Fixed SAML issues on logout redirections

2025-02-18 17:57:41 +03:00 · 2020-11-26 11:25:22 +01:00 · 2020-11-26 11:25:22 +01:00 · 45461844b1
commit 45461844b1
parent a70e7a269b
2 changed files with 15 additions and 13 deletions
--- a/server/src/uds/core/auths/auth.py
+++ b/server/src/uds/core/auths/auth.py
@ -319,26 +319,27 @@ def webLogout(request: HttpRequest, exit_url: typing.Optional[str] = None) -> Ht
    Helper function to clear user related data from session. If this method is not used, the session we be cleaned anyway
    by django in regular basis.
    """
+    if exit_url is None:
+        exit_url = request.build_absolute_uri(reverse('page.logout'))
+        # exit_url = GlobalConfig.LOGIN_URL.get()
+        # if GlobalConfig.REDIRECT_TO_HTTPS.getBool() is True:
+        #     exit_url = exit_url.replace('http://', 'https://')

    if request.user:
-        authenticator = request.user.manager.getInstance()
+        authenticator: 'auths.Authenticator' = request.user.manager.getInstance()
        username = request.user.name
        exit_url = authenticator.logout(username) or exit_url
        if request.user.id != ROOT_ID:
            # Try yo invoke logout of auth
            events.addEvent(request.user.manager, events.ET_LOGOUT, username=request.user.name, srcip=request.ip)
-    else:  # No user, redirect to /
-        return HttpResponseRedirect(reverse('page.login'))
-
-    request.session.clear()
-    if exit_url is None:
-        exit_url = reverse('page.logout')
-        # exit_url = GlobalConfig.LOGIN_URL.get()
-        # if GlobalConfig.REDIRECT_TO_HTTPS.getBool() is True:
-        #     exit_url = exit_url.replace('http://', 'https://')
+    else:  # No user, redirect to logout page directly
+        return HttpResponseRedirect(exit_url)

    # Try to delete session
-    response = HttpResponseRedirect(request.build_absolute_uri(exit_url))
+    request.session.clear()
+
+    response = HttpResponseRedirect(exit_url)
+
    if authenticator:
        authenticator.webLogoutHook(username, request, response)
    return response
--- a/server/src/uds/web/views/auth.py
+++ b/server/src/uds/web/views/auth.py
@ -72,6 +72,7 @@ def authCallback(request: HttpRequest, authName: str) -> HttpResponse:
        authenticator = Authenticator.objects.get(name=authName)
        params = request.GET.copy()
        params.update(request.POST)
+        params['_query'] = request.META.get('QUERY_STRING', '')

        logger.debug('Auth callback for %s with params %s', authenticator, params.keys())

@ -110,9 +111,9 @@ def authCallback_stage2(request: HttpRequest, ticketId: str) -> HttpResponse:

        return response
    except auths.exceptions.Redirect as e:
-        return HttpResponseRedirect(request.build_absolute_uri(str(e)))
+        return HttpResponseRedirect(request.build_absolute_uri(str(e)) if e.args and e.args[0] else '/' )
    except auths.exceptions.Logout as e:
-        return webLogout(request, request.build_absolute_uri(str(e)))
+        return webLogout(request, request.build_absolute_uri(str(e)) if e.args and e.args[0] else None)
    except Exception as e:
        logger.exception('authCallback')
        return errors.exceptionView(request, e)