Properly calculate auth_url for WEBSSO from POST data
The redirect for WEBSSO takes its data directly from the request's POST data, and the format of that data has changed, so now we need to convert it for it to work correctly. Change-Id: I5b18e555a9bc6b24be1e59465f07e73e99739e22 closes-bug: #1794710
This commit is contained in:
parent
1217df5984
commit
1953c689e8
@ -28,6 +28,13 @@ from openstack_auth import utils
|
|||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
def get_region_endpoint(region_id):
|
||||||
|
if region_id == "default":
|
||||||
|
return settings.OPENSTACK_KEYSTONE_URL
|
||||||
|
all_regions = getattr(settings, 'AVAILABLE_REGIONS', [])
|
||||||
|
return all_regions[int(region_id)][0]
|
||||||
|
|
||||||
|
|
||||||
class Login(django_auth_forms.AuthenticationForm):
|
class Login(django_auth_forms.AuthenticationForm):
|
||||||
"""Form used for logging in a user.
|
"""Form used for logging in a user.
|
||||||
|
|
||||||
@ -125,14 +132,11 @@ class Login(django_auth_forms.AuthenticationForm):
|
|||||||
password = self.cleaned_data.get('password')
|
password = self.cleaned_data.get('password')
|
||||||
domain = self.cleaned_data.get('domain', default_domain)
|
domain = self.cleaned_data.get('domain', default_domain)
|
||||||
region_id = self.cleaned_data.get('region')
|
region_id = self.cleaned_data.get('region')
|
||||||
if region_id == "default":
|
|
||||||
region = settings.OPENSTACK_KEYSTONE_URL
|
|
||||||
else:
|
|
||||||
all_regions = getattr(settings, 'AVAILABLE_REGIONS', [])
|
|
||||||
try:
|
try:
|
||||||
region = all_regions[int(region_id)][0]
|
region = get_region_endpoint(region_id)
|
||||||
except (ValueError, IndexError, TypeError):
|
except (ValueError, IndexError, TypeError):
|
||||||
raise forms.ValidationError("Invalid region %r" % region_id)
|
raise forms.ValidationError("Invalid region %r" % region_id)
|
||||||
|
self.cleaned_data['region'] = region
|
||||||
|
|
||||||
if not (username and password):
|
if not (username and password):
|
||||||
# Don't authenticate, just let the other validators handle it.
|
# Don't authenticate, just let the other validators handle it.
|
||||||
|
@ -1171,7 +1171,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
|
|||||||
(settings.OPENSTACK_KEYSTONE_URL, protocol, origin))
|
(settings.OPENSTACK_KEYSTONE_URL, protocol, origin))
|
||||||
|
|
||||||
form_data = {'auth_type': protocol,
|
form_data = {'auth_type': protocol,
|
||||||
'region': settings.OPENSTACK_KEYSTONE_URL}
|
'region': 'default'}
|
||||||
url = reverse('login')
|
url = reverse('login')
|
||||||
|
|
||||||
# POST to the page and redirect to keystone.
|
# POST to the page and redirect to keystone.
|
||||||
@ -1188,7 +1188,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
|
|||||||
protocol, origin))
|
protocol, origin))
|
||||||
|
|
||||||
form_data = {'auth_type': self.idp_oidc_id,
|
form_data = {'auth_type': self.idp_oidc_id,
|
||||||
'region': settings.OPENSTACK_KEYSTONE_URL}
|
'region': 'default'}
|
||||||
url = reverse('login')
|
url = reverse('login')
|
||||||
|
|
||||||
# POST to the page and redirect to keystone.
|
# POST to the page and redirect to keystone.
|
||||||
@ -1206,7 +1206,7 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin,
|
|||||||
protocol, origin))
|
protocol, origin))
|
||||||
|
|
||||||
form_data = {'auth_type': self.idp_oidc_id,
|
form_data = {'auth_type': self.idp_oidc_id,
|
||||||
'region': settings.OPENSTACK_KEYSTONE_URL}
|
'region': 'default'}
|
||||||
url = reverse('login')
|
url = reverse('login')
|
||||||
|
|
||||||
# POST to the page and redirect to keystone.
|
# POST to the page and redirect to keystone.
|
||||||
|
@ -71,8 +71,9 @@ def login(request, template_name=None, extra_context=None, **kwargs):
|
|||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
auth_type = request.POST.get('auth_type', 'credentials')
|
auth_type = request.POST.get('auth_type', 'credentials')
|
||||||
if utils.is_websso_enabled() and auth_type != 'credentials':
|
if utils.is_websso_enabled() and auth_type != 'credentials':
|
||||||
|
region_id = request.POST.get('region')
|
||||||
auth_url = getattr(settings, 'WEBSSO_KEYSTONE_URL',
|
auth_url = getattr(settings, 'WEBSSO_KEYSTONE_URL',
|
||||||
request.POST.get('region'))
|
forms.get_region_endpoint(region_id))
|
||||||
url = utils.get_websso_url(request, auth_url, auth_type)
|
url = utils.get_websso_url(request, auth_url, auth_type)
|
||||||
return shortcuts.redirect(url)
|
return shortcuts.redirect(url)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user