flows: change wording of consent on flows

This commit is contained in:
Jens Langhammer 2020-06-19 20:33:35 +02:00
parent 12525051b6
commit 03b1a67b44
5 changed files with 24 additions and 17 deletions

View file

@ -77,6 +77,7 @@ class TestProviderOIDC(StaticLiveServerTestCase):
def test_redirect_uri_error(self): def test_redirect_uri_error(self):
"""test OpenID Provider flow (invalid redirect URI, check error message)""" """test OpenID Provider flow (invalid redirect URI, check error message)"""
sleep(1)
# Bootstrap all needed objects # Bootstrap all needed objects
authorization_flow = Flow.objects.get(slug="default-provider-authorization") authorization_flow = Flow.objects.get(slug="default-provider-authorization")
client = Client.objects.create( client = Client.objects.create(
@ -113,10 +114,13 @@ class TestProviderOIDC(StaticLiveServerTestCase):
"Redirect URI Error", "Redirect URI Error",
) )
def test_authorization_no_consent(self): def test_authorization_consent_implied(self):
"""test OpenID Provider flow (default authorization flow without consent)""" """test OpenID Provider flow (default authorization flow with implied consent)"""
sleep(1)
# Bootstrap all needed objects # Bootstrap all needed objects
authorization_flow = Flow.objects.get(slug="default-provider-authorization") authorization_flow = Flow.objects.get(
slug="default-provider-authorization-implicit-consent"
)
client = Client.objects.create( client = Client.objects.create(
name="grafana", name="grafana",
client_type="confidential", client_type="confidential",
@ -174,11 +178,12 @@ class TestProviderOIDC(StaticLiveServerTestCase):
"root@localhost", "root@localhost",
) )
def test_authorization_consent(self): def test_authorization_consent_explicit(self):
"""test OpenID Provider flow (default authorization flow with consent)""" """test OpenID Provider flow (default authorization flow with explicit consent)"""
sleep(1)
# Bootstrap all needed objects # Bootstrap all needed objects
authorization_flow = Flow.objects.get( authorization_flow = Flow.objects.get(
slug="default-provider-authorization-consent" slug="default-provider-authorization-explicit-consent"
) )
client = Client.objects.create( client = Client.objects.create(
name="grafana", name="grafana",

View file

@ -17,17 +17,17 @@ def create_default_provider_authz_flow(
db_alias = schema_editor.connection.alias db_alias = schema_editor.connection.alias
# Empty flow for providers where no consent is needed # Empty flow for providers where consent is implicitly given
Flow.objects.create( Flow.objects.create(
name="default-provider-authorization", name="Authorize Application",
slug="default-provider-authorization", slug="default-provider-authorization-implicit-consent",
designation=FlowDesignation.AUTHORIZATION, designation=FlowDesignation.AUTHORIZATION,
) )
# Flow with consent form to obtain user consent for authorization # Flow with consent form to obtain explicit user consent
flow = Flow.objects.create( flow = Flow.objects.create(
name="default-provider-authorization-consent", name="Authorize Application",
slug="default-provider-authorization-consent", slug="default-provider-authorization-explicit-consent",
designation=FlowDesignation.AUTHORIZATION, designation=FlowDesignation.AUTHORIZATION,
) )
stage = ConsentStage.objects.create(name="default-provider-authorization-consent") stage = ConsentStage.objects.create(name="default-provider-authorization-consent")

View file

@ -59,6 +59,7 @@ class FlowPlan:
self.markers.remove(marker) self.markers.remove(marker)
if not self.has_stages: if not self.has_stages:
return None return None
# pylint: disable=not-callable
return self.next() return self.next()
return marked_stage return marked_stage

View file

@ -1,5 +1,4 @@
"""passbook OIDC Views""" """passbook OIDC Views"""
from passbook.stages.consent.stage import PLAN_CONTEXT_CONSENT_TEMPLATE
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin
from django.http import HttpRequest, HttpResponse, JsonResponse from django.http import HttpRequest, HttpResponse, JsonResponse
@ -24,12 +23,14 @@ from passbook.flows.stage import StageView
from passbook.flows.views import SESSION_KEY_PLAN from passbook.flows.views import SESSION_KEY_PLAN
from passbook.lib.utils.urls import redirect_with_qs from passbook.lib.utils.urls import redirect_with_qs
from passbook.providers.oidc.models import OpenIDProvider from passbook.providers.oidc.models import OpenIDProvider
from passbook.stages.consent.stage import PLAN_CONTEXT_CONSENT_TEMPLATE
LOGGER = get_logger() LOGGER = get_logger()
PLAN_CONTEXT_PARAMS = "params" PLAN_CONTEXT_PARAMS = "params"
PLAN_CONTEXT_SCOPES = "scopes" PLAN_CONTEXT_SCOPES = "scopes"
class AuthorizationFlowInitView(AccessMixin, LoginRequiredMixin, View): class AuthorizationFlowInitView(AccessMixin, LoginRequiredMixin, View):
"""OIDC Flow initializer, checks access to application and starts flow""" """OIDC Flow initializer, checks access to application and starts flow"""
@ -61,7 +62,7 @@ class AuthorizationFlowInitView(AccessMixin, LoginRequiredMixin, View):
PLAN_CONTEXT_APPLICATION: application, PLAN_CONTEXT_APPLICATION: application,
PLAN_CONTEXT_PARAMS: endpoint.params, PLAN_CONTEXT_PARAMS: endpoint.params,
PLAN_CONTEXT_SCOPES: endpoint.get_scopes_information(), PLAN_CONTEXT_SCOPES: endpoint.get_scopes_information(),
PLAN_CONTEXT_CONSENT_TEMPLATE: "providers/oidc/consent.html" PLAN_CONTEXT_CONSENT_TEMPLATE: "providers/oidc/consent.html",
}, },
) )
plan.append(in_memory_stage(OIDCStage)) plan.append(in_memory_stage(OIDCStage))

View file

@ -1,5 +1,5 @@
"""passbook consent stage""" """passbook consent stage"""
from typing import List, Dict, Any from typing import Any, Dict, List
from django.views.generic import FormView from django.views.generic import FormView
@ -16,8 +16,8 @@ class ConsentStage(FormView, StageView):
def get_context_data(self, **kwargs: Dict[str, Any]) -> Dict[str, Any]: def get_context_data(self, **kwargs: Dict[str, Any]) -> Dict[str, Any]:
kwargs = super().get_context_data(**kwargs) kwargs = super().get_context_data(**kwargs)
kwargs['current_stage'] = self.executor.current_stage kwargs["current_stage"] = self.executor.current_stage
kwargs['context'] = self.executor.plan.context kwargs["context"] = self.executor.plan.context
return kwargs return kwargs
def get_template_names(self) -> List[str]: def get_template_names(self) -> List[str]: