def handle_sso(self, request, organization, auth_provider): if request.method == "POST": helper = AuthHelper( request=request, organization=organization, auth_provider=auth_provider, flow=AuthHelper.FLOW_LOGIN, ) if request.POST.get("init"): helper.initialize() if not helper.is_valid(): return helper.error( "Something unexpected happened during authentication.") return helper.current_step() provider = auth_provider.get_provider() context = { "CAN_REGISTER": False, "organization": organization, "provider_key": provider.key, "provider_name": provider.name, "authenticated": request.user.is_authenticated, } return self.respond("sentry/organization-login.html", context)
def handle(self, request, organization): if not features.has('organizations:sso', organization, actor=request.user): messages.add_message( request, messages.ERROR, ERR_NO_SSO, ) return HttpResponseRedirect( reverse('sentry-organization-home', args=[organization.slug]) ) try: auth_provider = AuthProvider.objects.get( organization=organization, ) except AuthProvider.DoesNotExist: pass else: return self.handle_existing_provider( request=request, organization=organization, auth_provider=auth_provider, ) if request.method == 'POST': provider_key = request.POST.get('provider') if not manager.exists(provider_key): raise ValueError('Provider not found: {}'.format(provider_key)) helper = AuthHelper( request=request, organization=organization, provider_key=provider_key, flow=AuthHelper.FLOW_SETUP_PROVIDER, ) if request.POST.get('init'): helper.init_pipeline() if not helper.pipeline_is_valid(): return helper.error('Something unexpected happened during authentication.') # render first time setup view return helper.current_step() provider_list = [] for k, v in manager: if issubclass(v, SAML2Provider): if not HAS_SAML2: continue if not features.has('organizations:saml2', organization, actor=request.user): continue provider_list.append((k, v.name)) context = { 'provider_list': provider_list, } return self.respond('sentry/organization-auth-settings.html', context)
def handle_sso(self, request, organization, auth_provider): if request.method == 'POST': helper = AuthHelper( request=request, organization=organization, auth_provider=auth_provider, flow=AuthHelper.FLOW_LOGIN, ) if request.POST.get('init'): helper.init_pipeline() if not helper.pipeline_is_valid(): return helper.error('Something unexpected happened during authentication.') return helper.current_step() provider = auth_provider.get_provider() context = { 'CAN_REGISTER': False, 'organization': organization, 'provider_key': provider.key, 'provider_name': provider.name, 'authenticated': request.user.is_authenticated(), } return self.respond('sentry/organization-login.html', context)
def handle_sso(self, request, organization, auth_provider): if request.method == 'POST': helper = AuthHelper( request=request, organization=organization, auth_provider=auth_provider, flow=AuthHelper.FLOW_LOGIN, ) if request.POST.get('init'): helper.init_pipeline() if not helper.pipeline_is_valid(): return helper.error('Something unexpected happened during authentication.') return helper.current_step() provider = auth_provider.get_provider() context = { 'CAN_REGISTER': False, 'organization': organization, 'provider_key': provider.key, 'provider_name': provider.name, } return self.respond('sentry/organization-login.html', context)
def handle(self, request, organization): try: auth_provider = AuthProvider.objects.get( organization=organization, ) except AuthProvider.DoesNotExist: pass else: provider = auth_provider.get_provider() requires_feature = provider.required_feature # Provider is not enabled # Allow superusers to edit and disable SSO for orgs that # downgrade plans and can no longer access the feature if requires_feature and not features.has( requires_feature, organization, actor=request.user ) and not is_active_superuser(request): home_url = reverse('sentry-organization-home', args=[organization.slug]) messages.add_message(request, messages.ERROR, ERR_NO_SSO) return HttpResponseRedirect(home_url) return self.handle_existing_provider( request=request, organization=organization, auth_provider=auth_provider, ) if request.method == 'POST': provider_key = request.POST.get('provider') if not manager.exists(provider_key): raise ValueError(u'Provider not found: {}'.format(provider_key)) helper = AuthHelper( request=request, organization=organization, provider_key=provider_key, flow=AuthHelper.FLOW_SETUP_PROVIDER, ) feature = helper.provider.required_feature if feature and not features.has(feature, organization, actor=request.user): return HttpResponse('Provider is not enabled', status=401) if request.POST.get('init'): helper.init_pipeline() if not helper.pipeline_is_valid(): return helper.error('Something unexpected happened during authentication.') # render first time setup view return helper.current_step() # Otherwise user is in bad state since frontend/react should handle this case return HttpResponseRedirect( reverse('sentry-organization-home', args=[organization.slug]) )
def handle(self, request, organization): try: auth_provider = AuthProvider.objects.get( organization=organization, ) except AuthProvider.DoesNotExist: pass else: provider = auth_provider.get_provider() requires_feature = provider.required_feature # Provider is not enabled # Allow superusers to edit and disable SSO for orgs that # downgrade plans and can no longer access the feature if requires_feature and not features.has( requires_feature, organization, actor=request.user ) and not is_active_superuser(request): home_url = organization.get_url() messages.add_message(request, messages.ERROR, ERR_NO_SSO) return HttpResponseRedirect(home_url) return self.handle_existing_provider( request=request, organization=organization, auth_provider=auth_provider, ) if request.method == 'POST': provider_key = request.POST.get('provider') if not manager.exists(provider_key): raise ValueError(u'Provider not found: {}'.format(provider_key)) helper = AuthHelper( request=request, organization=organization, provider_key=provider_key, flow=AuthHelper.FLOW_SETUP_PROVIDER, ) feature = helper.provider.required_feature if feature and not features.has(feature, organization, actor=request.user): return HttpResponse('Provider is not enabled', status=401) if request.POST.get('init'): helper.init_pipeline() if not helper.pipeline_is_valid(): return helper.error('Something unexpected happened during authentication.') # render first time setup view return helper.current_step() # Otherwise user is in bad state since frontend/react should handle this case return HttpResponseRedirect( organization.get_url() )
