flows: change wording of consent on flows
This commit is contained in:
parent
12525051b6
commit
03b1a67b44
|
@ -77,6 +77,7 @@ class TestProviderOIDC(StaticLiveServerTestCase):
|
||||||
|
|
||||||
def test_redirect_uri_error(self):
|
def test_redirect_uri_error(self):
|
||||||
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
|
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
|
||||||
|
sleep(1)
|
||||||
# Bootstrap all needed objects
|
# Bootstrap all needed objects
|
||||||
authorization_flow = Flow.objects.get(slug="default-provider-authorization")
|
authorization_flow = Flow.objects.get(slug="default-provider-authorization")
|
||||||
client = Client.objects.create(
|
client = Client.objects.create(
|
||||||
|
@ -113,10 +114,13 @@ class TestProviderOIDC(StaticLiveServerTestCase):
|
||||||
"Redirect URI Error",
|
"Redirect URI Error",
|
||||||
)
|
)
|
||||||
|
|
||||||
def test_authorization_no_consent(self):
|
def test_authorization_consent_implied(self):
|
||||||
"""test OpenID Provider flow (default authorization flow without consent)"""
|
"""test OpenID Provider flow (default authorization flow with implied consent)"""
|
||||||
|
sleep(1)
|
||||||
# Bootstrap all needed objects
|
# Bootstrap all needed objects
|
||||||
authorization_flow = Flow.objects.get(slug="default-provider-authorization")
|
authorization_flow = Flow.objects.get(
|
||||||
|
slug="default-provider-authorization-implicit-consent"
|
||||||
|
)
|
||||||
client = Client.objects.create(
|
client = Client.objects.create(
|
||||||
name="grafana",
|
name="grafana",
|
||||||
client_type="confidential",
|
client_type="confidential",
|
||||||
|
@ -174,11 +178,12 @@ class TestProviderOIDC(StaticLiveServerTestCase):
|
||||||
"root@localhost",
|
"root@localhost",
|
||||||
)
|
)
|
||||||
|
|
||||||
def test_authorization_consent(self):
|
def test_authorization_consent_explicit(self):
|
||||||
"""test OpenID Provider flow (default authorization flow with consent)"""
|
"""test OpenID Provider flow (default authorization flow with explicit consent)"""
|
||||||
|
sleep(1)
|
||||||
# Bootstrap all needed objects
|
# Bootstrap all needed objects
|
||||||
authorization_flow = Flow.objects.get(
|
authorization_flow = Flow.objects.get(
|
||||||
slug="default-provider-authorization-consent"
|
slug="default-provider-authorization-explicit-consent"
|
||||||
)
|
)
|
||||||
client = Client.objects.create(
|
client = Client.objects.create(
|
||||||
name="grafana",
|
name="grafana",
|
||||||
|
|
|
@ -17,17 +17,17 @@ def create_default_provider_authz_flow(
|
||||||
|
|
||||||
db_alias = schema_editor.connection.alias
|
db_alias = schema_editor.connection.alias
|
||||||
|
|
||||||
# Empty flow for providers where no consent is needed
|
# Empty flow for providers where consent is implicitly given
|
||||||
Flow.objects.create(
|
Flow.objects.create(
|
||||||
name="default-provider-authorization",
|
name="Authorize Application",
|
||||||
slug="default-provider-authorization",
|
slug="default-provider-authorization-implicit-consent",
|
||||||
designation=FlowDesignation.AUTHORIZATION,
|
designation=FlowDesignation.AUTHORIZATION,
|
||||||
)
|
)
|
||||||
|
|
||||||
# Flow with consent form to obtain user consent for authorization
|
# Flow with consent form to obtain explicit user consent
|
||||||
flow = Flow.objects.create(
|
flow = Flow.objects.create(
|
||||||
name="default-provider-authorization-consent",
|
name="Authorize Application",
|
||||||
slug="default-provider-authorization-consent",
|
slug="default-provider-authorization-explicit-consent",
|
||||||
designation=FlowDesignation.AUTHORIZATION,
|
designation=FlowDesignation.AUTHORIZATION,
|
||||||
)
|
)
|
||||||
stage = ConsentStage.objects.create(name="default-provider-authorization-consent")
|
stage = ConsentStage.objects.create(name="default-provider-authorization-consent")
|
||||||
|
|
|
@ -59,6 +59,7 @@ class FlowPlan:
|
||||||
self.markers.remove(marker)
|
self.markers.remove(marker)
|
||||||
if not self.has_stages:
|
if not self.has_stages:
|
||||||
return None
|
return None
|
||||||
|
# pylint: disable=not-callable
|
||||||
return self.next()
|
return self.next()
|
||||||
return marked_stage
|
return marked_stage
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
"""passbook OIDC Views"""
|
"""passbook OIDC Views"""
|
||||||
from passbook.stages.consent.stage import PLAN_CONTEXT_CONSENT_TEMPLATE
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||||
from django.http import HttpRequest, HttpResponse, JsonResponse
|
from django.http import HttpRequest, HttpResponse, JsonResponse
|
||||||
|
@ -24,12 +23,14 @@ from passbook.flows.stage import StageView
|
||||||
from passbook.flows.views import SESSION_KEY_PLAN
|
from passbook.flows.views import SESSION_KEY_PLAN
|
||||||
from passbook.lib.utils.urls import redirect_with_qs
|
from passbook.lib.utils.urls import redirect_with_qs
|
||||||
from passbook.providers.oidc.models import OpenIDProvider
|
from passbook.providers.oidc.models import OpenIDProvider
|
||||||
|
from passbook.stages.consent.stage import PLAN_CONTEXT_CONSENT_TEMPLATE
|
||||||
|
|
||||||
LOGGER = get_logger()
|
LOGGER = get_logger()
|
||||||
|
|
||||||
PLAN_CONTEXT_PARAMS = "params"
|
PLAN_CONTEXT_PARAMS = "params"
|
||||||
PLAN_CONTEXT_SCOPES = "scopes"
|
PLAN_CONTEXT_SCOPES = "scopes"
|
||||||
|
|
||||||
|
|
||||||
class AuthorizationFlowInitView(AccessMixin, LoginRequiredMixin, View):
|
class AuthorizationFlowInitView(AccessMixin, LoginRequiredMixin, View):
|
||||||
"""OIDC Flow initializer, checks access to application and starts flow"""
|
"""OIDC Flow initializer, checks access to application and starts flow"""
|
||||||
|
|
||||||
|
@ -61,7 +62,7 @@ class AuthorizationFlowInitView(AccessMixin, LoginRequiredMixin, View):
|
||||||
PLAN_CONTEXT_APPLICATION: application,
|
PLAN_CONTEXT_APPLICATION: application,
|
||||||
PLAN_CONTEXT_PARAMS: endpoint.params,
|
PLAN_CONTEXT_PARAMS: endpoint.params,
|
||||||
PLAN_CONTEXT_SCOPES: endpoint.get_scopes_information(),
|
PLAN_CONTEXT_SCOPES: endpoint.get_scopes_information(),
|
||||||
PLAN_CONTEXT_CONSENT_TEMPLATE: "providers/oidc/consent.html"
|
PLAN_CONTEXT_CONSENT_TEMPLATE: "providers/oidc/consent.html",
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
plan.append(in_memory_stage(OIDCStage))
|
plan.append(in_memory_stage(OIDCStage))
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
"""passbook consent stage"""
|
"""passbook consent stage"""
|
||||||
from typing import List, Dict, Any
|
from typing import Any, Dict, List
|
||||||
|
|
||||||
from django.views.generic import FormView
|
from django.views.generic import FormView
|
||||||
|
|
||||||
|
@ -16,8 +16,8 @@ class ConsentStage(FormView, StageView):
|
||||||
|
|
||||||
def get_context_data(self, **kwargs: Dict[str, Any]) -> Dict[str, Any]:
|
def get_context_data(self, **kwargs: Dict[str, Any]) -> Dict[str, Any]:
|
||||||
kwargs = super().get_context_data(**kwargs)
|
kwargs = super().get_context_data(**kwargs)
|
||||||
kwargs['current_stage'] = self.executor.current_stage
|
kwargs["current_stage"] = self.executor.current_stage
|
||||||
kwargs['context'] = self.executor.plan.context
|
kwargs["context"] = self.executor.plan.context
|
||||||
return kwargs
|
return kwargs
|
||||||
|
|
||||||
def get_template_names(self) -> List[str]:
|
def get_template_names(self) -> List[str]:
|
||||||
|
|
Reference in a new issue