Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ajout d'un middleware pour connecter automatiquement les utilisateurs pro_connect #5237

Merged
merged 2 commits into from
Dec 10, 2024
Merged

Ajout d'un middleware pour connecter automatiquement les utilisateurs pro_connect #5237

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5f9c87d
add ProConnectLoginMiddleware
vincentporte Dec 9, 2024
a3f2683
fix 'next_url' params ^^'
vincentporte Dec 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions config/settings/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,7 @@
# Itou specific
"itou.utils.perms.middleware.ItouCurrentOrganizationMiddleware",
"itou.www.middleware.never_cache",
"itou.openid_connect.pro_connect.middleware.ProConnectLoginMiddleware",
# Final logger
"django_datadog_logger.middleware.request_log.RequestLoggingMiddleware",
]
Expand Down
33 changes: 33 additions & 0 deletions itou/openid_connect/pro_connect/middleware.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
from django.http import HttpResponseRedirect
from django.urls import reverse
from django.utils.deprecation import MiddlewareMixin
from django.utils.http import urlencode

from itou.users.enums import IdentityProvider
from itou.users.models import User


class ProConnectLoginMiddleware(MiddlewareMixin):
def process_request(self, request):
if "proconnect_login" not in request.GET:
return

query_params = request.GET.copy()
query_params.pop("proconnect_login")
username = query_params.pop("username", [None])
new_url = (
f"{request.path}?{urlencode({k: v for k, v in query_params.items() if v})}"
if query_params
else request.path
)

if request.user.is_authenticated:
return HttpResponseRedirect(new_url)

try:
user = User.objects.get(username=username[0], identity_provider=IdentityProvider.PRO_CONNECT.value)
return HttpResponseRedirect(
reverse("pro_connect:authorize") + f"?user_kind={user.kind}&next_url={new_url}"
)
except User.DoesNotExist:
return HttpResponseRedirect(reverse("signup:choose_user_kind") + f"?next_url={new_url}")
64 changes: 64 additions & 0 deletions tests/openid_connect/pro_connect/test_middleware.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
import pytest
from django.urls import reverse
from pytest_django.asserts import assertRedirects

from itou.users.enums import IdentityProvider
from tests.users.factories import EmployerFactory


params_tuples = [
("?proconnect_login=true", ""),
("?proconnect_login=true&filter=76", "?filter=76"),
("?proconnect_login=true&filter=76&kind=EI", "?filter=76&kind=EI"),
]


@pytest.mark.parametrize(
"params,user,redirection",
[
("", lambda: EmployerFactory(with_company=True), "dashboard:index"),
("?param=1", lambda: EmployerFactory(with_company=True), "dashboard:index"),
("?param=1&username=2", lambda: EmployerFactory(with_company=True), "dashboard:index"),
("", None, "search:employers_home"),
("?param=1", None, "search:employers_home"),
("?param=1&username=2", None, "search:employers_home"),
],
)
def test_middleware_wo_proconnect_login_param(client, db, params, user, redirection):
if user:
client.force_login(user())
response = client.get(f"{reverse('home:hp')}/{params}")
assertRedirects(response, reverse(redirection), fetch_redirect_response=False)


@pytest.mark.parametrize("params,expected_params", params_tuples)
def test_middleware_for_authenticated_user(client, db, params, expected_params):
user = EmployerFactory(with_company=True)
client.force_login(user)

for username_param in ["", "&username=123-abc"]:
response = client.get(f"/{params}{username_param}")
assertRedirects(response, f"/{expected_params}", fetch_redirect_response=False)


@pytest.mark.parametrize("params,expected_params", params_tuples)
def test_middlware_for_non_proconnect_user(client, db, params, expected_params):
user = EmployerFactory(with_company=True)
for username_param in ["", "&username=123-abc", f"&username={user.username}"]:
response = client.get(f"/{params}{username_param}")
assertRedirects(
response,
f"{reverse('signup:choose_user_kind')}?next_url=/{expected_params}",
fetch_redirect_response=False,
)


@pytest.mark.parametrize("params,expected_params", params_tuples)
def test_middleware_for_unlogged_proconnect_user(client, db, params, expected_params):
user = EmployerFactory(with_company=True, identity_provider=IdentityProvider.PRO_CONNECT)
response = client.get(f"/{params}&username={user.username}")
assertRedirects(
response,
f"{reverse("pro_connect:authorize")}?user_kind={user.kind}&next_url=/{expected_params}",
fetch_redirect_response=False,
)
Loading