Commit 2f15d0a6 authored by Christophe de Vienne's avatar Christophe de Vienne
Browse files

Implements revalidate_login

I the case of the oauth WebAuthRetriever classes, revalidate_login should always
lead to an invalid session because if one of the retriever finds some authentication
data in the form, the authentication process must be runned.


Closes #3905894
parent 0222a46b60ab
......@@ -30,6 +30,8 @@ from cubicweb.web.views import authentication
from cubicweb.web.views import basecomponents, basetemplates
from cubicweb.web import Redirect, formfields, formwidgets
from cubicweb.web import InvalidSession
from cubes.oauth.authplugin import EXT_TOKEN
_ = unicode
......@@ -102,8 +104,8 @@ class ExternalAuthRetrieverStart(authentication.WebAuthInfoRetriever):
return '__externalauthprovider' in req.form
def revalidate_login(self, req):
# TODO I don't understand why this method is needed
return yes_marker()
# Always invalidate the current session
raise InvalidSession()
def authentication_information(self, req):
providername = req.form.get('__externalauthprovider')
......@@ -167,10 +169,9 @@ class ExternalAuthRetrieverFinish(authentication.WebAuthInfoRetriever):
'__externalauth_negociationid' in req.form
and 'code' in req.form)
# XXX What to do with that ?
#def revalidate_login(self, req):
#if self.request_has_auth_info(req):
#return req.form.get('__externalauthlogin')
def revalidate_login(self, req):
# Always invalidate the current session
raise InvalidSession()
def authentication_information(self, req):
if not self.request_has_auth_info(req):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment