allow redirection after sso (#19350)

2017-10-10 17:35:40 +02:00 · 2017-10-10 17:35:40 +02:00 · 462211e672
parent e6a1342392
commit 462211e672
3 changed files with 45 additions and 3 deletions
--- a/mandayejs/mandaye/templates/mandaye/post-login.html
+++ b/mandayejs/mandaye/templates/mandaye/post-login.html
@ -6,7 +6,7 @@
 <body>
 	Please wait...
 <br/>
- <iframe id="post-login-frame" src="{% url 'post-login-do' %}" style="display: none;">
+ <iframe id="post-login-frame" src="{% url 'post-login-do' %}{% if next_url %}?next_url={{ next_url|iriencode }}{% endif %}" style="display: none;">
 </iframe>
 </body>
 </html>
--- a/mandayejs/mandaye/views.py
+++ b/mandayejs/mandaye/views.py
@ -95,8 +95,8 @@ def post_login(request, *args, **kwargs):
        logger.debug(credentials)
    except (UserCredentials.DoesNotExist,):
        return HttpResponseRedirect(resolve_url('associate'))
-
-    return render(request, 'mandaye/post-login.html', {})
+    next_url = request.GET.get('next_url')
+    return render(request, 'mandaye/post-login.html', {'next_url': next_url})


@login_required
@ -170,6 +170,9 @@ def post_login_do(request, *args, **kwargs):
        credentials.save()
        url = result.get('url', '/')

+    # redirect user only if SSO successful
+    if request.GET.get('next_url') and result['result'] == 'ok':
+        url = request.GET['next_url']
    template = Template('<script type="text/javascript">\
                window.top.location = "{{url}}";</script>')
    context = RequestContext(request, {'url': url})
--- a/tests/test_mandayejs.py
+++ b/tests/test_mandayejs.py
@ -370,3 +370,42 @@ def test_enclosed_response(mocked_popen):
    mocked_popen.return_value = MockedPopen(expected_output=('<mandayejs></mandayejs>', None))
    result = exec_phantom(LOGIN_INFO)
    assert result['result'] == 'json_error'
+
+
+@mock.patch('mandayejs.mandaye.utils.subprocess.Popen')
+@mock.patch('mandayejs.applications.Test.SITE_LOCATORS', MOCKED_SITE_LOCATORS)
+def test_post_login_do_with_next_url(mocked_popen, user_john):
+    # when sso fails
+    expected_output = {
+        "result": "redirect",
+        "reason": "password change required",
+        "url": "http://mydomain.com/update_password.aspx"
+    }
+    expected_output = '<mandayejs>%s</mandayejs>' % json.dumps(expected_output)
+    mocked_popen.return_value = MockedPopen(expected_output=(expected_output, None))
+
+    UserCredentials.objects.create(user=user_john,
+                                   locators={
+                                       'login': 'johnny', 'password': 'jumper',
+                                       'birth_date': '1995-06-11'})
+
+    request = RequestFactory()
+    url = '%s?next=http://example.net/' % reverse('post-login-do')
+    request = request.get(url)
+    request.user = user_john
+    response = post_login_do(request)
+    assert 'window.top.location = "http://example.net/"' not in response.content
+
+    # when SSO succeeds
+    expected_output = {
+        "result": "ok",
+        "url": "http://mydomain.com/account.aspx"
+    }
+    expected_output = '<mandayejs>%s</mandayejs>' % json.dumps(expected_output)
+    mocked_popen.return_value = MockedPopen(expected_output=(expected_output, None))
+    request = RequestFactory()
+    url = '%s?next_url=http://example.net/' % reverse('post-login-do')
+    request = request.get(url)
+    request.user = user_john
+    response = post_login_do(request)
+    assert 'window.top.location = "http://example.net/"' in response.content