Mercurial Mercurial > pub > hg > cubicweb / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018 stable
authorSylvain Thénault <sylvain.thenault@logilab.fr>
Wed, 18 Jul 2012 15:58:20 +0200
branchstable
changeset 8470 a85e107947e6
parent 8468 f52bb4226020
child 8471 05992aa3fc0d
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
web/application.py file | annotate | diff | comparison | revisions 
--- a/web/application.py	Tue Jul 10 15:32:40 2012 +0200
+++ b/web/application.py	Wed Jul 18 15:58:20 2012 +0200
@@ -381,6 +381,9 @@
                     content = self.loggedout_content(req)
                     # let the explicitly reset http credential
                     raise AuthenticationError()
+        except Redirect, ex:
+            # authentication needs redirection (eg openid)
+            content = self.redirect_handler(req, ex)
         # Wrong, absent or Reseted credential
         except AuthenticationError:
             # If there is an https url configured and
@@ -445,17 +448,9 @@
                 result = ex.content
                 req.status_out = ex.status
             except Redirect, ex:
-                # handle redirect
-                # - comply to ex status
-                # - set header field
-                #
-                # Redirect Maybe be is raised by edit controller when
-                # everything went fine, so try to commit
-                self.debug('redirecting to %s', str(ex.location))
-                req.headers_out.setHeader('location', str(ex.location))
-                assert 300<= ex.status < 400
-                req.status_out = ex.status
-                result = ''
+                # Redirect may be raised by edit controller when everything went
+                # fine, so attempt to commit
+                result = self.redirect_handler(req, ex)
             if req.cnx:
                 txuuid = req.cnx.commit()
                 commited = True
@@ -501,7 +496,20 @@
         self.debug('query %s executed in %s sec', req.relative_path(), clock() - tstart)
         return result
 
-    ### Error handler
+    # Error handlers
+
+    def redirect_handler(self, req, ex):
+        """handle redirect
+        - comply to ex status
+        - set header field
+        - return empty content
+        """
+        self.debug('redirecting to %s', str(ex.location))
+        req.headers_out.setHeader('location', str(ex.location))
+        assert 300 <= ex.status < 400
+        req.status_out = ex.status
+        return ''
+
     def validation_error_handler(self, req, ex):
         ex.errors = dict((k, v) for k, v in ex.errors.items())
         if '__errorurl' in req.form:
@@ -551,8 +559,6 @@
             req.build_url('undo', txuuid=txuuid), req._('undo'))
             req.append_to_redirect_message(msg)
 
-
-
     def ajax_error_handler(self, req, ex):
         req.set_header('content-type', 'application/json')
         status = ex.status
cubicweb