From 03b1a67b446cc1b73b097131782e5b4a984dda0e Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Fri, 19 Jun 2020 20:33:35 +0200
Subject: [PATCH] flows: change wording of consent on flows
---
e2e/test_provider_oidc.py | 17 +++++++++++------
.../flows/migrations/0005_provider_flows.py | 12 ++++++------
passbook/flows/planner.py | 1 +
passbook/providers/oidc/views.py | 5 +++--
passbook/stages/consent/stage.py | 6 +++---
5 files changed, 24 insertions(+), 17 deletions(-)
diff --git a/e2e/test_provider_oidc.py b/e2e/test_provider_oidc.py
index ad9fef526..0c16c739d 100644
--- a/e2e/test_provider_oidc.py
+++ b/e2e/test_provider_oidc.py
@@ -77,6 +77,7 @@ class TestProviderOIDC(StaticLiveServerTestCase):
def test_redirect_uri_error(self):
"""test OpenID Provider flow (invalid redirect URI, check error message)"""
+ sleep(1)
# Bootstrap all needed objects
authorization_flow = Flow.objects.get(slug="default-provider-authorization")
client = Client.objects.create(
@@ -113,10 +114,13 @@ class TestProviderOIDC(StaticLiveServerTestCase):
"Redirect URI Error",
)
- def test_authorization_no_consent(self):
- """test OpenID Provider flow (default authorization flow without consent)"""
+ def test_authorization_consent_implied(self):
+ """test OpenID Provider flow (default authorization flow with implied consent)"""
+ sleep(1)
# Bootstrap all needed objects
- authorization_flow = Flow.objects.get(slug="default-provider-authorization")
+ authorization_flow = Flow.objects.get(
+ slug="default-provider-authorization-implicit-consent"
+ )
client = Client.objects.create(
name="grafana",
client_type="confidential",
@@ -174,11 +178,12 @@ class TestProviderOIDC(StaticLiveServerTestCase):
"root@localhost",
)
- def test_authorization_consent(self):
- """test OpenID Provider flow (default authorization flow with consent)"""
+ def test_authorization_consent_explicit(self):
+ """test OpenID Provider flow (default authorization flow with explicit consent)"""
+ sleep(1)
# Bootstrap all needed objects
authorization_flow = Flow.objects.get(
- slug="default-provider-authorization-consent"
+ slug="default-provider-authorization-explicit-consent"
)
client = Client.objects.create(
name="grafana",
diff --git a/passbook/flows/migrations/0005_provider_flows.py b/passbook/flows/migrations/0005_provider_flows.py
index a197d0532..007f29475 100644
--- a/passbook/flows/migrations/0005_provider_flows.py
+++ b/passbook/flows/migrations/0005_provider_flows.py
@@ -17,17 +17,17 @@ def create_default_provider_authz_flow(
db_alias = schema_editor.connection.alias
- # Empty flow for providers where no consent is needed
+ # Empty flow for providers where consent is implicitly given
Flow.objects.create(
- name="default-provider-authorization",
- slug="default-provider-authorization",
+ name="Authorize Application",
+ slug="default-provider-authorization-implicit-consent",
designation=FlowDesignation.AUTHORIZATION,
)
- # Flow with consent form to obtain user consent for authorization
+ # Flow with consent form to obtain explicit user consent
flow = Flow.objects.create(
- name="default-provider-authorization-consent",
- slug="default-provider-authorization-consent",
+ name="Authorize Application",
+ slug="default-provider-authorization-explicit-consent",
designation=FlowDesignation.AUTHORIZATION,
)
stage = ConsentStage.objects.create(name="default-provider-authorization-consent")
diff --git a/passbook/flows/planner.py b/passbook/flows/planner.py
index f91bc08da..aee17ecd9 100644
--- a/passbook/flows/planner.py
+++ b/passbook/flows/planner.py
@@ -59,6 +59,7 @@ class FlowPlan:
self.markers.remove(marker)
if not self.has_stages:
return None
+ # pylint: disable=not-callable
return self.next()
return marked_stage
diff --git a/passbook/providers/oidc/views.py b/passbook/providers/oidc/views.py
index 1cddbe524..b537222ed 100644
--- a/passbook/providers/oidc/views.py
+++ b/passbook/providers/oidc/views.py
@@ -1,5 +1,4 @@
"""passbook OIDC Views"""
-from passbook.stages.consent.stage import PLAN_CONTEXT_CONSENT_TEMPLATE
from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin
from django.http import HttpRequest, HttpResponse, JsonResponse
@@ -24,12 +23,14 @@ from passbook.flows.stage import StageView
from passbook.flows.views import SESSION_KEY_PLAN
from passbook.lib.utils.urls import redirect_with_qs
from passbook.providers.oidc.models import OpenIDProvider
+from passbook.stages.consent.stage import PLAN_CONTEXT_CONSENT_TEMPLATE
LOGGER = get_logger()
PLAN_CONTEXT_PARAMS = "params"
PLAN_CONTEXT_SCOPES = "scopes"
+
class AuthorizationFlowInitView(AccessMixin, LoginRequiredMixin, View):
"""OIDC Flow initializer, checks access to application and starts flow"""
@@ -61,7 +62,7 @@ class AuthorizationFlowInitView(AccessMixin, LoginRequiredMixin, View):
PLAN_CONTEXT_APPLICATION: application,
PLAN_CONTEXT_PARAMS: endpoint.params,
PLAN_CONTEXT_SCOPES: endpoint.get_scopes_information(),
- PLAN_CONTEXT_CONSENT_TEMPLATE: "providers/oidc/consent.html"
+ PLAN_CONTEXT_CONSENT_TEMPLATE: "providers/oidc/consent.html",
},
)
plan.append(in_memory_stage(OIDCStage))
diff --git a/passbook/stages/consent/stage.py b/passbook/stages/consent/stage.py
index fc9afdf14..3a1fa14a2 100644
--- a/passbook/stages/consent/stage.py
+++ b/passbook/stages/consent/stage.py
@@ -1,5 +1,5 @@
"""passbook consent stage"""
-from typing import List, Dict, Any
+from typing import Any, Dict, List
from django.views.generic import FormView
@@ -16,8 +16,8 @@ class ConsentStage(FormView, StageView):
def get_context_data(self, **kwargs: Dict[str, Any]) -> Dict[str, Any]:
kwargs = super().get_context_data(**kwargs)
- kwargs['current_stage'] = self.executor.current_stage
- kwargs['context'] = self.executor.plan.context
+ kwargs["current_stage"] = self.executor.current_stage
+ kwargs["context"] = self.executor.plan.context
return kwargs
def get_template_names(self) -> List[str]: