def to_stage_response(request: HttpRequest,
source: HttpResponse) -> HttpResponse:
"""Convert normal HttpResponse into JSON Response"""
if isinstance(source, HttpResponseRedirect) or source.status_code == 302:
redirect_url = source["Location"]
# Redirects to the same URL usually indicate an Error within a form
if request.get_full_path() == redirect_url:
return source
LOGGER.debug(
"converting to redirect challenge",
to=str(redirect_url),
current=request.path,
)
return HttpChallengeResponse(
RedirectChallenge({
"type": ChallengeTypes.REDIRECT,
"to": str(redirect_url),
}))
if isinstance(source, TemplateResponse):
return HttpChallengeResponse(
ShellChallenge({
"type": ChallengeTypes.SHELL,
"body": source.render().content.decode("utf-8"),
}))
# Check for actual HttpResponse (without isinstance as we don't want to check inheritance)
if source.__class__ == HttpResponse:
return HttpChallengeResponse(
ShellChallenge({
"type": ChallengeTypes.SHELL,
"body": source.content.decode("utf-8"),
}))
return source
def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
"""Return a challenge for the frontend to solve"""
challenge = self._get_challenge(*args, **kwargs)
if not challenge.is_valid():
LOGGER.warning(challenge.errors,
stage_view=self,
challenge=challenge)
return HttpChallengeResponse(challenge)
def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
"""Return a challenge for the frontend to solve"""
challenge = self._get_challenge(*args, **kwargs)
if not challenge.is_valid():
LOGGER.warning(
"f(ch): Invalid challenge",
binding=self.executor.current_binding,
errors=challenge.errors,
stage_view=self,
challenge=challenge,
)
return HttpChallengeResponse(challenge)
def challenge_invalid(self, response: ChallengeResponse) -> HttpResponse:
"""Callback when the challenge has the incorrect format"""
challenge_response = self._get_challenge()
full_errors = {}
for field, errors in response.errors.items():
for error in errors:
full_errors.setdefault(field, [])
full_errors[field].append({
"string": str(error),
"code": error.code,
})
challenge_response.initial_data["response_errors"] = full_errors
if not challenge_response.is_valid():
LOGGER.warning(challenge_response.errors)
return HttpChallengeResponse(challenge_response)
def stage_invalid(self,
error_message: Optional[str] = None) -> HttpResponse:
"""Callback used stage when data is correct but a policy denies access
or the user account is disabled.
Optionally, an exception can be passed, which will be shown if the current user
is a superuser."""
self._logger.debug("f(exec): Stage invalid")
self.cancel()
response = HttpChallengeResponse(
AccessDeniedChallenge({
"error_message": error_message,
"title": self.flow.title,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-access-denied",
}))
return to_stage_response(self.request, response)