providers/saml: fix AccessRequiredView.dispatch not being called
This commit is contained in:
Jens Langhammer
parent
c5b91bdae8
commit
b8daab4377
|
|
@ -83,30 +83,29 @@ class LoginBeginView(AccessRequiredView):
|
||||||
"""Receives a SAML 2.0 AuthnRequest from a Service Provider and
|
"""Receives a SAML 2.0 AuthnRequest from a Service Provider and
|
||||||
stores it in the session prior to enforcing login."""
|
stores it in the session prior to enforcing login."""
|
||||||
|
|
||||||
@method_decorator(csrf_exempt)
|
def handler(self, source, application: str) -> HttpResponse:
|
||||||
def dispatch(self, request: HttpRequest, application: str) -> HttpResponse:
|
"""Handle SAML Request whether its a POST or a Redirect binding"""
|
||||||
if request.method == "POST":
|
|
||||||
source = request.POST
|
|
||||||
else:
|
|
||||||
source = request.GET
|
|
||||||
|
|
||||||
# Store these values now, because Django's login cycle won't preserve them.
|
# Store these values now, because Django's login cycle won't preserve them.
|
||||||
try:
|
try:
|
||||||
request.session[SESSION_KEY_SAML_REQUEST] = source[SESSION_KEY_SAML_REQUEST]
|
self.request.session[SESSION_KEY_SAML_REQUEST] = source[
|
||||||
|
SESSION_KEY_SAML_REQUEST
|
||||||
|
]
|
||||||
except (KeyError, MultiValueDictKeyError):
|
except (KeyError, MultiValueDictKeyError):
|
||||||
return bad_request_message(request, "The SAML request payload is missing.")
|
return bad_request_message(
|
||||||
|
self.request, "The SAML request payload is missing."
|
||||||
|
)
|
||||||
|
|
||||||
request.session[SESSION_KEY_RELAY_STATE] = source.get(
|
self.request.session[SESSION_KEY_RELAY_STATE] = source.get(
|
||||||
SESSION_KEY_RELAY_STATE, ""
|
SESSION_KEY_RELAY_STATE, ""
|
||||||
)
|
)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
self.provider.processor.can_handle(request)
|
self.provider.processor.can_handle(self.request)
|
||||||
params = self.provider.processor.generate_response()
|
params = self.provider.processor.generate_response()
|
||||||
request.session[SESSION_KEY_PARAMS] = params
|
self.request.session[SESSION_KEY_PARAMS] = params
|
||||||
except CannotHandleAssertion as exc:
|
except CannotHandleAssertion as exc:
|
||||||
LOGGER.info(exc)
|
LOGGER.info(exc)
|
||||||
did_you_mean_link = request.build_absolute_uri(
|
did_you_mean_link = self.request.build_absolute_uri(
|
||||||
reverse(
|
reverse(
|
||||||
"passbook_providers_saml:saml-login-initiate",
|
"passbook_providers_saml:saml-login-initiate",
|
||||||
kwargs={"application": application},
|
kwargs={"application": application},
|
||||||
|
|
@ -116,7 +115,7 @@ class LoginBeginView(AccessRequiredView):
|
||||||
f" Did you mean to go <a href='{did_you_mean_link}'>here</a>?"
|
f" Did you mean to go <a href='{did_you_mean_link}'>here</a>?"
|
||||||
)
|
)
|
||||||
return bad_request_message(
|
return bad_request_message(
|
||||||
request, mark_safe(str(exc) + did_you_mean_message)
|
self.request, mark_safe(str(exc) + did_you_mean_message)
|
||||||
)
|
)
|
||||||
|
|
||||||
return redirect(
|
return redirect(
|
||||||
|
|
@ -126,6 +125,16 @@ class LoginBeginView(AccessRequiredView):
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@method_decorator(csrf_exempt)
|
||||||
|
def get(self, request: HttpRequest, application: str) -> HttpResponse:
|
||||||
|
"""Handle REDIRECT bindings"""
|
||||||
|
return self.handler(request.GET, application)
|
||||||
|
|
||||||
|
@method_decorator(csrf_exempt)
|
||||||
|
def post(self, request: HttpRequest, application: str) -> HttpResponse:
|
||||||
|
"""Handle POST Bindings"""
|
||||||
|
return self.handler(request.POST, application)
|
||||||
|
|
||||||
|
|
||||||
class InitiateLoginView(AccessRequiredView):
|
class InitiateLoginView(AccessRequiredView):
|
||||||
"""IdP-initiated Login"""
|
"""IdP-initiated Login"""
|
||||||
|
|
|
||||||
Reference in New Issue