Add a checkbox to forget the identity provider if we checked "remember the identity provider"

This commit is contained in:
Valentin Samir 2016-08-01 11:50:15 +02:00
parent 0237364d8e
commit 2a1c90965c
5 changed files with 53 additions and 39 deletions

View file

@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: cas_server\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2016-07-30 19:19+0200\n"
"PO-Revision-Date: 2016-07-30 19:20+0200\n"
"POT-Creation-Date: 2016-08-01 12:01+0200\n"
"PO-Revision-Date: 2016-08-01 12:01+0200\n"
"Last-Translator: Valentin Samir <valentin.samir@crans.org>\n"
"Language-Team: django <LL@li.org>\n"
"Language: fr\n"
@ -23,40 +23,40 @@ msgstr ""
msgid "Central Authentication Service"
msgstr "Service Central d'Authentification"
#: forms.py:77
#: forms.py:88
msgid "Identity provider"
msgstr "fournisseur d'identité"
#: forms.py:80 forms.py:102 forms.py:208
msgid "service"
msgstr "service"
#: forms.py:83
msgid "Remember the identity provider"
msgstr "Se souvenir du fournisseur d'identité"
#: forms.py:86 forms.py:110
#: forms.py:92 forms.py:111
msgid "Warn me before logging me into other sites."
msgstr "Prévenez-moi avant d'accéder à d'autres services."
#: forms.py:100 models.py:600
#: forms.py:96
msgid "Remember the identity provider"
msgstr "Se souvenir du fournisseur d'identité"
#: forms.py:106 models.py:600
msgid "username"
msgstr "nom d'utilisateur"
#: forms.py:104
#: forms.py:108
msgid "password"
msgstr "mot de passe"
#: forms.py:134
#: forms.py:130
msgid "The credentials you provided cannot be determined to be authentic."
msgstr "Les informations transmises n'ont pas permis de vous authentifier."
#: forms.py:194
#: forms.py:182
msgid "User not found in the temporary database, please try to reconnect"
msgstr ""
"Utilisateur non trouvé dans la base de donnée temporaire, essayez de vous "
"reconnecter"
#: forms.py:196
msgid "service"
msgstr "service"
#: management/commands/cas_clean_federate.py:20
msgid "Clean old federated users"
msgstr "Nettoyer les anciens utilisateurs fédéré"
@ -300,7 +300,11 @@ msgstr ""
msgid "Log me out from all my sessions"
msgstr "Me déconnecter de toutes mes sessions"
#: templates/cas_server/logged.html:11
#: templates/cas_server/logged.html:14
msgid "Forget the identity provider"
msgstr "Oublier le fournisseur d'identité"
#: templates/cas_server/logged.html:18
msgid "Logout"
msgstr "Se déconnecter"
@ -316,7 +320,7 @@ msgstr "Connexion"
msgid "Connect to the service"
msgstr "Se connecter au service"
#: views.py:165
#: views.py:168
msgid ""
"<h3>Logout successful</h3>You have successfully logged out from the Central "
"Authentication Service. For security reasons, exit your web browser."
@ -325,7 +329,7 @@ msgstr ""
"d'Authentification. Pour des raisons de sécurité, veuillez fermer votre "
"navigateur."
#: views.py:171
#: views.py:174
#, python-format
msgid ""
"<h3>Logout successful</h3>You have successfully logged out from %s sessions "
@ -336,7 +340,7 @@ msgstr ""
"Service Central d'Authentification. Pour des raisons de sécurité, veuillez "
"fermer votre navigateur."
#: views.py:178
#: views.py:181
msgid ""
"<h3>Logout successful</h3>You were already logged out from the Central "
"Authentication Service. For security reasons, exit your web browser."
@ -345,7 +349,7 @@ msgstr ""
"d'Authentification. Pour des raisons de sécurité, veuillez fermer votre "
"navigateur."
#: views.py:351
#: views.py:361
#, python-format
msgid ""
"Invalid response from your identity provider CAS upon ticket %(ticket)s "
@ -354,46 +358,46 @@ msgstr ""
"Réponse invalide du CAS du fournisseur d'identité lors de la validation du "
"ticket %(ticket)s: %(error)r"
#: views.py:472
#: views.py:483
msgid "Invalid login ticket, please retry to login"
msgstr "Ticket de connexion invalide, merci de réessayé de vous connecter"
#: views.py:652
#: views.py:675
#, python-format
msgid "Authentication has been required by service %(name)s (%(url)s)"
msgstr ""
"Une demande d'authentification a été émise pour le service %(name)s "
"(%(url)s)."
#: views.py:690
#: views.py:713
#, python-format
msgid "Service %(url)s non allowed."
msgstr "le service %(url)s n'est pas autorisé."
#: views.py:697
#: views.py:720
msgid "Username non allowed"
msgstr "Nom d'utilisateur non authorisé"
#: views.py:704
#: views.py:727
msgid "User characteristics non allowed"
msgstr "Caractéristique utilisateur non autorisée"
#: views.py:711
#: views.py:734
#, python-format
msgid "The attribute %(field)s is needed to use that service"
msgstr "L'attribut %(field)s est nécessaire pour se connecter à ce service"
#: views.py:801
#: views.py:824
#, python-format
msgid "Authentication renewal required by service %(name)s (%(url)s)."
msgstr "Demande de réauthentification pour le service %(name)s (%(url)s)."
#: views.py:808
#: views.py:831
#, python-format
msgid "Authentication required by service %(name)s (%(url)s)."
msgstr "Authentification requise par le service %(name)s (%(url)s)."
#: views.py:815
#: views.py:838
#, python-format
msgid "Service %s non allowed"
msgstr "Le service %s n'est pas autorisé"

