[FIX] auth_totp: Firefox support

* Fix #908, a Firefox MFA login error, by adding logic that checks for the Firefox edge case where redirect_with_hash returns a Response object rather than a string * Add test case for this scenario
7 years ago · b5d18128c0
2 changed files with 22 additions and 1 deletions
--- a/auth_totp/controllers/main.py
+++ b/auth_totp/controllers/main.py
@ -5,6 +5,7 @@
 from datetime import datetime, timedelta
 import json
 from werkzeug.contrib.securecookie import SecureCookie
+from werkzeug.wrappers import Response as WerkzeugResponse
 from openerp import _, http, registry, SUPERUSER_ID
 from openerp.api import Environment
 from openerp.http import Response, request
@ -139,7 +140,9 @@ class AuthTotp(Home):
        redirect = request.params.get('redirect')
        if not redirect:
            redirect = '/web'
-        response = Response(http.redirect_with_hash(redirect))
+        response = http.redirect_with_hash(redirect)
+        if not isinstance(response, WerkzeugResponse):
+            response = Response(response)

        if request.params.get('remember_device'):
            device = device_model_sudo.create({'user_id': user.id})
--- a/auth_totp/tests/test_main.py
+++ b/auth_totp/tests/test_main.py
@ -15,6 +15,7 @@ JSON_PATH = CONTROLLER_PATH + '.JsonSecureCookie'
 ENVIRONMENT_PATH = CONTROLLER_PATH + '.Environment'
 RESPONSE_PATH = CONTROLLER_PATH + '.Response'
 DATETIME_PATH = CONTROLLER_PATH + '.datetime'
+REDIRECT_PATH = CONTROLLER_PATH + '.http.redirect_with_hash'
 TRANSLATE_PATH_CONT = CONTROLLER_PATH + '._'
 MODEL_PATH = 'openerp.addons.auth_totp.models.res_users'
 GENERATE_PATH = MODEL_PATH + '.ResUsers.generate_mfa_login_token'
@ -391,3 +392,20 @@ class TestAuthTotp(TransactionCase):

        new_test_security = resp_mock().set_cookie.mock_calls[0][2]['secure']
        self.assertIs(new_test_security, True)
+
+    @mock.patch(REDIRECT_PATH)
+    @mock.patch(GENERATE_PATH)
+    @mock.patch(VALIDATE_PATH)
+    def test_mfa_login_post_firefox_response_returned(
+        self, val_mock, gen_mock, redirect_mock, request_mock
+    ):
+        '''Should behave well if redirect returns Response (Firefox case)'''
+        request_mock.env = self.env
+        request_mock.db = self.registry.db_name
+        redirect_mock.return_value = Response('Test Response')
+        test_token = self.test_user.mfa_login_token
+        request_mock.params = {'mfa_login_token': test_token}
+        val_mock.return_value = True
+
+        test_result = self.test_controller.mfa_login_post()
+        self.assertIn('Test Response', test_result.response)