Commit 2a1c9096 authored by Valentin Samir's avatar Valentin Samir

Add a checkbox to forget the identity provider if we checked "remember the identity provider"

parent 0237364d
...@@ -7,8 +7,8 @@ msgid "" ...@@ -7,8 +7,8 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: cas_server\n" "Project-Id-Version: cas_server\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2016-07-30 19:19+0200\n" "POT-Creation-Date: 2016-08-01 12:01+0200\n"
"PO-Revision-Date: 2016-07-30 19:20+0200\n" "PO-Revision-Date: 2016-08-01 12:01+0200\n"
"Last-Translator: Valentin Samir <valentin.samir@crans.org>\n" "Last-Translator: Valentin Samir <valentin.samir@crans.org>\n"
"Language-Team: django <LL@li.org>\n" "Language-Team: django <LL@li.org>\n"
"Language: fr\n" "Language: fr\n"
...@@ -23,40 +23,40 @@ msgstr "" ...@@ -23,40 +23,40 @@ msgstr ""
msgid "Central Authentication Service" msgid "Central Authentication Service"
msgstr "Service Central d'Authentification" msgstr "Service Central d'Authentification"
#: forms.py:77 #: forms.py:88
msgid "Identity provider" msgid "Identity provider"
msgstr "fournisseur d'identité" msgstr "fournisseur d'identité"
#: forms.py:80 forms.py:102 forms.py:208 #: forms.py:92 forms.py:111
msgid "service" msgid "Warn me before logging me into other sites."
msgstr "service" msgstr "Prévenez-moi avant d'accéder à d'autres services."
#: forms.py:83 #: forms.py:96
msgid "Remember the identity provider" msgid "Remember the identity provider"
msgstr "Se souvenir du fournisseur d'identité" msgstr "Se souvenir du fournisseur d'identité"
#: forms.py:86 forms.py:110 #: forms.py:106 models.py:600
msgid "Warn me before logging me into other sites."
msgstr "Prévenez-moi avant d'accéder à d'autres services."
#: forms.py:100 models.py:600
msgid "username" msgid "username"
msgstr "nom d'utilisateur" msgstr "nom d'utilisateur"
#: forms.py:104 #: forms.py:108
msgid "password" msgid "password"
msgstr "mot de passe" msgstr "mot de passe"
#: forms.py:134 #: forms.py:130
msgid "The credentials you provided cannot be determined to be authentic." msgid "The credentials you provided cannot be determined to be authentic."
msgstr "Les informations transmises n'ont pas permis de vous authentifier." msgstr "Les informations transmises n'ont pas permis de vous authentifier."
#: forms.py:194 #: forms.py:182
msgid "User not found in the temporary database, please try to reconnect" msgid "User not found in the temporary database, please try to reconnect"
msgstr "" msgstr ""
"Utilisateur non trouvé dans la base de donnée temporaire, essayez de vous " "Utilisateur non trouvé dans la base de donnée temporaire, essayez de vous "
"reconnecter" "reconnecter"
#: forms.py:196
msgid "service"
msgstr "service"
#: management/commands/cas_clean_federate.py:20 #: management/commands/cas_clean_federate.py:20
msgid "Clean old federated users" msgid "Clean old federated users"
msgstr "Nettoyer les anciens utilisateurs fédéré" msgstr "Nettoyer les anciens utilisateurs fédéré"
...@@ -300,7 +300,11 @@ msgstr "" ...@@ -300,7 +300,11 @@ msgstr ""
msgid "Log me out from all my sessions" msgid "Log me out from all my sessions"
msgstr "Me déconnecter de toutes mes sessions" msgstr "Me déconnecter de toutes mes sessions"
#: templates/cas_server/logged.html:11 #: templates/cas_server/logged.html:14
msgid "Forget the identity provider"
msgstr "Oublier le fournisseur d'identité"
#: templates/cas_server/logged.html:18
msgid "Logout" msgid "Logout"
msgstr "Se déconnecter" msgstr "Se déconnecter"
...@@ -316,7 +320,7 @@ msgstr "Connexion" ...@@ -316,7 +320,7 @@ msgstr "Connexion"
msgid "Connect to the service" msgid "Connect to the service"
msgstr "Se connecter au service" msgstr "Se connecter au service"
#: views.py:165 #: views.py:168
msgid "" msgid ""
"<h3>Logout successful</h3>You have successfully logged out from the Central " "<h3>Logout successful</h3>You have successfully logged out from the Central "
"Authentication Service. For security reasons, exit your web browser." "Authentication Service. For security reasons, exit your web browser."
