Fix OAuthRedirection for hawthorn (#14)

* Fix OAuthRedirection on hawthorn * Fix hardcode URLs redirection of dashboard, courses_list and user account * Rewrite request path checking * Rewrite CUSTOM_OAUTH_PARAMS settings in OAuthRedirection
raccoongang · Jun 26, 2019 · 54395fe · 54395fe
1 parent 7f9ca0e
commit 54395fe
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 18 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # edx_oauth_client
 SSO Generic Client for OAuth Identity Provider (ID).
-### Instalation guide
+### Installation guide
  - Setup your ID site as OAuth2 server. Add client for OpenEdx
 Redirect uri must be **http://<edx_url>/auth/complete/custom-oauth2/**
 
@@ -28,14 +28,16 @@ Redirect uri must be **http://<edx_url>/auth/complete/custom-oauth2/**
         "PROVIDER_ID_KEY": "<unique identifier>",
         "PROVIDER_NAME": "custom-oauth2",
         "USER_DATA_URL": "/api/v0/users/me",
-        "COOKIE_NAME": "cookie_name" # If you're want seamless authorization
+        "COOKIE_NAME": "cookie_name", # If you're want seamless authorization
+        "COURSES_LIST_URL_PATH": "courses",  # write if course_list redirection is needed
+        "USER_ACCOUNT_URL_PATH": "account",  # write if user account redirection is needed
+        "DASHBOARD_URL_PATH": "user"  # write if dashboard redirection is needed
     },
     
     "THIRD_PARTY_AUTH_BACKENDS":["edx_oauth_client.backends.generic_oauth_client.GenericOAuthBackend"],
     ```
 
- - `CUSTOM_OAUTH_PARAMS` should be added to the `lms/envs/common.py` if
-    it is not supored by used OpenEdx.
+ - `CUSTOM_OAUTH_PARAMS` should be added to the `lms/envs/aws.py` if it is not supported by used OpenEdx.
     ```
     if FEATURES.get('ENABLE_THIRD_PARTY_AUTH'):
         CUSTOM_OAUTH_PARAMS = ENV_TOKENS.get('CUSTOM_OAUTH_PARAMS', {})
@@ -55,15 +57,18 @@ Redirect uri must be **http://<edx_url>/auth/complete/custom-oauth2/**
  SeamlessAuthorization (crossdomain cookie support needed).
  In the `edx/app/edxapp/lms.env.json` file.
    ```
-   "EXTRA_MIDDLEWARE_CLASSES": ["edx_oauth_client.middleware.SeamlessAuthorization"]
+    "EXTRA_MIDDLEWARE_CLASSES": [
+        "edx_oauth_client.middleware.SeamlessAuthorization",
+        "edx_oauth_client.middleware.OAuthRedirection"
+    ],
    ```
 
  - If SeamlessAuthorization shouldn't to work for Django administration add in `lms/envs/common.py`
    ```
    SOCIAL_AUTH_EXCLUDE_URL_PATTERN = r'^/admin'
    ```
 
-   This feature requers to update you SSO Provider site's behaviour:
+   This feature requires to update you SSO Provider site's behaviour:
 
    Create multi-domain cookie `cookie_name` with the unique value for each user if user is logged in.
    And delete these cookie on logout.

diff --git a/edx_oauth_client/middleware.py b/edx_oauth_client/middleware.py
@@ -69,7 +69,13 @@ def process_request(self, request):
         """
         Redirect to PLP for pages that have duplicated functionality on PLP.
         """
-        PROVIDER_URL = settings.get('CUSTOM_OAUTH_PARAMS', {}).get("PROVIDER_URL", "")
+        CUSTOM_OAUTH_PARAMS = settings.CUSTOM_OAUTH_PARAMS if hasattr(settings, 'CUSTOM_OAUTH_PARAMS') else {}
+        PROVIDER_URL = CUSTOM_OAUTH_PARAMS.get("PROVIDER_URL", "")
+
+        COURSES_LIST_URL_PATH = CUSTOM_OAUTH_PARAMS.get("COURSES_LIST_URL_PATH")
+        USER_ACCOUNT_URL_PATH = CUSTOM_OAUTH_PARAMS.get("USER_ACCOUNT_URL_PATH")
+        DASHBOARD_URL_PATH = CUSTOM_OAUTH_PARAMS.get("DASHBOARD_URL_PATH")
+
         current_url = request.get_full_path()
         if current_url:
             start_url = current_url.split('?')[0].split('/')[1]
@@ -95,9 +101,9 @@ def process_request(self, request):
             debug_handle_local_urls = ('debug', settings.STATIC_URL, settings.MEDIA_URL)
             handle_local_urls += debug_handle_local_urls
 
-        if request.path == "/dashboard/" or request.path == "/dashboard":
-            if is_auth:
-                return redirect(os.path.join(PROVIDER_URL, 'members', request.user.username))
+        if request.path in ("/dashboard/", "/dashboard"):
+            if is_auth and DASHBOARD_URL_PATH:
+                return redirect(os.path.join(PROVIDER_URL, DASHBOARD_URL_PATH))
             else:
                 return redirect(PROVIDER_URL)
 
@@ -113,20 +119,19 @@ def process_request(self, request):
         if r.match(current_url):
             is_courses_list_or_about_page = True
 
-        if request.path == "/courses/" or request.path == "/courses":
-            return redirect(os.path.join(PROVIDER_URL, 'courses'))
+        if COURSES_LIST_URL_PATH and request.path in ("/courses/", "/courses"):
+            return redirect(os.path.join(PROVIDER_URL, COURSES_LIST_URL_PATH))
 
-        if request.path.startswith(
-                '/u/') or request.path == "/account/settings/" or request.path == "/account/settings":
-            if is_auth:
-                return redirect(os.path.join(PROVIDER_URL, 'members', request.user.username, 'profile'))
+        if request.path.startswith('/u/') or request.path in ("/account/settings/", "/account/settings"):
+            if is_auth and USER_ACCOUNT_URL_PATH:
+                return redirect(os.path.join(PROVIDER_URL, USER_ACCOUNT_URL_PATH))
             else:
                 return redirect(PROVIDER_URL)
 
         if start_url not in handle_local_urls or is_courses_list_or_about_page:
             if start_url.split('?')[0] not in handle_local_urls:
-                drupal_url = PROVIDER_URL.rstrip("/") + "/"
-                return redirect("%s%s" % (drupal_url, current_url))
+                provider_url = PROVIDER_URL.rstrip("/") + "/"
+                return redirect("%s%s" % (provider_url, current_url))
 
         if not is_auth and start_url not in auth_process_urls and start_url not in api_urls:
             request.session['force_auth'] = True