Properly calculate auth_url for WEBSSO from POST data

The redirect for WEBSSO takes its data directly from the request's
POST data, and the format of that data has changed, so now we need
to convert it for it to work correctly.

Change-Id: I5b18e555a9bc6b24be1e59465f07e73e99739e22
closes-bug: #1794710

openstack_auth/forms.py

@@ -28,6 +28,13 @@ from openstack_auth import utils
 LOG = logging.getLogger(__name__)
 
 
+def get_region_endpoint(region_id):
+    if region_id == "default":
+        return settings.OPENSTACK_KEYSTONE_URL
+    all_regions = getattr(settings, 'AVAILABLE_REGIONS', [])
+    return all_regions[int(region_id)][0]
+
+
 class Login(django_auth_forms.AuthenticationForm):
     """Form used for logging in a user.
 
@@ -125,14 +132,11 @@ class Login(django_auth_forms.AuthenticationForm):
         password = self.cleaned_data.get('password')
         domain = self.cleaned_data.get('domain', default_domain)
         region_id = self.cleaned_data.get('region')
-        if region_id == "default":
-            region = settings.OPENSTACK_KEYSTONE_URL
-        else:
-            all_regions = getattr(settings, 'AVAILABLE_REGIONS', [])
-            try:
-                region = all_regions[int(region_id)][0]
-            except (ValueError, IndexError, TypeError):
-                raise forms.ValidationError("Invalid region %r" % region_id)
+        try:
+            region = get_region_endpoint(region_id)
+        except (ValueError, IndexError, TypeError):
+            raise forms.ValidationError("Invalid region %r" % region_id)
+        self.cleaned_data['region'] = region
 
         if not (username and password):
             # Don't authenticate, just let the other validators handle it.

openstack_auth/tests/unit/test_auth.py

@@ -1171,7 +1171,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
                         (settings.OPENSTACK_KEYSTONE_URL, protocol, origin))
 
         form_data = {'auth_type': protocol,
-                     'region': settings.OPENSTACK_KEYSTONE_URL}
+                     'region': 'default'}
         url = reverse('login')
 
         # POST to the page and redirect to keystone.
@@ -1188,7 +1188,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
                          protocol, origin))
 
         form_data = {'auth_type': self.idp_oidc_id,
-                     'region': settings.OPENSTACK_KEYSTONE_URL}
+                     'region': 'default'}
         url = reverse('login')
 
         # POST to the page and redirect to keystone.
@@ -1206,7 +1206,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
                          protocol, origin))
 
         form_data = {'auth_type': self.idp_oidc_id,
-                     'region': settings.OPENSTACK_KEYSTONE_URL}
+                     'region': 'default'}
         url = reverse('login')
 
         # POST to the page and redirect to keystone.

openstack_auth/views.py

@@ -71,8 +71,9 @@ def login(request, template_name=None, extra_context=None, **kwargs):
     if request.method == 'POST':
         auth_type = request.POST.get('auth_type', 'credentials')
         if utils.is_websso_enabled() and auth_type != 'credentials':
+            region_id = request.POST.get('region')
             auth_url = getattr(settings, 'WEBSSO_KEYSTONE_URL',
-                               request.POST.get('region'))
+                               forms.get_region_endpoint(region_id))
             url = utils.get_websso_url(request, auth_url, auth_type)
             return shortcuts.redirect(url)