def start_social_login(
request: HttpRequest,
backend: str,
extra_arg: Optional[str] = None,
) -> HttpResponse:
backend_url = reverse("social:begin", args=[backend])
extra_url_params: Dict[str, str] = {}
if backend == "saml":
if not SAMLAuthBackend.check_config():
return config_error(request, "saml")
# This backend requires the name of the IdP (from the list of configured ones)
# to be passed as the parameter.
if not extra_arg or extra_arg not in settings.SOCIAL_AUTH_SAML_ENABLED_IDPS:
logging.info(
"Attempted to initiate SAML authentication with wrong idp argument: %s", extra_arg
)
return config_error(request, "saml")
extra_url_params = {"idp": extra_arg}
if backend == "apple" and not AppleAuthBackend.check_config():
return config_error(request, "apple")
# TODO: Add AzureAD also.
if backend in ["github", "google", "gitlab"]:
key_setting = "SOCIAL_AUTH_" + backend.upper() + "_KEY"
secret_setting = "SOCIAL_AUTH_" + backend.upper() + "_SECRET"
if not (getattr(settings, key_setting) and getattr(settings, secret_setting)):
return config_error(request, backend)
return oauth_redirect_to_root(request, backend_url, "social", extra_url_params=extra_url_params)
def login_context(request: HttpRequest) -> Dict[str, Any]:
realm = get_realm_from_request(request)
if realm is None:
realm_description = None
realm_invite_required = False
else:
realm_description = get_realm_rendered_description(realm)
realm_invite_required = realm.invite_required
context: Dict[str, Any] = {
'realm_invite_required': realm_invite_required,
'realm_description': realm_description,
'require_email_format_usernames':
require_email_format_usernames(realm),
'password_auth_enabled': password_auth_enabled(realm),
'any_social_backend_enabled': any_social_backend_enabled(realm),
'two_factor_authentication_enabled':
settings.TWO_FACTOR_AUTHENTICATION_ENABLED,
'apple_locale':
AppleAuthBackend.get_apple_locale(request.LANGUAGE_CODE),
}
if realm is not None and realm.description:
context['OPEN_GRAPH_TITLE'] = realm.name
context['OPEN_GRAPH_DESCRIPTION'] = get_realm_text_description(realm)
# Add the keys for our standard authentication backends.
no_auth_enabled = True
for auth_backend_name in AUTH_BACKEND_NAME_MAP:
name_lower = auth_backend_name.lower()
key = f"{name_lower}_auth_enabled"
is_enabled = auth_enabled_helper([auth_backend_name], realm)
context[key] = is_enabled
if is_enabled:
no_auth_enabled = False
context['external_authentication_methods'] = get_external_method_dicts(
realm)
context['no_auth_enabled'] = no_auth_enabled
# Include another copy of external_authentication_methods in page_params for use
# by the desktop client. We expand it with IDs of the <button> elements corresponding
# to the authentication methods.
context['page_params'] = dict(
external_authentication_methods=get_external_method_dicts(realm), )
for auth_dict in context['page_params']['external_authentication_methods']:
auth_dict['button_id_suffix'] = "auth_button_{}".format(
auth_dict['name'])
return context