authsaml2: remove logout view made to be called directly from the UI.

2013-12-12 14:42:24 +01:00 · 2013-12-12 14:42:24 +01:00 · c7b7600295
parent f0bcfffca3
commit c7b7600295
2 changed files with 1 additions and 121 deletions
--- a/authentic2/authsaml2/saml2_endpoints.py
+++ b/authentic2/authsaml2/saml2_endpoints.py
@ -979,124 +979,6 @@ def process_logout_response(request, logout, soap_response, next):
        return redirect_next(request, next) or ok_icon(request)


-def logout(request):
-    '''
-        To call from a UI
-    '''
-    if request.user.is_anonymous():
-        return error_page(request,
-            _('logout: not a logged in user'),
-            logger=logger)
-    server = build_service_provider(request)
-    if not server:
-        return error_page(request,
-            _('logout: Service provider not configured'),
-            logger=logger)
-    logout = lasso.Logout(server)
-    if not logout:
-        return error_page(request,
-            _('logout: Unable to create Login object'),
-            logger=logger)
-    load_session(request, logout, kind=LIBERTY_SESSION_DUMP_KIND_SP)
-    # Lookup for the Identity provider from session
-    q = LibertySessionDump. \
-        objects.filter(django_session_key=request.session.session_key)
-    if not q:
-        return error_page(request,
-            _('logout: No session for global logout.'),
-            logger=logger)
-    try:
-        pid = lasso.Session().newFromDump(q[0].session_dump). \
-            get_assertions().keys()[0]
-        LibertyProvider.objects.get(entity_id=pid)
-    except:
-        return error_page(request,
-            _('logout: Session malformed.'),
-            logger=logger)
-
-    provider = load_provider(request, pid, server=server, sp_or_idp='idp')
-    if not provider:
-        return error_page(request,
-            _('logout: Error loading provider.'),
-            logger=logger)
-
-    policy = get_idp_options_policy(provider)
-    if policy and policy.enable_http_method_for_slo_request \
-            and policy.http_method_for_slo_request:
-        if policy.http_method_for_slo_request == lasso.HTTP_METHOD_SOAP:
-            try:
-                logout.initRequest(None, lasso.HTTP_METHOD_SOAP)
-            except lasso.Error, error:
-                return localLogout(request, error)
-            try:
-                logout.buildRequestMsg()
-            except lasso.Error, error:
-                return localLogout(request, error)
-        # TODO: Client cert
-            client_cert = None
-            soap_answer = None
-            try:
-                soap_answer = soap_call(logout.msgUrl,
-                    logout.msgBody, client_cert=client_cert)
-            except SOAPException, error:
-                return localLogout(request, error)
-            if not soap_answer:
-                remove_liberty_session_sp(request)
-                signals.auth_logout.send(sender=None, user=request.user)
-                auth_logout(request)
-                return error_page(request,
-                    _('logout: SOAP error - \
-                    Only local logout performed.'),
-                    logger=logger)
-            return slo_return(request, logout, soap_answer)
-        else:
-            try:
-                logout.initRequest(None, lasso.HTTP_METHOD_REDIRECT)
-            except lasso.Error, error:
-                return localLogout(request, error)
-            session_index = get_session_index(request)
-            if session_index:
-                logout.request.sessionIndex = session_index
-            try:
-                logout.buildRequestMsg()
-            except lasso.Error, error:
-                return localLogout(request, error)
-            return HttpResponseRedirect(logout.msgUrl)
-
-    # If not defined in the metadata,
-    # put ANY to let lasso do its job from metadata
-    try:
-        logout.initRequest(pid)
-    except lasso.Error, error:
-        return localLogout(request, error)
-    if not logout.msgBody:
-        try:
-            logout.buildRequestMsg()
-        except lasso.Error, error:
-            return localLogout(request, error)
-        # TODO: Client cert
-        client_cert = None
-        try:
-            soap_answer = soap_call(logout.msgUrl,
-                logout.msgBody, client_cert=client_cert)
-        except SOAPException:
-            return localLogout(request, error)
-        return slo_return(request, logout, soap_answer)
-    else:
-        session_index = get_session_index(request)
-        if session_index:
-            logout.request.sessionIndex = session_index
-        try:
-            logout.buildRequestMsg()
-        except lasso.Error, error:
-            return localLogout(request, error)
-        return HttpResponseRedirect(logout.msgUrl)
-
-    return error_page(request,
-            _('logout:  Unknown HTTP method.'),
-            logger=logger)
-
-
 def localLogout(request, error):
    remove_liberty_session_sp(request)
    signals.auth_logout.send(sender=None, user=request.user)
--- a/authentic2/authsaml2/urls.py
+++ b/authentic2/authsaml2/urls.py
@ -3,7 +3,7 @@ from django.conf import settings
 from django.conf.urls import patterns, url

 from authentic2.authsaml2.saml2_endpoints import metadata, sso, finish_federation, \
-    singleSignOnArtifact, singleSignOnPost, sp_slo, logout, singleLogoutReturn, \
+    singleSignOnArtifact, singleSignOnPost, sp_slo, singleLogoutReturn, \
    singleLogoutSOAP, singleLogout, federationTermination, manageNameIdReturn, \
    manageNameIdSOAP, manageNameId, delete_federation, redirect_to_disco, \
    disco_response
@ -17,8 +17,6 @@ urlpatterns = patterns('',
    (r'^singleSignOnPost$', singleSignOnPost),
    # Receive request from functions
    (r'^sp_slo/(.*)$', sp_slo),
-    # Receive request from user interface
-    (r'^logout$', logout),
    # Receive response from Redirect SP initiated
    (r'^singleLogoutReturn$', singleLogoutReturn),
    # Receive request from SOAP IdP initiated