...@@ -325,7 +329,7 @@ msgstr "" ...@@ -325,7 +329,7 @@ msgstr ""
"d'Authentification. Pour des raisons de sécurité, veuillez fermer votre " "d'Authentification. Pour des raisons de sécurité, veuillez fermer votre "
"navigateur." "navigateur."
#: views.py:171 #: views.py:174
#, python-format #, python-format
msgid "" msgid ""
"<h3>Logout successful</h3>You have successfully logged out from %s sessions " "<h3>Logout successful</h3>You have successfully logged out from %s sessions "
...@@ -336,7 +340,7 @@ msgstr "" ...@@ -336,7 +340,7 @@ msgstr ""
"Service Central d'Authentification. Pour des raisons de sécurité, veuillez " "Service Central d'Authentification. Pour des raisons de sécurité, veuillez "
"fermer votre navigateur." "fermer votre navigateur."
#: views.py:178 #: views.py:181
msgid "" msgid ""
"<h3>Logout successful</h3>You were already logged out from the Central " "<h3>Logout successful</h3>You were already logged out from the Central "
"Authentication Service. For security reasons, exit your web browser." "Authentication Service. For security reasons, exit your web browser."
...@@ -345,7 +349,7 @@ msgstr "" ...@@ -345,7 +349,7 @@ msgstr ""
"d'Authentification. Pour des raisons de sécurité, veuillez fermer votre " "d'Authentification. Pour des raisons de sécurité, veuillez fermer votre "
"navigateur." "navigateur."
#: views.py:351 #: views.py:361
#, python-format #, python-format
msgid "" msgid ""
"Invalid response from your identity provider CAS upon ticket %(ticket)s " "Invalid response from your identity provider CAS upon ticket %(ticket)s "
...@@ -354,46 +358,46 @@ msgstr "" ...@@ -354,46 +358,46 @@ msgstr ""
"Réponse invalide du CAS du fournisseur d'identité lors de la validation du " "Réponse invalide du CAS du fournisseur d'identité lors de la validation du "
"ticket %(ticket)s: %(error)r" "ticket %(ticket)s: %(error)r"
#: views.py:472 #: views.py:483
msgid "Invalid login ticket, please retry to login" msgid "Invalid login ticket, please retry to login"
msgstr "Ticket de connexion invalide, merci de réessayé de vous connecter" msgstr "Ticket de connexion invalide, merci de réessayé de vous connecter"
#: views.py:652 #: views.py:675
#, python-format #, python-format
msgid "Authentication has been required by service %(name)s (%(url)s)" msgid "Authentication has been required by service %(name)s (%(url)s)"
msgstr "" msgstr ""
"Une demande d'authentification a été émise pour le service %(name)s " "Une demande d'authentification a été émise pour le service %(name)s "
"(%(url)s)." "(%(url)s)."
#: views.py:690 #: views.py:713
#, python-format #, python-format
msgid "Service %(url)s non allowed." msgid "Service %(url)s non allowed."
msgstr "le service %(url)s n'est pas autorisé." msgstr "le service %(url)s n'est pas autorisé."
#: views.py:697 #: views.py:720
msgid "Username non allowed" msgid "Username non allowed"
msgstr "Nom d'utilisateur non authorisé" msgstr "Nom d'utilisateur non authorisé"
#: views.py:704 #: views.py:727
msgid "User characteristics non allowed" msgid "User characteristics non allowed"
msgstr "Caractéristique utilisateur non autorisée" msgstr "Caractéristique utilisateur non autorisée"
#: views.py:711 #: views.py:734
#, python-format #, python-format
msgid "The attribute %(field)s is needed to use that service" msgid "The attribute %(field)s is needed to use that service"
msgstr "L'attribut %(field)s est nécessaire pour se connecter à ce service" msgstr "L'attribut %(field)s est nécessaire pour se connecter à ce service"
#: views.py:801 #: views.py:824
#, python-format #, python-format
msgid "Authentication renewal required by service %(name)s (%(url)s)." msgid "Authentication renewal required by service %(name)s (%(url)s)."
msgstr "Demande de réauthentification pour le service %(name)s (%(url)s)." msgstr "Demande de réauthentification pour le service %(name)s (%(url)s)."
#: views.py:808 #: views.py:831
#, python-format #, python-format
msgid "Authentication required by service %(name)s (%(url)s)." msgid "Authentication required by service %(name)s (%(url)s)."
msgstr "Authentification requise par le service %(name)s (%(url)s)." msgstr "Authentification requise par le service %(name)s (%(url)s)."
#: views.py:815 #: views.py:838
#, python-format #, python-format
msgid "Service %s non allowed" msgid "Service %s non allowed"
msgstr "Le service %s n'est pas autorisé" msgstr "Le service %s n'est pas autorisé"
......
...@@ -8,6 +8,13 @@ ...@@ -8,6 +8,13 @@
<input type="checkbox" name="all" value="1">{% trans "Log me out from all my sessions" %} <input type="checkbox" name="all" value="1">{% trans "Log me out from all my sessions" %}
</label> </label>
</div> </div>
{% if settings.CAS_FEDERATE and request.COOKIES.remember_provider %}
<div class="checkbox">
<label>
<input type="checkbox" name="forget_provider" value="1">{% trans "Forget the identity provider" %}
</label>
</div>
{% endif %}
<button class="btn btn-danger btn-block btn-lg" type="submit">{% trans "Logout" %}</button> <button class="btn btn-danger btn-block btn-lg" type="submit">{% trans "Logout" %}</button>
</form> </form>
{% endblock %} {% endblock %}
......
...@@ -128,8 +128,8 @@ class FederateAuthLoginLogoutTestCase( ...@@ -128,8 +128,8 @@ class FederateAuthLoginLogoutTestCase(
{'ticket': ticket, 'remember': 'on' if remember else ''} {'ticket': ticket, 'remember': 'on' if remember else ''}
) )
if remember: if remember:
self.assertIn("_remember_provider", client.cookies) self.assertIn("remember_provider", client.cookies)
self.assertEqual(client.cookies["_remember_provider"].value, provider.suffix) self.assertEqual(client.cookies["remember_provider"].value, provider.suffix)
self.assertEqual(response.status_code, 302) self.assertEqual(response.status_code, 302)
self.assertEqual(response["Location"], "%s/login" % ( self.assertEqual(response["Location"], "%s/login" % (
'http://testserver' if django.VERSION < (1, 9) else "" 'http://testserver' if django.VERSION < (1, 9) else ""
......
...@@ -147,9 +147,12 @@ class LogoutView(View, LogoutMixin): ...@@ -147,9 +147,12 @@ class LogoutView(View, LogoutMixin):
# current querystring # current querystring
if settings.CAS_FEDERATE: if settings.CAS_FEDERATE:
if auth is not None: if auth is not None:
params = utils.copy_params(request.GET) params = utils.copy_params(request.GET, ignore={"forget_provider"})
url = auth.get_logout_url() url = auth.get_logout_url()
return HttpResponseRedirect(utils.update_url(url, params)) response = HttpResponseRedirect(utils.update_url(url, params))
if request.GET.get("forget_provider"):
response.delete_cookie("remember_provider")
return response
# if service is set, redirect to service after logout # if service is set, redirect to service after logout
if self.service: if self.service:
list(messages.get_messages(request)) # clean messages before leaving the django app list(messages.get_messages(request)) # clean messages before leaving the django app
...@@ -331,7 +334,7 @@ class FederateAuth(View): ...@@ -331,7 +334,7 @@ class FederateAuth(View):
max_age = settings.CAS_FEDERATE_REMEMBER_TIMEOUT max_age = settings.CAS_FEDERATE_REMEMBER_TIMEOUT
utils.set_cookie( utils.set_cookie(
response, response,
"_remember_provider", "remember_provider",
provider.suffix, provider.suffix,
max_age max_age
) )
...@@ -360,7 +363,7 @@ class FederateAuth(View): ...@@ -360,7 +363,7 @@ class FederateAuth(View):
) % {'ticket': ticket, 'error': error} ) % {'ticket': ticket, 'error': error}
) )
response = redirect("cas_server:login") response = redirect("cas_server:login")
response.delete_cookie("_remember_provider") response.delete_cookie("remember_provider")
return response return response
except FederatedIendityProvider.DoesNotExist: except FederatedIendityProvider.DoesNotExist:
logger.warning("Identity provider suffix %s not found" % provider) logger.warning("Identity provider suffix %s not found" % provider)
...@@ -855,16 +858,16 @@ class LoginView(View, LogoutMixin): ...@@ -855,16 +858,16 @@ class LoginView(View, LogoutMixin):
) )
else: else:
if ( if (
self.request.COOKIES.get('_remember_provider') and self.request.COOKIES.get('remember_provider') and
FederatedIendityProvider.objects.filter( FederatedIendityProvider.objects.filter(
suffix=self.request.COOKIES['_remember_provider'] suffix=self.request.COOKIES['remember_provider']
) )
): ):
params = utils.copy_params(self.request.GET) params = utils.copy_params(self.request.GET)
url = utils.reverse_params( url = utils.reverse_params(
"cas_server:federateAuth", "cas_server:federateAuth",
params=params, params=params,
kwargs=dict(provider=self.request.COOKIES['_remember_provider']) kwargs=dict(provider=self.request.COOKIES['remember_provider'])
) )
return HttpResponseRedirect(url) return HttpResponseRedirect(url)
else: else:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment