From 09c32c83d5a9e03a1781e5a70f18e289f7d1e2d2 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Tue, 3 Dec 2019 17:26:53 +0100
Subject: [PATCH] misc: make login_hint works without next parameter (#38163)

---
 mellon/views.py       | 6 +++---
 tests/test_sso_slo.py | 7 +++++++
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/mellon/views.py b/mellon/views.py
index 98ba2ab..39a3c78 100644
--- a/mellon/views.py
+++ b/mellon/views.py
@@ -446,7 +446,7 @@ class LoginView(ProfileMixin, LogMixin, View):
                             </samlp:Extensions>''' % eo_next_url)
                     )
             self.set_next_url(next_url)
-            self.add_login_hints(idp, authn_request, request=request, next_url=next_url)
+            self.add_login_hints(idp, authn_request, request=request, next_url=next_url or '/')
             login.buildAuthnRequestMsg()
         except lasso.Error as e:
             return HttpResponseBadRequest('error initializing the authentication request: %r' % e)
@@ -469,14 +469,14 @@ class LoginView(ProfileMixin, LogMixin, View):
 
     def is_in_backoffice(self, request, next_url):
         path = utils.get_local_path(request, next_url)
-        return path.startswith(('/admin/', '/manage/', '/manager/'))
+        return path and path.startswith(('/admin/', '/manage/', '/manager/'))
 
     def add_login_hints(self, idp, authn_request, request, next_url=None):
         login_hints = utils.get_setting(idp, 'LOGIN_HINTS', [])
         hints = []
         for login_hint in login_hints:
             if login_hint == 'backoffice':
-                if self.is_in_backoffice(request, next_url):
+                if next_url and self.is_in_backoffice(request, next_url):
                     hints.append('backoffice')
             if login_hint == 'always_backoffice':
                 hints.append('backoffice')
diff --git a/tests/test_sso_slo.py b/tests/test_sso_slo.py
index 758fa80..05b7aa3 100644
--- a/tests/test_sso_slo.py
+++ b/tests/test_sso_slo.py
@@ -382,6 +382,13 @@ def test_sso_slo_pass_login_hints_always_backoffice(db, app, idp, caplog, sp_set
 
 def test_sso_slo_pass_login_hints_backoffice(db, app, idp, caplog, sp_settings):
     sp_settings.MELLON_LOGIN_HINTS = ['backoffice']
+
+    response = app.get(reverse('mellon_login'))
+    url, body, relay_state = idp.process_authn_request_redirect(response['Location'])
+    root = ET.fromstring(idp.request)
+    login_hints = root.findall('.//{https://www.entrouvert.com/}login-hint')
+    assert len(login_hints) == 0
+
     response = app.get(reverse('mellon_login') + '?next=/whatever/')
     url, body, relay_state = idp.process_authn_request_redirect(response['Location'])
     root = ET.fromstring(idp.request)