Properly calculate auth_url for WEBSSO from POST data

The redirect for WEBSSO takes its data directly from the request's
POST data, and the format of that data has changed, so now we need
to convert it for it to work correctly.

Change-Id: I5b18e555a9bc6b24be1e59465f07e73e99739e22
closes-bug: #1794710
This commit is contained in:
Radomir Dopieralski 2018-10-17 18:44:21 +02:00 committed by Radomir Dopieralski
parent 1217df5984
commit 1953c689e8
3 changed files with 17 additions and 12 deletions

View File

@ -28,6 +28,13 @@ from openstack_auth import utils
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
def get_region_endpoint(region_id):
if region_id == "default":
return settings.OPENSTACK_KEYSTONE_URL
all_regions = getattr(settings, 'AVAILABLE_REGIONS', [])
return all_regions[int(region_id)][0]
class Login(django_auth_forms.AuthenticationForm): class Login(django_auth_forms.AuthenticationForm):
"""Form used for logging in a user. """Form used for logging in a user.
@ -125,14 +132,11 @@ class Login(django_auth_forms.AuthenticationForm):
password = self.cleaned_data.get('password') password = self.cleaned_data.get('password')
domain = self.cleaned_data.get('domain', default_domain) domain = self.cleaned_data.get('domain', default_domain)
region_id = self.cleaned_data.get('region') region_id = self.cleaned_data.get('region')
if region_id == "default":
region = settings.OPENSTACK_KEYSTONE_URL
else:
all_regions = getattr(settings, 'AVAILABLE_REGIONS', [])
try: try:
region = all_regions[int(region_id)][0] region = get_region_endpoint(region_id)
except (ValueError, IndexError, TypeError): except (ValueError, IndexError, TypeError):
raise forms.ValidationError("Invalid region %r" % region_id) raise forms.ValidationError("Invalid region %r" % region_id)
self.cleaned_data['region'] = region
if not (username and password): if not (username and password):
# Don't authenticate, just let the other validators handle it. # Don't authenticate, just let the other validators handle it.

View File

@ -1171,7 +1171,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
(settings.OPENSTACK_KEYSTONE_URL, protocol, origin)) (settings.OPENSTACK_KEYSTONE_URL, protocol, origin))
form_data = {'auth_type': protocol, form_data = {'auth_type': protocol,
'region': settings.OPENSTACK_KEYSTONE_URL} 'region': 'default'}
url = reverse('login') url = reverse('login')
# POST to the page and redirect to keystone. # POST to the page and redirect to keystone.
@ -1188,7 +1188,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
protocol, origin)) protocol, origin))
form_data = {'auth_type': self.idp_oidc_id, form_data = {'auth_type': self.idp_oidc_id,
'region': settings.OPENSTACK_KEYSTONE_URL} 'region': 'default'}
url = reverse('login') url = reverse('login')
# POST to the page and redirect to keystone. # POST to the page and redirect to keystone.
@ -1206,7 +1206,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
protocol, origin)) protocol, origin))
form_data = {'auth_type': self.idp_oidc_id, form_data = {'auth_type': self.idp_oidc_id,
'region': settings.OPENSTACK_KEYSTONE_URL} 'region': 'default'}
url = reverse('login') url = reverse('login')
# POST to the page and redirect to keystone. # POST to the page and redirect to keystone.

View File

@ -71,8 +71,9 @@ def login(request, template_name=None, extra_context=None, **kwargs):
if request.method == 'POST': if request.method == 'POST':
auth_type = request.POST.get('auth_type', 'credentials') auth_type = request.POST.get('auth_type', 'credentials')
if utils.is_websso_enabled() and auth_type != 'credentials': if utils.is_websso_enabled() and auth_type != 'credentials':
region_id = request.POST.get('region')
auth_url = getattr(settings, 'WEBSSO_KEYSTONE_URL', auth_url = getattr(settings, 'WEBSSO_KEYSTONE_URL',
request.POST.get('region')) forms.get_region_endpoint(region_id))
url = utils.get_websso_url(request, auth_url, auth_type) url = utils.get_websso_url(request, auth_url, auth_type)
return shortcuts.redirect(url) return shortcuts.redirect(url)