From 447f1c48bc26dfdc66742717d15b390f5b95a523 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Mon, 21 Jun 2021 14:38:48 +0200
Subject: [PATCH] middlewares: only forbid the oidc idp to administrators
 (#55022)

---
 src/authentic2_cut/middlewares.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/authentic2_cut/middlewares.py b/src/authentic2_cut/middlewares.py
index 13c58a5..dc45055 100644
--- a/src/authentic2_cut/middlewares.py
+++ b/src/authentic2_cut/middlewares.py
@@ -89,7 +89,7 @@ class CUTMiddleware(MiddlewareMixin):
             from django.shortcuts import render
 
             # interdit d'utiliser les IdP sur moncompte
-            if 'admin-cut' not in request.get_host() and request.path.startswith('/idp/'):
+            if 'admin-cut' not in request.get_host() and request.path.startswith('/idp/oidc/'):
                 return render(request, 'authentic2/cut-agents-forbidden.html')
 
             # pas de pages /accounts/ sur moncompte