def get(self, request, *args, **kwargs): id_token_hint = request.GET.get('id_token_hint', '') post_logout_redirect_uri = request.GET.get('post_logout_redirect_uri', '') state = request.GET.get('state', '') client = None next_page = settings.get('OIDC_LOGIN_URL') after_end_session_hook = settings.get('OIDC_AFTER_END_SESSION_HOOK', import_str=True) if id_token_hint: client_id = client_id_from_id_token(id_token_hint) try: client = Client.objects.get(client_id=client_id) if post_logout_redirect_uri in client.post_logout_redirect_uris: if state: uri = urlsplit(post_logout_redirect_uri) query_params = parse_qs(uri.query) query_params['state'] = state uri = uri._replace(query=urlencode(query_params, doseq=True)) next_page = urlunsplit(uri) else: next_page = post_logout_redirect_uri except Client.DoesNotExist: pass after_end_session_hook( request=request, id_token=id_token_hint, post_logout_redirect_uri=post_logout_redirect_uri, state=state, client=client, next_page=next_page ) return logout(request, next_page=next_page)
def _create_suomifi_logout_response(social_user, user, request, redirect_url): """Creates Suomi.fi logout redirect response for given social_user and removes all related OIDC tokens. The user is directed to redirect_url after succesful Suomi.fi logout. """ token = '' saml_backend = load_backend(load_strategy(request), 'suomifi', redirect_uri=getattr( settings, 'LOGIN_URL')) id_token_hint = request.GET.get('id_token_hint') if id_token_hint: client_id = client_id_from_id_token(id_token_hint) try: client = Client.objects.get(client_id=client_id) if redirect_url in client.post_logout_redirect_uris: token = saml_backend.create_return_token( client_id, client.post_logout_redirect_uris.index(redirect_url)) except Client.DoesNotExist: pass response = saml_backend.create_logout_redirect(social_user, token) for token in Token.objects.filter(user=user): if token.id_token.get('aud') == client_id: token.delete() return response
def _create_suomifi_logout_response(social_user, user, request, redirect_url): """Creates Suomi.fi logout redirect response for given social_user and removes all related OIDC tokens. The user is directed to redirect_url after succesful Suomi.fi logout. """ token = '' saml_backend = load_backend( load_strategy(request), 'suomifi', redirect_uri=getattr(settings, 'LOGIN_URL') ) id_token_hint = request.GET.get('id_token_hint') if id_token_hint: client_id = client_id_from_id_token(id_token_hint) try: client = Client.objects.get(client_id=client_id) if redirect_url in client.post_logout_redirect_uris: token = saml_backend.create_return_token( client_id, client.post_logout_redirect_uris.index(redirect_url)) except Client.DoesNotExist: pass response = saml_backend.create_logout_redirect(social_user, token) for token in Token.objects.filter(user=user): if token.id_token.get('aud') == client_id: token.delete() return response
def get(self, request, *args, **kwargs): id_token_hint = request.GET.get('id_token_hint', '') post_logout_redirect_uri = request.GET.get('post_logout_redirect_uri', '') state = request.GET.get('state', '') next_page = settings.get('LOGIN_URL') if id_token_hint: client_id = client_id_from_id_token(id_token_hint) try: client = Client.objects.get(client_id=client_id) if post_logout_redirect_uri in client.post_logout_redirect_uris: if state: uri = urlsplit(post_logout_redirect_uri) query_params = parse_qs(uri.query) query_params['state'] = state uri = uri._replace( query=urlencode(query_params, doseq=True)) next_page = urlunsplit(uri) else: next_page = post_logout_redirect_uri except Client.DoesNotExist: pass return logout(request, next_page=next_page)
def create_logout_response(self, social_user, redirect_uri): """Creates Suomi.fi logout redirect response for given social_user and removes all related OIDC tokens. The user is directed to redirect_url after succesful Suomi.fi logout. """ request = self.strategy.request id_token_hint = request.GET.get('id_token_hint') if id_token_hint: client_id = client_id_from_id_token(id_token_hint) try: client = Client.objects.get(client_id=client_id) if redirect_uri in client.post_logout_redirect_uris: token = self.create_return_token( client_id, client.post_logout_redirect_uris.index(redirect_uri)) except Client.DoesNotExist: pass response = self.create_logout_redirect(social_user, token) for token in Token.objects.filter(user=social_user.user): if client_id and token.id_token.get('aud') == client_id: token.delete() return response
def _get_client(self) -> typing.Optional[Client]: client = None if self._id_token_hint: client_id = client_id_from_id_token(self._id_token_hint) try: client = Client.objects.get(client_id=client_id) except Client.DoesNotExist: pass return client
def get(self, request, *args, **kwargs): id_token_hint = request.GET.get('id_token_hint', '') post_logout_redirect_uri = request.GET.get('post_logout_redirect_uri', '') state = request.GET.get('state', '') next_page = settings.get('LOGIN_URL') if id_token_hint: client = None if '.' in id_token_hint: # looks like JWT try: client = Client.objects.get( client_id=client_id_from_id_token(id_token_hint)) except Client.DoesNotExist: pass else: # in hope it's access_token try: client = Token.objects.select_related('client').get( access_token=id_token_hint).client except Token.DoesNotExist: pass if client is not None: if post_logout_redirect_uri in client.post_logout_redirect_uris: if state: uri = urlsplit(post_logout_redirect_uri) query_params = parse_qs(uri.query) query_params['state'] = state uri = uri._replace( query=urlencode(query_params, doseq=True)) next_page = urlunsplit(uri) else: next_page = post_logout_redirect_uri return logout(request, next_page=next_page)
def get(self, request, *args, **kwargs): id_token_hint = request.GET.get('id_token_hint', '') post_logout_redirect_uri = request.GET.get('post_logout_redirect_uri', '') state = request.GET.get('state', '') next_page = settings.get('LOGIN_URL') if id_token_hint: client_id = client_id_from_id_token(id_token_hint) try: client = Client.objects.get(client_id=client_id) if post_logout_redirect_uri in client.post_logout_redirect_uris: if state: uri = urlsplit(post_logout_redirect_uri) query_params = parse_qs(uri.query) query_params['state'] = state uri = uri._replace(query=urlencode(query_params, doseq=True)) next_page = urlunsplit(uri) else: next_page = post_logout_redirect_uri except Client.DoesNotExist: pass return logout(request, next_page=next_page)
def dispatch(self, request, *args, **kwargs): id_token_hint = request.GET.get('id_token_hint', '') post_logout_redirect_uri = request.GET.get('post_logout_redirect_uri', '') state = request.GET.get('state', '') client = None next_page = settings.get('OIDC_LOGIN_URL') after_end_session_hook = settings.get('OIDC_AFTER_END_SESSION_HOOK', import_str=True) if id_token_hint: client_id = client_id_from_id_token(id_token_hint) try: client = Client.objects.get(client_id=client_id) if post_logout_redirect_uri in client.post_logout_redirect_uris: if state: uri = urlsplit(post_logout_redirect_uri) query_params = parse_qs(uri.query) query_params['state'] = state uri = uri._replace(query=urlencode(query_params, doseq=True)) next_page = urlunsplit(uri) else: next_page = post_logout_redirect_uri except Client.DoesNotExist: pass after_end_session_hook( request=request, id_token=id_token_hint, post_logout_redirect_uri=post_logout_redirect_uri, state=state, client=client, next_page=next_page ) self.next_page = next_page return super(EndSessionView, self).dispatch(request, *args, **kwargs)