Commit a5dc8383 authored by Aurelien Campeas's avatar Aurelien Campeas
Browse files

[hooks,views] implement a negociation timeout

This also helps work around a bug with facebook authentication where
the confirmation object/url is called twice.
parent 2f74d4f7f30d
......@@ -28,7 +28,23 @@ class ServerStartupHook(hook.Hook):
__regid__ = 'oauth-authentifier-register'
events = ('server_startup',)
_negociation_timeout = 300
def __call__(self):
self.debug('registering externalauth authentifier')
self.repo.system_source.add_authentifier(DirectAuthentifier())
def cleanup_negostates():
import cubes.oauth.views as oviews
for negoid in oviews.COLLECT_LIST:
self.debug('collecting negostate', negoid)
oviews.NEGOSTATE.pop(negoid, None)
oviews.COLLECT_LIST[:] = []
for negoid in oviews.NEGOSTATE:
oviews.COLLECT_LIST.append(negoid)
self.repo.looping_task(self._negociation_timeout,
cleanup_negostates)
......@@ -33,7 +33,8 @@ from cubes.oauth.authplugin import EXT_TOKEN
_ = unicode
NEGOSTATE = {}
NEGOSTATE = {} # negoid -> service coordinates
COLLECT_LIST = []
LOGINNOWSTATE = {}
......@@ -54,8 +55,8 @@ def login_now(self, login):
self.appli.session_handler.set_session(req)
except Redirect:
pass
assert req.user.login == login, req.user.login
if not req.user.login == login:
self.warning('should be now logged as %s, but still %s', login, req.user.login)
class ExternalAuthReqRewriter(urlrewrite.SimpleReqRewriter):
rules = [
......@@ -80,6 +81,10 @@ class ExternalAuthConfirm(Controller):
__regid__ = 'externalauth-confirm'
__select__ = match_form_params('code', '__externalauth_negociationid')
def _nego_timeout_url(self):
msg = self._cw._('Authentication timeout. Please try again.')
return self._cw.build_url(__message=msg)
def publish(self, rset=None):
form = self._cw.form
code = form.get('code')
......@@ -87,7 +92,9 @@ class ExternalAuthConfirm(Controller):
if not (code and negociationid):
return
nego = NEGOSTATE.pop(negociationid)
nego = NEGOSTATE.pop(negociationid, None)
if nego is None:
return Redirect(self._nego_timeout_url())
with self.appli.repo.internal_session() as session:
try:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment