Enhancement: AuthorizeView's static method strip-prompt-login was moved to a new file oidc_provider/lib/utils/authorize.py in order to be more consistent with the implementation of other Views

2018-10-04 10:40:23 -03:00 · 2018-10-04 10:40:23 -03:00 · eb2f272a0b
commit eb2f272a0b
parent 035e7a3674
3 changed files with 36 additions and 29 deletions
--- a/oidc_provider/lib/utils/authorize.py
+++ b/oidc_provider/lib/utils/authorize.py
@ -0,0 +1,21 @@
+try:
+    from urllib import urlencode
+    from urlparse import urlsplit, parse_qs, urlunsplit
+except ImportError:
+    from urllib.parse import urlsplit, parse_qs, urlunsplit, urlencode
+
+
+def strip_prompt_login(path):
+    """
+    Strips 'login' from the 'prompt' query parameter.
+    """
+    uri = urlsplit(path)
+    query_params = parse_qs(uri.query)
+    prompt_list = query_params.get('prompt', '')[0].split()
+    if 'login' in prompt_list:
+        prompt_list.remove('login')
+        query_params['prompt'] = ' '.join(prompt_list)
+    if not query_params['prompt']:
+        del query_params['prompt']
+    uri = uri._replace(query=urlencode(query_params, doseq=True))
+    return urlunsplit(uri)
--- a/oidc_provider/tests/cases/test_authorize_endpoint.py
+++ b/oidc_provider/tests/cases/test_authorize_endpoint.py
@ -31,6 +31,7 @@ from oidc_provider.tests.app.utils import (
    FAKE_CODE_CHALLENGE,
    is_code_valid,
 )
+from oidc_provider.lib.utils.authorize import strip_prompt_login
 from oidc_provider.views import AuthorizeView
 from oidc_provider.lib.endpoints.authorize import AuthorizeEndpoint

@ -481,20 +482,20 @@ class AuthorizationCodeFlowTestCase(TestCase, AuthorizeEndpointMixin):
                 '_id=112233&prompt=login none&redirect_uri' +
                 '=http://localhost:8000')

-        self.assertNotIn('prompt', AuthorizeView.strip_prompt_login(path0))
+        self.assertNotIn('prompt', strip_prompt_login(path0))

-        self.assertIn('prompt', AuthorizeView.strip_prompt_login(path1))
-        self.assertIn('consent', AuthorizeView.strip_prompt_login(path1))
-        self.assertIn('none', AuthorizeView.strip_prompt_login(path1))
-        self.assertNotIn('login', AuthorizeView.strip_prompt_login(path1))
+        self.assertIn('prompt', strip_prompt_login(path1))
+        self.assertIn('consent', strip_prompt_login(path1))
+        self.assertIn('none', strip_prompt_login(path1))
+        self.assertNotIn('login', strip_prompt_login(path1))

-        self.assertIn('prompt', AuthorizeView.strip_prompt_login(path2))
-        self.assertIn('consent', AuthorizeView.strip_prompt_login(path1))
-        self.assertNotIn('login', AuthorizeView.strip_prompt_login(path2))
+        self.assertIn('prompt', strip_prompt_login(path2))
+        self.assertIn('consent', strip_prompt_login(path1))
+        self.assertNotIn('login', strip_prompt_login(path2))

-        self.assertIn('prompt', AuthorizeView.strip_prompt_login(path3))
-        self.assertIn('none', AuthorizeView.strip_prompt_login(path3))
-        self.assertNotIn('login', AuthorizeView.strip_prompt_login(path3))
+        self.assertIn('prompt', strip_prompt_login(path3))
+        self.assertIn('none', strip_prompt_login(path3))
+        self.assertNotIn('login', strip_prompt_login(path3))


 class AuthorizationImplicitFlowTestCase(TestCase, AuthorizeEndpointMixin):
--- a/oidc_provider/views.py
+++ b/oidc_provider/views.py
@ -39,6 +39,7 @@ from oidc_provider.lib.errors import (
    TokenError,
    UserAuthError,
    TokenIntrospectionError)
+from oidc_provider.lib.utils.authorize import strip_prompt_login
 from oidc_provider.lib.utils.common import (
    redirect,
    get_site_url,
@ -84,7 +85,7 @@ class AuthorizeView(View):
                            authorize.grant_type)
                    else:
                        django_user_logout(request)
-                        next_page = self.strip_prompt_login(request.get_full_path())
+                        next_page = strip_prompt_login(request.get_full_path())
                        return redirect_to_login(next_page, settings.get('OIDC_LOGIN_URL'))

                if 'select_account' in authorize.params['prompt']:
@ -147,7 +148,7 @@ class AuthorizeView(View):
                    raise AuthorizeError(
                        authorize.params['redirect_uri'], 'login_required', authorize.grant_type)
                if 'login' in authorize.params['prompt']:
-                    next_page = self.strip_prompt_login(request.get_full_path())
+                    next_page = strip_prompt_login(request.get_full_path())
                    return redirect_to_login(next_page, settings.get('OIDC_LOGIN_URL'))

                return redirect_to_login(request.get_full_path(), settings.get('OIDC_LOGIN_URL'))
@ -200,22 +201,6 @@ class AuthorizeView(View):

            return redirect(uri)

-    @staticmethod
-    def strip_prompt_login(path):
-        """
-        Strips 'login' from the 'prompt' query parameter.
-        """
-        uri = urlsplit(path)
-        query_params = parse_qs(uri.query)
-        prompt_list = query_params.get('prompt', '')[0].split()
-        if 'login' in prompt_list:
-            prompt_list.remove('login')
-            query_params['prompt'] = ' '.join(prompt_list)
-        if not query_params['prompt']:
-            del query_params['prompt']
-        uri = uri._replace(query=urlencode(query_params, doseq=True))
-        return urlunsplit(uri)
-

 class TokenView(View):
    def post(self, request, *args, **kwargs):