D8451.diff
View Options

	diff --git a/docs/django.rst b/docs/django.rst
	--- a/docs/django.rst
	+++ b/docs/django.rst
	@@ -91,7 +91,7 @@

	- ``oidc-login`` (``/oidc/login/`` URL path): initiate authentication flow

	-- ``oidc-logout`` (``/oidc/logout/`` URL path): terminate OIDC user session, a ``next_path``
	+- ``oidc-logout`` (``/oidc/logout/`` URL path): terminate OIDC user session, a ``next``
	query parameter can be used to redirect to a view of choice once a user is logged out

	Add ``swh.auth.django.views.urlpatterns`` to your Django application URLs to use them.
	@@ -110,7 +110,7 @@

	The following query parameter will be set for that view:

	-- ``next_path``: requested URL before the detection of the OIDC session expiration
	+- ``next``: requested URL before the detection of the OIDC session expiration

	- ``remote_user``: indicates that the user was previously authenticated with OIDC

	diff --git a/swh/auth/django/backends.py b/swh/auth/django/backends.py
	--- a/swh/auth/django/backends.py
	+++ b/swh/auth/django/backends.py
	@@ -75,7 +75,7 @@
	application views

	* once a user is logged in, add an HTML link targeting the ``"oidc-logout"``
	- django view in your application views (a ``next_path`` query parameter
	+ django view in your application views (a ``next`` query parameter
	can be used to redirect to a view of choice once the user is logged out)

	"""
	diff --git a/swh/auth/django/middlewares.py b/swh/auth/django/middlewares.py
	--- a/swh/auth/django/middlewares.py
	+++ b/swh/auth/django/middlewares.py
	@@ -23,7 +23,7 @@

	The following query parameter will be set for that view:

	- * ``next_path``: requested URL before the detection of the session expiration
	+ * ``next``: requested URL before the detection of the session expiration
	* ``remote_user``: indicates that the user was previously authenticated with OIDC

	"""
	@@ -61,8 +61,8 @@
	# At that point, we know that a OIDC user was previously logged in
	# and his session has expired.
	# Redirect to a view specified in django settings.
	- next_path = request.get_full_path()
	+ next = request.get_full_path()
	logout_url = reverse(
	- self.redirect_view, query_params={"next_path": next_path, "remote_user": 1}
	+ self.redirect_view, query_params={"next": next, "remote_user": 1}
	)
	return HttpResponseRedirect(logout_url)
	diff --git a/swh/auth/django/views.py b/swh/auth/django/views.py
	--- a/swh/auth/django/views.py
	+++ b/swh/auth/django/views.py
	@@ -39,7 +39,7 @@
	"code_verifier": code_verifier,
	"state": state,
	"redirect_uri": redirect_uri,
	- "next_path": request.GET.get("next_path", ""),
	+ "next": request.GET.get("next", ""),
	}

	authorization_url_params = {
	@@ -107,7 +107,7 @@
	except Exception as e:
	return HttpResponseServerError(str(e))

	- next_path = login_data["next_path"] or request.build_absolute_uri("/")
	+ next = login_data["next"] or request.build_absolute_uri("/")

	user = authenticate(
	request=request,
	@@ -121,7 +121,7 @@

	login(request, user)

	- return HttpResponseRedirect(next_path)
	+ return HttpResponseRedirect(next)


	def oidc_logout(request: HttpRequest) -> HttpResponse:
	@@ -142,7 +142,7 @@
	# remove user data from cache
	cache.delete(oidc_profile_cache_key(oidc_client, user.id))

	- return HttpResponseRedirect(request.GET.get("next_path", "/"))
	+ return HttpResponseRedirect(request.GET.get("next", "/"))


	urlpatterns = [
	diff --git a/swh/auth/tests/django/test_middlewares.py b/swh/auth/tests/django/test_middlewares.py
	--- a/swh/auth/tests/django/test_middlewares.py
	+++ b/swh/auth/tests/django/test_middlewares.py
	@@ -65,7 +65,5 @@
	# should redirect to logout page
	response = client.get(url)
	assert response.status_code == 302
	- silent_refresh_url = reverse(
	- "logout", query_params={"next_path": url, "remote_user": 1}
	- )
	+ silent_refresh_url = reverse("logout", query_params={"next": url, "remote_user": 1})
	assert response["location"] == silent_refresh_url
	diff --git a/swh/auth/tests/django/test_views.py b/swh/auth/tests/django/test_views.py
	--- a/swh/auth/tests/django/test_views.py
	+++ b/swh/auth/tests/django/test_views.py
	@@ -118,15 +118,15 @@
	keycloak_oidc.authorization_code.assert_called()

	# user initiates logout
	- next_path = reverse("root")
	- oidc_logout_url = reverse("oidc-logout", query_params={"next_path": next_path})
	+ next = reverse("root")
	+ oidc_logout_url = reverse("oidc-logout", query_params={"next": next})

	# should redirect to logout page
	response = client.get(oidc_logout_url)
	assert response.status_code == 302

	request = response.wsgi_request
	- assert response["location"] == next_path
	+ assert response["location"] == next

	# should have been logged out in Keycloak
	oidc_profile = keycloak_oidc.login()
	@@ -176,7 +176,7 @@
	"code_verifier": "",
	"state": str(uuid.uuid4()),
	"redirect_uri": "",
	- "next_path": "",
	+ "next": "",
	}
	session.save()

	@@ -202,7 +202,7 @@
	"code_verifier": "",
	"state": str(uuid.uuid4()),
	"redirect_uri": "",
	- "next_path": "",
	+ "next": "",
	}
	session.save()

	@@ -233,7 +233,7 @@
	"code_verifier": "",
	"state": str(uuid.uuid4()),
	"redirect_uri": "",
	- "next_path": "",
	+ "next": "",
	}
	session.save()

File Metadata

Mime Type: text/plain
Expires: Thu, Jan 30, 2:40 PM (7 h, 51 m ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 3225557

D8451.diff
No OneTemporary
Actions

D8451.diff
View Options

File Metadata

Event Timeline

D8451.diffNo OneTemporaryActions

D8451.diffView Options

File Metadata

Event Timeline

D8451.diff
No OneTemporary
Actions

D8451.diff
View Options