mirror of
https://github.com/ansible/awx.git
synced 2024-10-31 06:51:10 +03:00
properly detect settings.AUTHENTICATION_BACKEND changes for SSO logins
see: https://github.com/ansible/tower/issues/1979
This commit is contained in:
parent
1733a20094
commit
c3bda8e259
@ -8,12 +8,14 @@ import urllib
|
||||
import six
|
||||
|
||||
# Django
|
||||
from django.conf import settings
|
||||
from django.utils.functional import LazyObject
|
||||
from django.shortcuts import redirect
|
||||
|
||||
# Python Social Auth
|
||||
from social_core.exceptions import SocialAuthBaseException
|
||||
from social_core.utils import social_logger
|
||||
from social_django import utils
|
||||
from social_django.middleware import SocialAuthExceptionMiddleware
|
||||
|
||||
|
||||
@ -24,6 +26,19 @@ class SocialAuthMiddleware(SocialAuthExceptionMiddleware):
|
||||
request.session['social_auth_last_backend'] = callback_kwargs['backend']
|
||||
|
||||
def process_request(self, request):
|
||||
if request.path.startswith('/sso'):
|
||||
# django-social keeps a list of backends in memory that it gathers
|
||||
# based on the value of settings.AUTHENTICATION_BACKENDS *at import
|
||||
# time*:
|
||||
# https://github.com/python-social-auth/social-app-django/blob/c1e2795b00b753d58a81fa6a0261d8dae1d9c73d/social_django/utils.py#L13
|
||||
#
|
||||
# our settings.AUTHENTICATION_BACKENDS can *change*
|
||||
# dynamically as Tower settings are changed (i.e., if somebody
|
||||
# configures Github OAuth2 integration), so we need to
|
||||
# _overwrite_ this in-memory value at the top of every request so
|
||||
# that we have the latest version
|
||||
# see: https://github.com/ansible/tower/issues/1979
|
||||
utils.BACKENDS = settings.AUTHENTICATION_BACKENDS
|
||||
token_key = request.COOKIES.get('token', '')
|
||||
token_key = urllib.quote(urllib.unquote(token_key).strip('"'))
|
||||
|
||||
|
@ -13,6 +13,7 @@ from django.core.wsgi import WSGIHandler # NOQA
|
||||
import django # NOQA
|
||||
from django.conf import settings # NOQA
|
||||
from django.urls import resolve # NOQA
|
||||
import social_django # NOQA
|
||||
|
||||
|
||||
"""
|
||||
@ -34,6 +35,11 @@ if MODE == 'production':
|
||||
logger.error("Missing or incorrect metadata for Tower version. Ensure Tower was installed using the setup playbook.")
|
||||
raise Exception("Missing or incorrect metadata for Tower version. Ensure Tower was installed using the setup playbook.")
|
||||
|
||||
if social_django.__version__ != '2.1.0':
|
||||
raise RuntimeError("social_django version other than 2.1.0 detected {}. \
|
||||
Confirm that per-request social_django.utils.BACKENDS override \
|
||||
still works".format(social_django.__version__))
|
||||
|
||||
|
||||
if django.__version__ != '1.11.11':
|
||||
raise RuntimeError("Django version other than 1.11.11 detected {}. \
|
||||
|
Loading…
Reference in New Issue
Block a user