View file

@ -8,6 +8,13 @@
<input type="checkbox" name="all" value="1">{% trans "Log me out from all my sessions" %}
</label>
</div>
{% if settings.CAS_FEDERATE and request.COOKIES.remember_provider %}
<div class="checkbox">
<label>
<input type="checkbox" name="forget_provider" value="1">{% trans "Forget the identity provider" %}
</label>
</div>
{% endif %}
<button class="btn btn-danger btn-block btn-lg" type="submit">{% trans "Logout" %}</button>
</form>
{% endblock %}

View file

@ -128,8 +128,8 @@ class FederateAuthLoginLogoutTestCase(
{'ticket': ticket, 'remember': 'on' if remember else ''}
)
if remember:
self.assertIn("_remember_provider", client.cookies)
self.assertEqual(client.cookies["_remember_provider"].value, provider.suffix)
self.assertIn("remember_provider", client.cookies)
self.assertEqual(client.cookies["remember_provider"].value, provider.suffix)
self.assertEqual(response.status_code, 302)
self.assertEqual(response["Location"], "%s/login" % (
'http://testserver' if django.VERSION < (1, 9) else ""

View file

@ -147,9 +147,12 @@ class LogoutView(View, LogoutMixin):
# current querystring
if settings.CAS_FEDERATE:
if auth is not None:
params = utils.copy_params(request.GET)
params = utils.copy_params(request.GET, ignore={"forget_provider"})
url = auth.get_logout_url()
return HttpResponseRedirect(utils.update_url(url, params))
response = HttpResponseRedirect(utils.update_url(url, params))
if request.GET.get("forget_provider"):
response.delete_cookie("remember_provider")
return response
# if service is set, redirect to service after logout
if self.service:
list(messages.get_messages(request)) # clean messages before leaving the django app
@ -331,7 +334,7 @@ class FederateAuth(View):
max_age = settings.CAS_FEDERATE_REMEMBER_TIMEOUT
utils.set_cookie(
response,
"_remember_provider",
"remember_provider",
provider.suffix,
max_age
)
@ -360,7 +363,7 @@ class FederateAuth(View):
) % {'ticket': ticket, 'error': error}
)
response = redirect("cas_server:login")
response.delete_cookie("_remember_provider")
response.delete_cookie("remember_provider")
return response
except FederatedIendityProvider.DoesNotExist:
logger.warning("Identity provider suffix %s not found" % provider)
@ -855,16 +858,16 @@ class LoginView(View, LogoutMixin):
)
else:
if (
self.request.COOKIES.get('_remember_provider') and
self.request.COOKIES.get('remember_provider') and
FederatedIendityProvider.objects.filter(
suffix=self.request.COOKIES['_remember_provider']
suffix=self.request.COOKIES['remember_provider']
)
):
params = utils.copy_params(self.request.GET)
url = utils.reverse_params(
"cas_server:federateAuth",
params=params,
kwargs=dict(provider=self.request.COOKIES['_remember_provider'])
kwargs=dict(provider=self.request.COOKIES['remember_provider'])
)
return HttpResponseRedirect(url)
else: