add discovery service support (fixes #10111)
This commit is contained in:
parent
8961a743f5
commit
bb9451e6ba
|
@ -4,6 +4,7 @@ import sys
|
||||||
class AppSettings(object):
|
class AppSettings(object):
|
||||||
__PREFIX = 'MELLON_'
|
__PREFIX = 'MELLON_'
|
||||||
__DEFAULTS = {
|
__DEFAULTS = {
|
||||||
|
'DISCOVERY_SERVICE_URL': None,
|
||||||
'PUBLIC_KEYS': (),
|
'PUBLIC_KEYS': (),
|
||||||
'PRIVATE_KEY': None,
|
'PRIVATE_KEY': None,
|
||||||
'PRIVATE_KEYS': (),
|
'PRIVATE_KEYS': (),
|
||||||
|
|
|
@ -8,7 +8,9 @@ from django.contrib import auth
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.views.decorators.csrf import csrf_exempt
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
from django.shortcuts import render, redirect, resolve_url
|
from django.shortcuts import render, redirect, resolve_url
|
||||||
from django.utils.http import same_origin
|
from django.utils.http import same_origin, urlencode
|
||||||
|
|
||||||
|
from . import app_settings
|
||||||
|
|
||||||
import lasso
|
import lasso
|
||||||
|
|
||||||
|
@ -212,10 +214,31 @@ class LoginView(LogMixin, View):
|
||||||
return self.sso_success(request, login)
|
return self.sso_success(request, login)
|
||||||
return self.sso_failure(request, login, idp_message, status_codes)
|
return self.sso_failure(request, login, idp_message, status_codes)
|
||||||
|
|
||||||
|
def request_discovery_service(self, request, is_passive=False):
|
||||||
|
self_url = request.build_absolute_uri(request.path)
|
||||||
|
url = app_settings.DISCOVERY_SERVICE_URL
|
||||||
|
params = {
|
||||||
|
# prevent redirect loops with the discovery service
|
||||||
|
'nodisco': '1',
|
||||||
|
'return': self_url
|
||||||
|
}
|
||||||
|
if is_passive:
|
||||||
|
params['isPassive'] = 'true'
|
||||||
|
url += '?' + urlencode(params)
|
||||||
|
return HttpResponseRedirect(url)
|
||||||
|
|
||||||
def get(self, request, *args, **kwargs):
|
def get(self, request, *args, **kwargs):
|
||||||
'''Initialize login request'''
|
'''Initialize login request'''
|
||||||
if 'SAMLart' in request.GET:
|
if 'SAMLart' in request.GET:
|
||||||
return self.continue_sso_artifact_get(request)
|
return self.continue_sso_artifact_get(request)
|
||||||
|
|
||||||
|
# redirect to discovery service if needed
|
||||||
|
if (not 'entityID' in request.GET
|
||||||
|
and not 'nodisco' in request.GET
|
||||||
|
and app_settings.DISCOVERY_SERVICE_URL):
|
||||||
|
return self.request_discovery_service(
|
||||||
|
request, is_passive=request.GET.get('passive') == '1')
|
||||||
|
|
||||||
next_url = request.GET.get('next')
|
next_url = request.GET.get('next')
|
||||||
idp = self.get_idp(request)
|
idp = self.get_idp(request)
|
||||||
if idp is None:
|
if idp is None:
|
||||||
|
|
Loading…
Reference in New Issue