brat000012001 / django-oidc Goto Github PK
View Code? Open in Web Editor NEWA copy of https://github.com/marcanpilami/django-oidc.git
License: Apache License 2.0
A copy of https://github.com/marcanpilami/django-oidc.git
License: Apache License 2.0
An uncaught ParseError if thrown during RP initiated logout if the identity server returns an unexpected response or any of the HTTP status codes indicating the request failed.
When the RP initiates a logout (a user clicks on a logout link), the RP redirects to the OP end session URL and passes a previously acquired id_token as a hint for the OP. However, if the session the token was issued for has already been terminated, the server returns HTTP status code 500. This causes the client to display a stack trace instead of gracefully handling the exception.
The behavior has been observed using the keycloak identity server version 2.3.0
Pre-requisites: django v 2.2.5
The code in djangooidc/views.py, line 94 throws an exception:
Exception at /openid/callback/login/
this login is not valid in this application
The culprit is the change https://github.com/django/django/commit/4b9330ccc04575f9e5126529ec355a450d12e77c#diff-09614db38e88cea4b3662ee14305885c
that made it into django v 1.11.a1 that affected the signature of backend's authenticate
method, and causing backward compatibility issues.
The fix is to add an additional request
parameter to the authenticate
method of djangooidc.backends.OpenIdConnectBackend
:
def authenticate(self, request, **kwargs):
...
/openid/logout throws an error after logging in with OIDC provider. The error is not thrown after logging in with local user credentials
Environment:
Request Method: GET
Request URL: https://xxxx.xxx/openid/logout?next=/en
Django Version: 1.8.18
Python Version: 2.7.12
Installed Applications:
('djangocms_admin_style',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.admin',
'django.contrib.sites',
'django.contrib.sitemaps',
'django.contrib.staticfiles',
'django.contrib.messages',
'cms',
'menus',
'sekizai',
'treebeard',
'djangocms_text_ckeditor',
'filer',
'easy_thumbnails',
'djangocms_column',
'djangocms_link',
'cmsplugin_filer_file',
'cmsplugin_filer_folder',
'cmsplugin_filer_image',
'cmsplugin_filer_utils',
'djangocms_snippet',
'djangocms_googlemap',
'djangocms_video',
'cms_themes',
'bootstrap3',
'aldryn_bootstrap3',
'aldryn_style',
'aldryn_apphooks_config',
'parler',
'taggit',
'taggit_autosuggest',
'meta',
'djangocms_blog',
'aldryn_search',
'xxxxxx')
Installed Middleware:
('cms.middleware.utils.ApphookReloadMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.locale.LocaleMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'cms.middleware.user.CurrentUserMiddleware',
'cms.middleware.page.CurrentPageMiddleware',
'cms.middleware.toolbar.ToolbarMiddleware',
'cms.middleware.language.LanguageCookieMiddleware')
Traceback:
File "~/env/local/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
132. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "~/env/local/lib/python2.7/site-packages/djangooidc/views.py" in logout
142. resp = HttpResponse(content_type=res.headers["content-type"], status=res.status_code, content=res._content)
File "~/env/local/lib/python2.7/site-packages/requests/structures.py" in __getitem__
54. return self._store[key.lower()][1]
Exception Type: KeyError at /openid/logout
Exception Value: 'content-type'
The application uses a next
query parameter to tell the backend where to redirect after the login process has successfully completed. However, it seems the backend completely ignores the query parameter and always redirects to /
instead of using the relative path specified in next
This is specific to python3. djangoidc/views.py, line 70:
` return client.create_authn_request(request.session)'
throws an exception:
OpenID Connect authentication has failed
Error message is: string argument without an encoding
The error is caused by the following code in /home/pnalyvayko/ccperforce_views/depot/github/repos/django-oidc/djangooidc/oidc.py
:
if isinstance(url, newstr):
p3_bytes = bytes(url)
bytes(..)
in python3 takes encoding
as a second argument. The fix is to update the code above to:
if isinstance(url, newstr):
p3_bytes = bytes(url,'utf-8')
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.