Skip to content

[IMP] auth_saml nicer handling of logout and autoredirect #503

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 21, 2023
Merged

[IMP] auth_saml nicer handling of logout and autoredirect #503

merged 1 commit into from
Apr 21, 2023

Conversation

gurneyalex
Copy link
Member

When autoredirect is enabled, but some technical accounts have a normal
password authentication setup, it can be difficult to access them as
logging out of a session will trigger the autoredirect feature.

We change this by overriding the logout redirection so that it sets the
disable_autoredirect parameter -> this way the user will get redirected
to the normal signin screen.

@gurneyalex gurneyalex added this to the 15.0 milestone Apr 12, 2023
gurneyalex
gurneyalex commented Apr 12, 2023
View reviewed changes
auth_saml/controllers/main.py

class Session(WebSession):
@http.route("/web/session/logout", type="http", auth="none")
def logout(self, redirect="/web/login"):
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm wondering if I should not just say

Suggested change
def logout(self, redirect="/web/login"):
def logout(self, redirect="/web/login?disable_autoredirect="):

and simply return super().logout(redirect)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hello @gurneyalex , reading the doc https://github.com/OCA/server-auth/blob/15.0/auth_saml/README.rst#configuration I think we could try to test it and have an answer

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've tried this variant, seems we have the same expected result

@gurneyalex
[IMP] auth_saml nicer handling of logout and autoredirect
0f552d5 
When autoredirect is enabled, but some technical accounts have a normal
password authentication setup, it can be difficult to access them as
logging out of a session will trigger the autoredirect feature.

We change this by overriding the logout redirection so that it sets the
disable_autoredirect parameter -> this way the user will get redirected
to the normal signin screen.
@gurneyalex
Copy link
Member Author

/ocabot merge minor

@OCA-git-bot
Copy link
Contributor

Hey, thanks for contributing! Proceeding to merge this for you.
Prepared branch 15.0-ocabot-merge-pr-503-by-gurneyalex-bump-minor, awaiting test results.

@OCA-git-bot OCA-git-bot merged commit 4b70756 into OCA:15.0 Apr 21, 2023
@OCA-git-bot
Copy link
Contributor

Congratulations, your PR was merged at 7b6211f. Thanks a lot for contributing to OCA. ❤️

SiesslPhillip pushed a commit to grueneerde/OCA-server-auth that referenced this pull request Nov 20, 2024
@bt-admin
Merge pull request OCA#503 from OCA/17.0
8ef8b0b 
Syncing from upstream OCA/server-auth (17.0)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
2 more reviewers

@yankinmax yankinmax yankinmax approved these changes

@ivantodorovich ivantodorovich ivantodorovich approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
approved merged 🎉
Projects
None yet
Milestone
15.0
Development

Successfully merging this pull request may close these issues.
4 participants
@gurneyalex @OCA-git-bot @ivantodorovich @yankinmax