def handle(self, request, organization): if not features.has('organizations:sso-basic', organization, actor=request.user): messages.add_message( request, messages.ERROR, ERR_NO_SSO, ) return HttpResponseRedirect( reverse('sentry-organization-home', args=[organization.slug]) ) try: auth_provider = AuthProvider.objects.get( organization=organization, ) except AuthProvider.DoesNotExist: pass else: return self.handle_existing_provider( request=request, organization=organization, auth_provider=auth_provider, ) if request.method == 'POST': provider_key = request.POST.get('provider') if not manager.exists(provider_key): raise ValueError(u'Provider not found: {}'.format(provider_key)) helper = AuthHelper( request=request, organization=organization, provider_key=provider_key, flow=AuthHelper.FLOW_SETUP_PROVIDER, ) feature = helper.provider.required_feature if feature and not features.has(feature, organization, actor=request.user): return HttpResponse('Provider is not enabled', status=401) if request.POST.get('init'): helper.init_pipeline() if not helper.pipeline_is_valid(): return helper.error('Something unexpected happened during authentication.') # render first time setup view return helper.current_step() # Otherwise user is in bad state since frontend/react should handle this case return HttpResponseRedirect( reverse('sentry-organization-home', args=[organization.slug]) )
def handle(self, request, organization): try: auth_provider = AuthProvider.objects.get(organization=organization) except AuthProvider.DoesNotExist: pass else: provider = auth_provider.get_provider() requires_feature = provider.required_feature # Provider is not enabled # Allow superusers to edit and disable SSO for orgs that # downgrade plans and can no longer access the feature if (requires_feature and not features.has( requires_feature, organization, actor=request.user) and not is_active_superuser(request)): home_url = organization.get_url() messages.add_message(request, messages.ERROR, ERR_NO_SSO) return HttpResponseRedirect(home_url) return self.handle_existing_provider(request=request, organization=organization, auth_provider=auth_provider) if request.method == "POST": provider_key = request.POST.get("provider") if not manager.exists(provider_key): raise ValueError(f"Provider not found: {provider_key}") helper = AuthHelper( request=request, organization=organization, provider_key=provider_key, flow=AuthHelper.FLOW_SETUP_PROVIDER, ) feature = helper.provider.required_feature if feature and not features.has( feature, organization, actor=request.user): return HttpResponse("Provider is not enabled", status=401) if request.POST.get("init"): helper.initialize() if not helper.is_valid(): return helper.error( "Something unexpected happened during authentication.") # render first time setup view return helper.current_step() # Otherwise user is in bad state since frontend/react should handle this case return HttpResponseRedirect(organization.get_url())
def handle(self, request: Request, organization) -> Response: try: auth_provider = AuthProvider.objects.get(organization=organization) except AuthProvider.DoesNotExist: pass else: # if the org has SSO set up already, allow them to modify the existing provider # regardless if the feature flag is set up. This allows orgs who might no longer # have the SSO feature to be able to turn it off return self.handle_existing_provider(request=request, organization=organization, auth_provider=auth_provider) if request.method == "POST": provider_key = request.POST.get("provider") if not manager.exists(provider_key): raise ValueError(f"Provider not found: {provider_key}") helper = AuthHelper( request=request, organization=organization, provider_key=provider_key, flow=AuthHelper.FLOW_SETUP_PROVIDER, ) feature = helper.provider.required_feature if feature and not features.has( feature, organization, actor=request.user): return HttpResponse("Provider is not enabled", status=401) if request.POST.get("init"): helper.initialize() if not helper.is_valid(): return helper.error( "Something unexpected happened during authentication.") # render first time setup view return helper.current_step() # Otherwise user is in bad state since frontend/react should handle this case return HttpResponseRedirect(organization.get_url())
def handle(self, request, organization): if not features.has('organizations:sso', organization, actor=request.user): messages.add_message( request, messages.ERROR, ERR_NO_SSO, ) return HttpResponseRedirect( reverse('sentry-organization-home', args=[organization.slug]) ) try: auth_provider = AuthProvider.objects.get( organization=organization, ) except AuthProvider.DoesNotExist: pass else: return self.handle_existing_provider( request=request, organization=organization, auth_provider=auth_provider, ) if request.method == 'POST': provider_key = request.POST.get('provider') if not manager.exists(provider_key): raise ValueError('Provider not found: {}'.format(provider_key)) helper = AuthHelper( request=request, organization=organization, provider_key=provider_key, flow=AuthHelper.FLOW_SETUP_PROVIDER, ) feature = helper.provider.required_feature if feature and not features.has(feature, organization, actor=request.user): return HttpResponse('Provider is not enabled', status=401) if request.POST.get('init'): helper.init_pipeline() if not helper.pipeline_is_valid(): return helper.error('Something unexpected happened during authentication.') # render first time setup view return helper.current_step() provider_list = [] for k, v in manager: if issubclass(v, SAML2Provider) and not HAS_SAML2: continue feature = v.required_feature if feature and not features.has(feature, organization, actor=request.user): continue provider_list.append((k, v.name)) context = { 'provider_list': provider_list, } return self.respond('sentry/organization-auth-settings.html', context)