Commit 0584d544 authored by Jérome Perrin's avatar Jérome Perrin

ERP5ExternalOauth2ExtractionPlugin: document a bit how this plugin and...

ERP5ExternalOauth2ExtractionPlugin: document a bit how this plugin and ERP5LoginUserManager interact
parent 8eb191f7
...@@ -146,7 +146,7 @@ class ERP5ExternalOauth2ExtractionPlugin: ...@@ -146,7 +146,7 @@ class ERP5ExternalOauth2ExtractionPlugin:
'No Base_createOauth2User script available, install ' 'No Base_createOauth2User script available, install '
'erp5_credential_oauth2, disabled authentication.') 'erp5_credential_oauth2, disabled authentication.')
return DumbHTTPExtractor().extractCredentials(request) return DumbHTTPExtractor().extractCredentials(request)
creds, user_dict = {"login_portal_type": self.login_portal_type}, None
cookie_hash = request.get(self.cookie_name) cookie_hash = request.get(self.cookie_name)
if cookie_hash is not None: if cookie_hash is not None:
try: try:
...@@ -188,7 +188,7 @@ class ERP5ExternalOauth2ExtractionPlugin: ...@@ -188,7 +188,7 @@ class ERP5ExternalOauth2ExtractionPlugin:
newSecurityManager(self, self.getUser(ERP5Security.SUPER_USER)) newSecurityManager(self, self.getUser(ERP5Security.SUPER_USER))
try: try:
self.REQUEST['USER_CREATION_IN_PROGRESS'] = user_dict self.REQUEST['USER_CREATION_IN_PROGRESS'] = user_dict
user_entry["login_portal_type"] = creds["login_portal_type"] user_entry["login_portal_type"] = self.login_portal_type
# user_id is optional. # user_id is optional.
# It is only used to create Google Login under a pre-existing person # It is only used to create Google Login under a pre-existing person
user_entry["user_id"] = user_dict.get("user_id") user_entry["user_id"] = user_dict.get("user_id")
...@@ -205,7 +205,15 @@ class ERP5ExternalOauth2ExtractionPlugin: ...@@ -205,7 +205,15 @@ class ERP5ExternalOauth2ExtractionPlugin:
except KeyError: except KeyError:
# allow to work w/o cache # allow to work w/o cache
pass pass
creds['external_login'] = user
# Credentials returned here will be used by ERP5LoginUserManager to find the login document
# having reference `user`.
creds = {
"login_portal_type": self.login_portal_type,
"external_login": user
}
# PAS wants remote_host / remote_address
creds['remote_host'] = request.get('REMOTE_HOST', '') creds['remote_host'] = request.get('REMOTE_HOST', '')
try: try:
creds['remote_address'] = request.getClientAddr() creds['remote_address'] = request.getClientAddr()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment