def social_auth(request, backend): """Wrapper around social_django.views.auth. - Requires POST (to avoid CSRF on auth) - Stores current user in session (to avoid CSRF upon completion) """ store_userid(request) return auth(request, backend)
def social_auth(request, backend): """Wrapper around social_django.views.auth. - requires POST (to avoid CSRF on auth) - it stores current user in session (to avoid CSRF on complete) """ store_userid(request) return auth(request, backend)
def sso_login(request: HttpRequest, backend: str) -> HttpResponse: sso_providers = get_available_sso_providers() if backend not in sso_providers: return redirect(f"/login?error_code=invalid_sso_provider") if not sso_providers[backend]: return redirect(f"/login?error_code=improperly_configured_sso") return auth(request, backend)
def process_request(self, request): """ Check multidomain cookie and if user is authenticated on sso, login it on edx. """ backend = "custom-oauth2" current_url = request.get_full_path() # don't work for admin for attr in ['SOCIAL_AUTH_EXCLUDE_URL_PATTERN', 'AUTOCOMPLETE_EXCLUDE_URL_PATTERN']: if hasattr(settings, attr): r = re.compile(getattr(settings, attr)) if r.match(current_url): return None auth_cookie = request.COOKIES.get(self.cookie_name, '0').lower() auth_cookie_user = request.COOKIES.get('{}_user'.format(self.cookie_name)) auth_cookie = (auth_cookie in ('1', 'true', 'ok')) continue_url = reverse('{0}:complete'.format(NAMESPACE), args=(backend,)) is_auth = request.user.is_authenticated() is_same_user = (request.user.username == auth_cookie_user) # Check for infinity redirection loop is_continue = (continue_url in current_url) if (auth_cookie and not is_continue and (not is_auth or not is_same_user)) or \ ('force_auth' in request.session and request.session.pop('force_auth')): query_dict = request.GET.copy() query_dict[REDIRECT_FIELD_NAME] = current_url query_dict['auth_entry'] = 'login' request.GET = query_dict logout(request) return auth(request, backend) elif not auth_cookie and is_auth: # Logout if user isn't logined on sso logout(request) return None