Skip to content

Commit

Permalink
Fix incorrectly generated CAS login URL
Browse files Browse the repository at this point in the history
  • Loading branch information
cslzchen committed Sep 30, 2024
1 parent b128472 commit a5e5371
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 8 deletions.
5 changes: 2 additions & 3 deletions framework/auth/cas.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
from furl import furl
from urllib.parse import unquote_plus

from django.utils import timezone
from rest_framework import status as http_status
Expand Down Expand Up @@ -304,11 +303,11 @@ def make_response_from_ticket(ticket, service_url):
f'CAS response - redirect existing external IdP login to verification key login: user=[{user._id}]',
LogLevel.INFO
)
return redirect(get_logout_url(unquote_plus(get_login_url(
return redirect(get_logout_url(get_login_url(
service_url,
username=user.username,
verification_key=user.verification_key
))))
)))

# if user is authenticated by CAS
print_cas_log(f'CAS response - finalizing authentication: user=[{user._id}]', LogLevel.INFO)
Expand Down
4 changes: 2 additions & 2 deletions tests/test_views.py
Original file line number Diff line number Diff line change
Expand Up @@ -2611,7 +2611,7 @@ def test_claim_user_when_user_is_registered_with_orcid(self, mock_response_from_
assert res1.status_code == 302
res = self.app.resolve_redirect(self.app.get(url))
service_url = f'http://localhost{url}'
expected = cas.get_logout_url(service_url=unquote_plus(cas.get_login_url(service_url=service_url)))
expected = cas.get_logout_url(service_url=cas.get_login_url(service_url=service_url))
assert res1.location == expected

# user logged in with orcid automatically becomes a contributor
Expand All @@ -2631,7 +2631,7 @@ def test_claim_user_when_user_is_registered_with_orcid(self, mock_response_from_
# And the redirect URL must equal to the originial service URL
assert res.status_code == 302
redirect_url = res.headers['Location']
assert unquote_plus(redirect_url) == url
assert redirect_url == url
# The response of this request is expected have the `Set-Cookie` header with OSF cookie.
# And the cookie must belong to the ORCiD user.
raw_set_cookie = res.headers['Set-Cookie']
Expand Down
4 changes: 1 addition & 3 deletions website/project/views/contributor.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
from urllib.parse import unquote_plus

from rest_framework import status as http_status

from flask import request
Expand Down Expand Up @@ -669,7 +667,7 @@ def claim_user_registered(auth, node, **kwargs):
current_user = auth.user
current_session = get_session()

sign_out_url = cas.get_logout_url(service_url=unquote_plus(cas.get_login_url(service_url=request.url)))
sign_out_url = cas.get_logout_url(service_url=cas.get_login_url(service_url=request.url))
if not current_user:
return redirect(sign_out_url)

Expand Down

0 comments on commit a5e5371

Please sign in to comment.