Skip to content

Commit

Permalink
ensure redirect to index if no justice id regardless of route hit (#1283
Browse files Browse the repository at this point in the history
)

* ensure redirect to index if no justice id regardless of route hit

* updated code based on Michaels suggestions

* added unit tests for success url property
  • Loading branch information
jamesstottmoj authored Apr 9, 2024
1 parent edc2834 commit 29036d2
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 0 deletions.
9 changes: 9 additions & 0 deletions controlpanel/oidc.py
Original file line number Diff line number Diff line change
Expand Up @@ -65,13 +65,22 @@ def verify_claims(self, claims):


class StateMismatchHandler(OIDCAuthenticationCallbackView):

def get(self, *args, **kwargs):
try:
return super().get(*args, **kwargs)
except SuspiciousOperation as e:
log.warning(f"Caught {e}: redirecting to login")
return HttpResponseRedirect(settings.LOGIN_REDIRECT_URL_FAILURE)

@property
def success_url(self):

if not self.user.justice_email:
return reverse("index")

return super().success_url


def logout(request):
params = urlencode(
Expand Down
21 changes: 21 additions & 0 deletions tests/test_oidc.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
import pytest
from controlpanel.oidc import StateMismatchHandler
from unittest.mock import Mock


@pytest.mark.parametrize(
"email, success_url",
[
("", "/"),
("[email protected]", "/tools/"),
],
)
def test_success_url(users, email, success_url):
request = Mock()
request.session.get.return_value = "/tools/"
user = users["normal_user"]
user.justice_email = email
view = StateMismatchHandler()
view.request = request
view.user = user
assert view.success_url == success_url

0 comments on commit 29036d2

Please sign in to comment.