Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
systemsmanagement:Ardana:8:CentOS:7.3
python-django_openstack_auth
0001-Use-WEBSSO_KEYSTONE_URL-for-websso-authent...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Use-WEBSSO_KEYSTONE_URL-for-websso-authentication.patch of Package python-django_openstack_auth
From b31e85268b922f8c3c9ee948331389dc1acd512a Mon Sep 17 00:00:00 2001 From: Guang Yee <guang.yee@suse.com> Date: Tue, 16 Oct 2018 10:04:07 -0700 Subject: [PATCH] Use WEBSSO_KEYSTONE_URL for websso authentication If WEBSSO_KEYSTONE_URL is set in local/local_settings.py, the URL will be used for the WebSSO authentication. This URL takes precedence over OPENSTACK_KEYSTONE_URL which in multi-network deployments might not be reachable from the external network where the identity provider lives. --- openstack_auth/tests/tests.py | 19 +++++++++++++++++++ openstack_auth/utils.py | 3 ++- openstack_auth/views.py | 3 ++- 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/openstack_auth/tests/tests.py b/openstack_auth/tests/tests.py index 78edc8f..ff41deb 100644 --- a/openstack_auth/tests/tests.py +++ b/openstack_auth/tests/tests.py @@ -1213,6 +1213,25 @@ class OpenStackAuthTestsWebSSO(OpenStackAuthTestsMixin, self.assertRedirects(response, redirect_url, status_code=302, target_status_code=404) + def test_websso_redirect_using_websso_keystone_url(self): + settings.WEBSSO_KEYSTONE_URL = 'http://keystone-public:5000/v3' + origin = 'http://testserver/auth/websso/' + protocol = 'oidc' + redirect_url = ('%s/auth/OS-FEDERATION/identity_providers/%s' + '/protocols/%s/websso?origin=%s' % + (settings.WEBSSO_KEYSTONE_URL, self.idp_id, + protocol, origin)) + + form_data = {'auth_type': self.idp_oidc_id, + 'region': settings.OPENSTACK_KEYSTONE_URL} + url = reverse('login') + + # POST to the page and redirect to keystone. + response = self.client.post(url, form_data) + # verify that the request was sent back to WEBSSO_KEYSTONE_URL + self.assertRedirects(response, redirect_url, status_code=302, + target_status_code=404) + def test_websso_login(self): projects = [self.data.project_one, self.data.project_two] domains = [] diff --git a/openstack_auth/utils.py b/openstack_auth/utils.py index cac0d7a..5ddde25 100644 --- a/openstack_auth/utils.py +++ b/openstack_auth/utils.py @@ -179,7 +179,8 @@ def get_websso_url(request, auth_url, websso_auth): :param request: Django http request object. :type request: django.http.HttpRequest :param auth_url: Keystone endpoint configured in the horizon setting. - The value is derived from: + If WEBSSO_KEYSTONE_URL is defined, its value is used. + If not, the value is derived from: - OPENSTACK_KEYSTONE_URL - AVAILABLE_REGIONS :type auth_url: string diff --git a/openstack_auth/views.py b/openstack_auth/views.py index 7ae3063..c630986 100644 --- a/openstack_auth/views.py +++ b/openstack_auth/views.py @@ -60,7 +60,8 @@ def login(request, template_name=None, extra_context=None, **kwargs): if request.method == 'POST': auth_type = request.POST.get('auth_type', 'credentials') if utils.is_websso_enabled() and auth_type != 'credentials': - auth_url = request.POST.get('region') + auth_url = getattr(settings, 'WEBSSO_KEYSTONE_URL', + request.POST.get('region')) url = utils.get_websso_url(request, auth_url, auth_type) return shortcuts.redirect(url) -- 2.17.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor