def handle_sso(self, request, organization, auth_provider):
# if they're authenticated we want them to go through the standard
# link flow
if request.user.is_authenticated():
return self.redirect(
reverse('sentry-auth-link-identity', args=[organization.slug]))
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LOGIN,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'CAN_REGISTER': False,
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/organization-login.html', context)
def handle_authed(self, request, organization, auth_provider):
try:
om = OrganizationMember.objects.get(
organization=organization,
user=request.user,
)
except OrganizationMember.DoesNotExist:
auth_logger.debug('User does is not a member of organization: %s',
organization.slug)
messages.add_message(
request, messages.ERROR,
ERR_LINK_INVALID,
)
return self.redirect(reverse('sentry'))
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LINK_IDENTITY,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/auth-link-identity.html', context)
def handle_sso(self, request, organization, auth_provider):
# if they're authenticated we want them to go through the standard
# link flow
if request.user.is_authenticated():
return self.redirect(reverse('sentry-auth-link-identity',
args=[organization.slug]))
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LOGIN,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'CAN_REGISTER': False,
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/organization-login.html', context)
def handle(self, request, organization_slug):
try:
organization = Organization.objects.get(
slug=organization_slug
)
except Organization.DoesNotExist:
return self.redirect(reverse('sentry-login'))
try:
auth_provider = AuthProvider.objects.get(
organization=organization
)
except AuthProvider.DoesNotExist:
return self.redirect(reverse('sentry-login'))
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LOGIN,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/organization-login.html', context)
def test_set_session_expiration(self, mock_auth):
self.org = self.create_organization()
self.auth_provider = AuthProvider.objects.create(provider="saml2",
organization=self.org)
self.provider = SAML2Provider(key=self.auth_provider.provider)
self.provider.config = dummy_provider_config
self.auth_provider.get_provider = mock.MagicMock(
return_value=self.provider)
super(SAML2ACSViewTest, self).setUp()
request = self.make_request(user=None)
request.META = {
"PATH_INFO": "/",
}
test_view = SAML2ACSView()
helper = AuthHelper(request,
self.org,
AuthHelper.FLOW_LOGIN,
auth_provider=self.auth_provider)
def mock_next_step(self):
return
helper.next_step = types.MethodType(mock_next_step, helper)
instance = mock_auth.return_value
instance.get_errors.return_value = None
instance.get_attributes.return_value = {}
instance.get_session_expiration.return_value = 1591044492
test_view.dispatch(request, helper)
assert request.session.get_expiry_date() == datetime.fromtimestamp(
1591044492).replace(tzinfo=timezone.utc)
def handle_authed(self, request, organization, auth_provider):
om = OrganizationMember.objects.filter(
organization=organization,
user=request.user,
)
if not om.exists():
auth_logger.debug('User does is not a member of organization: %s',
organization.slug)
messages.add_message(
request,
messages.ERROR,
ERR_LINK_INVALID,
)
return self.redirect(reverse('sentry'))
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LINK_IDENTITY,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/auth-link-identity.html', context)
def handle(self, request, organization_slug):
try:
organization = Organization.objects.get(slug=organization_slug)
except Organization.DoesNotExist:
return self.redirect(reverse('sentry-login'))
try:
auth_provider = AuthProvider.objects.get(organization=organization)
except AuthProvider.DoesNotExist:
return self.redirect(reverse('sentry-login'))
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LOGIN,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/organization-login.html', context)
def handle_provider_setup(self, request, organization, provider_key):
helper = AuthHelper(
request=request,
organization=organization,
provider_key=provider_key,
flow=AuthHelper.FLOW_SETUP_PROVIDER,
)
helper.init_pipeline()
return helper.next_step()
def handle_provider_setup(self, request, organization, provider_key):
helper = AuthHelper(
request=request,
organization=organization,
provider_key=provider_key,
flow=AuthHelper.FLOW_SETUP_PROVIDER,
)
helper.init_pipeline()
return helper.next_step()
def handle(self, request, organization_slug):
try:
organization = Organization.objects.get(
slug=organization_slug
)
except Organization.DoesNotExist:
messages.add_message(
request, messages.ERROR,
ERR_LINK_INVALID,
)
return self.redirect(reverse('sentry'))
try:
om = OrganizationMember.objects.get(
organization=organization,
user=request.user,
)
except OrganizationMember.DoesNotExist():
messages.add_message(
request, messages.ERROR,
ERR_LINK_INVALID,
)
return self.redirect(reverse('sentry'))
try:
auth_provider = AuthProvider.objects.get(
organization=organization
)
except AuthProvider.DoesNotExist:
messages.add_message(
request, messages.ERROR,
ERR_LINK_INVALID,
)
return self.redirect(reverse('sentry-organization-home',
args=[organization.slug]))
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LINK_IDENTITY,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/auth-link-identity.html', context)
def handle(self, request, organization_slug):
try:
organization = Organization.objects.get(slug=organization_slug)
except Organization.DoesNotExist:
messages.add_message(
request,
messages.ERROR,
ERR_LINK_INVALID,
)
return self.redirect(reverse('sentry'))
try:
om = OrganizationMember.objects.get(
organization=organization,
user=request.user,
)
except OrganizationMember.DoesNotExist:
messages.add_message(
request,
messages.ERROR,
ERR_LINK_INVALID,
)
return self.redirect(reverse('sentry'))
try:
auth_provider = AuthProvider.objects.get(organization=organization)
except AuthProvider.DoesNotExist:
messages.add_message(
request,
messages.ERROR,
ERR_LINK_INVALID,
)
return self.redirect(
reverse('sentry-organization-home', args=[organization.slug]))
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LINK_IDENTITY,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/auth-link-identity.html', context)
def handle_sso(self, request, organization, auth_provider):
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LOGIN,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'CAN_REGISTER': False,
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/organization-login.html', context)
def handle_sso(self, request, organization, auth_provider):
if request.method == 'POST':
helper = AuthHelper(
request=request,
organization=organization,
auth_provider=auth_provider,
flow=AuthHelper.FLOW_LOGIN,
)
helper.init_pipeline()
return helper.next_step()
provider = auth_provider.get_provider()
context = {
'CAN_REGISTER': False,
'organization': organization,
'provider_key': provider.key,
'provider_name': provider.name,
}
return self.respond('sentry/organization-login.html', context)
