OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

[FIX] auth_totp: Firefox support 

* Fix Firefox MFA login error by adding logic that checks for the Firefox edge
case where redirect_with_hash returns a Response object rather than a string
* Add test case for this scenario
pull/703/head
Oleg Bulkin 8 years ago
parent
b5fc807dbf
commit
87f5d89f78
2 changed files with 22 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      auth_totp/controllers/main.py
  2. 18
      auth_totp/tests/test_main.py

5
auth_totp/controllers/main.py
View File

@ -5,6 +5,7 @@
from datetime import datetime, timedelta from datetime import datetime, timedelta
import json import json
from werkzeug.contrib.securecookie import SecureCookie from werkzeug.contrib.securecookie import SecureCookie
from werkzeug.wrappers import Response as WerkzeugResponse
from odoo import _, http, registry, SUPERUSER_ID from odoo import _, http, registry, SUPERUSER_ID
from odoo.api import Environment from odoo.api import Environment
from odoo.http import Response, request from odoo.http import Response, request
@ -139,7 +140,9 @@ class AuthTotp(Home):
redirect = request.params.get('redirect') redirect = request.params.get('redirect')
if not redirect: if not redirect:
redirect = '/web' redirect = '/web'
response = Response(http.redirect_with_hash(redirect))
response = http.redirect_with_hash(redirect)
if not isinstance(response, WerkzeugResponse):
response = Response(response)
if request.params.get('remember_device'): if request.params.get('remember_device'):
device = device_model_sudo.create({'user_id': user.id}) device = device_model_sudo.create({'user_id': user.id})

18
auth_totp/tests/test_main.py
View File

@ -15,6 +15,7 @@ JSON_PATH = CONTROLLER_PATH + '.JsonSecureCookie'
ENVIRONMENT_PATH = CONTROLLER_PATH + '.Environment' ENVIRONMENT_PATH = CONTROLLER_PATH + '.Environment'
RESPONSE_PATH = CONTROLLER_PATH + '.Response' RESPONSE_PATH = CONTROLLER_PATH + '.Response'
DATETIME_PATH = CONTROLLER_PATH + '.datetime' DATETIME_PATH = CONTROLLER_PATH + '.datetime'
REDIRECT_PATH = CONTROLLER_PATH + '.http.redirect_with_hash'
TRANSLATE_PATH_CONT = CONTROLLER_PATH + '._' TRANSLATE_PATH_CONT = CONTROLLER_PATH + '._'
MODEL_PATH = 'odoo.addons.auth_totp.models.res_users' MODEL_PATH = 'odoo.addons.auth_totp.models.res_users'
GENERATE_PATH = MODEL_PATH + '.ResUsers.generate_mfa_login_token' GENERATE_PATH = MODEL_PATH + '.ResUsers.generate_mfa_login_token'
@ -391,3 +392,20 @@ class TestAuthTotp(TransactionCase):
new_test_security = resp_mock().set_cookie.mock_calls[0][2]['secure'] new_test_security = resp_mock().set_cookie.mock_calls[0][2]['secure']
self.assertIs(new_test_security, True) self.assertIs(new_test_security, True)
@mock.patch(REDIRECT_PATH)
@mock.patch(GENERATE_PATH)
@mock.patch(VALIDATE_PATH)
def test_mfa_login_post_firefox_response_returned(
self, val_mock, gen_mock, redirect_mock, request_mock
):
'''Should behave well if redirect returns Response (Firefox case)'''
request_mock.env = self.env
request_mock.db = self.registry.db_name
redirect_mock.return_value = Response('Test Response')
test_token = self.test_user.mfa_login_token
request_mock.params = {'mfa_login_token': test_token}
val_mock.return_value = True
test_result = self.test_controller.mfa_login_post()
self.assertIn('Test Response', test_result.response)
Write Preview
Loading…
Cancel
Save