Merge pull request #289 from octobot-dev/fix-strip-prompt-login
Fix #283: bug in strip_prompt_login
This commit is contained in:
commit
1a0f068f2e
|
@ -468,6 +468,34 @@ class AuthorizationCodeFlowTestCase(TestCase, AuthorizeEndpointMixin):
|
|||
response = self._auth_request('get', data, is_user_authenticated=True)
|
||||
self.assertIn('consent_required', response['Location'])
|
||||
|
||||
def test_strip_prompt_login(self):
|
||||
"""
|
||||
Test for helper method test_strip_prompt_login.
|
||||
"""
|
||||
# Original paths
|
||||
path0 = 'http://idp.com/?prompt=login'
|
||||
path1 = 'http://idp.com/?prompt=consent login none'
|
||||
path2 = ('http://idp.com/?response_type=code&client' +
|
||||
'_id=112233&prompt=consent login')
|
||||
path3 = ('http://idp.com/?response_type=code&client' +
|
||||
'_id=112233&prompt=login none&redirect_uri' +
|
||||
'=http://localhost:8000')
|
||||
|
||||
self.assertNotIn('prompt', AuthorizeView.strip_prompt_login(path0))
|
||||
|
||||
self.assertIn('prompt', AuthorizeView.strip_prompt_login(path1))
|
||||
self.assertIn('consent', AuthorizeView.strip_prompt_login(path1))
|
||||
self.assertIn('none', AuthorizeView.strip_prompt_login(path1))
|
||||
self.assertNotIn('login', AuthorizeView.strip_prompt_login(path1))
|
||||
|
||||
self.assertIn('prompt', AuthorizeView.strip_prompt_login(path2))
|
||||
self.assertIn('consent', AuthorizeView.strip_prompt_login(path1))
|
||||
self.assertNotIn('login', AuthorizeView.strip_prompt_login(path2))
|
||||
|
||||
self.assertIn('prompt', AuthorizeView.strip_prompt_login(path3))
|
||||
self.assertIn('none', AuthorizeView.strip_prompt_login(path3))
|
||||
self.assertNotIn('login', AuthorizeView.strip_prompt_login(path3))
|
||||
|
||||
|
||||
class AuthorizationImplicitFlowTestCase(TestCase, AuthorizeEndpointMixin):
|
||||
"""
|
||||
|
|
|
@ -207,8 +207,10 @@ class AuthorizeView(View):
|
|||
"""
|
||||
uri = urlsplit(path)
|
||||
query_params = parse_qs(uri.query)
|
||||
if 'login' in query_params['prompt']:
|
||||
query_params['prompt'].remove('login')
|
||||
prompt_list = query_params.get('prompt', '')[0].split()
|
||||
if 'login' in prompt_list:
|
||||
prompt_list.remove('login')
|
||||
query_params['prompt'] = ' '.join(prompt_list)
|
||||
if not query_params['prompt']:
|
||||
del query_params['prompt']
|
||||
uri = uri._replace(query=urlencode(query_params, doseq=True))
|
||||
|
|
Loading…
Reference in a new issue