def get_redirect_url(self, *args, **kwargs):
authcode = kwargs.get('authcode', None)
if not authcode:
return self.error_redirect_url()
user_info = decrypt_authcode(authcode)
try:
user_info = json.loads(user_info)
except (
TypeError,
ValueError,
):
user_info = None
if not user_info:
return self.error_redirect_url()
badgrapp_id = user_info.get('badgrapp_id')
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
self.badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return self.error_redirect_url()
try:
email_address = CachedEmailAddress.cached.get(
email=user_info.get('email'))
except CachedEmailAddress.DoesNotExist:
return self.error_redirect_url()
user = email_address.user
user.first_name = user_info.get('first_name', user.first_name)
user.last_name = user_info.get('last_name', user.last_name)
user.badgrapp = self.badgrapp
user.marketing_opt_in = user_info.get('marketing_opt_in',
user.marketing_opt_in)
user.agreed_terms_version = TermsVersion.cached.latest_version()
user.email_verified = True
if user_info.get('plaintext_password'):
user.set_password(user_info['plaintext_password'])
user.save()
redirect_url = urlparse.urljoin(
self.badgrapp.email_confirmation_redirect.rstrip('/') + '/',
urllib.quote(user.first_name.encode('utf8')))
redirect_url = set_url_query_params(
redirect_url, email=email_address.email.encode('utf8'))
return redirect_url
def get_redirect_url(self, *args, **kwargs):
authcode = kwargs.get('authcode', None)
if not authcode:
return self.error_redirect_url()
user_info = decrypt_authcode(authcode)
try:
user_info = json.loads(user_info)
except (TypeError, ValueError,):
user_info = None
if not user_info:
return self.error_redirect_url()
badgrapp_id = user_info.get('badgrapp_id')
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
self.badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return self.error_redirect_url()
try:
email_address = CachedEmailAddress.cached.get(email=user_info.get('email'))
except CachedEmailAddress.DoesNotExist:
return self.error_redirect_url()
user = email_address.user
user.first_name = user_info.get('first_name', user.first_name)
user.last_name = user_info.get('last_name', user.last_name)
user.badgrapp = self.badgrapp
user.marketing_opt_in = user_info.get('marketing_opt_in', user.marketing_opt_in)
user.agreed_terms_version = TermsVersion.cached.latest_version()
user.email_verified = True
if user_info.get('plaintext_password'):
user.set_password(user_info['plaintext_password'])
user.save()
redirect_url = urlparse.urljoin(
self.badgrapp.email_confirmation_redirect.rstrip('/') + '/',
urllib.quote(user.first_name.encode('utf8'))
)
redirect_url = set_url_query_params(redirect_url, email=email_address.email.encode('utf8'))
return redirect_url
def get_redirect_url(self, *args, **kwargs):
authcode = get_session_authcode(self.request)
accesstoken = accesstoken_for_authcode(authcode)
try:
data = json.loads(decrypt_authcode(self.request.GET['request_id']))
client, config = saml2_client_for(data['idp_name'])
email = data['email']
first_name = data['first_name']
last_name = data['last_name']
except (
TypeError,
ValueError,
AttributeError,
KeyError,
Saml2Configuration.DoesNotExist,
) as e:
return saml2_fail(authError="Could not process Saml2 Response.")
try:
existing_email = CachedEmailAddress.cached.get(email=email)
except CachedEmailAddress.DoesNotExist:
if accesstoken is not None and not accesstoken.is_expired():
saml2_account = Saml2Account.objects.create(
config=config, user=accesstoken.user, uuid=email)
new_mail = CachedEmailAddress.objects.create(
email=email,
user=accesstoken.user,
verified=True,
primary=False)
return redirect_to_login_with_token(self.request, accesstoken)
# Email does not exist, nor does existing account. auto-provision new account and log in
return redirect_user_to_login(
saml2_new_account(email, config, first_name, last_name,
self.request))
else:
return saml2_fail(
authError="Saml2 Response Processing interrupted. Email exists."
)
def test_can_encrypt_decrypt_authcode(self):
payload = "fakeentityid"
code = encrypt_authcode(payload)
decrypted_payload = decrypt_authcode(code)
self.assertEqual(payload, decrypted_payload)
def test_can_encrypt_decrypt_authcode(self):
payload = "fakeentityid"
code = encrypt_authcode(payload)
decrypted_payload = decrypt_authcode(code)
self.assertEqual(payload, decrypted_payload)