargs)
@ -473,11 +473,11 @@ unlink = UnlinkView.as_view()
class LogoutReturnView(View):
def get(self, request, *args, **kwargs):
request.session.pop('fc-id_token', None)
request.session.pop('fc-id_token_raw', None)
request.session.pop('fc-user_info', None)
request.session.pop('fc-data', None)
request.session.pop('fc-states', None)
request.session.pop('fc_id_token', None)
request.session.pop('fc_id_token_raw', None)
request.session.pop('fc_user_info', None)
request.session.pop('fc_data', None)
request.session.pop('fc_states', None)
return HttpResponseRedirect(reverse('auth_logout'))
logout = LogoutReturnView.as_view()