Merge tag 'debian/0.6.7-1_swh1' into debian/buster-swh

PKG-INFO

 Metadata-Version: 2.1
 Name: swh.auth
-Version: 0.6.6
+Version: 0.6.7
 Summary: Software Heritage Authentication Utilities
 Home-page: https://forge.softwareheritage.org/source/swh-auth/
 Author: Software Heritage developers

debian/changelog

-swh-auth (0.6.6-1~swh1~bpo10+1) buster-swh; urgency=medium
+swh-auth (0.6.7-1~swh1) unstable-swh; urgency=medium
 
-  * Rebuild for buster-swh
+  * New upstream release 0.6.7     - (tagged by Antoine Lambert
+    <anlambert@softwareheritage.org> on 2022-09-13 10:48:31 +0200)
+  * Upstream changes:     - version 0.6.7
 
- -- Software Heritage autobuilder (on jenkins-debian1) <jenkins@jenkins-debian1.internal.softwareheritage.org>  Fri, 15 Jul 2022 14:19:38 +0000
+ -- Software Heritage autobuilder (on jenkins-debian1) <jenkins@jenkins-debian1.internal.softwareheritage.org>  Tue, 13 Sep 2022 08:52:55 +0000
 
 swh-auth (0.6.6-1~swh1) unstable-swh; urgency=medium
 

docs/django.rst

@@ -91,7 +91,7 @@ dedicated Django views are available in ``swh-auth``:
 
 - ``oidc-login`` (``/oidc/login/`` URL path): initiate authentication flow
 
-- ``oidc-logout`` (``/oidc/logout/`` URL path): terminate OIDC user session, a ``next_path``
+- ``oidc-logout`` (``/oidc/logout/`` URL path): terminate OIDC user session, a ``next``
   query parameter can be used to redirect to a view of choice once a user is logged out
 
 Add ``swh.auth.django.views.urlpatterns`` to your Django application URLs to use them.
@@ -110,7 +110,7 @@ In that case it redirects to a Django view whose name is set in the
 
 The following query parameter will be set for that view:
 
-- ``next_path``: requested URL before the detection of the OIDC session expiration
+- ``next``: requested URL before the detection of the OIDC session expiration
 
 - ``remote_user``: indicates that the user was previously authenticated with OIDC
 

swh.auth.egg-info/PKG-INFO

 Metadata-Version: 2.1
 Name: swh.auth
-Version: 0.6.6
+Version: 0.6.7
 Summary: Software Heritage Authentication Utilities
 Home-page: https://forge.softwareheritage.org/source/swh-auth/
 Author: Software Heritage developers

swh/auth/django/backends.py

@@ -75,7 +75,7 @@ class OIDCAuthorizationCodePKCEBackend:
           application views
 
         * once a user is logged in, add an HTML link targeting the ``"oidc-logout"``
-          django view in your application views (a ``next_path`` query parameter
+          django view in your application views (a ``next`` query parameter
           can be used to redirect to a view of choice once the user is logged out)
 
     """

swh/auth/django/middlewares.py

@@ -23,7 +23,7 @@ class OIDCSessionExpiredMiddleware:
 
     The following query parameter will be set for that view:
 
-      * ``next_path``: requested URL before the detection of the session expiration
+      * ``next``: requested URL before the detection of the session expiration
       * ``remote_user``: indicates that the user was previously authenticated with OIDC
 
     """
@@ -61,8 +61,8 @@ class OIDCSessionExpiredMiddleware:
         # At that point, we know that a OIDC user was previously logged in
         # and his session has expired.
         # Redirect to a view specified in django settings.
-        next_path = request.get_full_path()
+        next = request.get_full_path()
         logout_url = reverse(
-            self.redirect_view, query_params={"next_path": next_path, "remote_user": 1}
+            self.redirect_view, query_params={"next": next, "remote_user": 1}
         )
         return HttpResponseRedirect(logout_url)

swh/auth/django/views.py

@@ -39,7 +39,7 @@ def oidc_login_view(request: HttpRequest, redirect_uri: str, scope: str = "openi
         "code_verifier": code_verifier,
         "state": state,
         "redirect_uri": redirect_uri,
-        "next_path": request.GET.get("next_path", ""),
+        "next": request.GET.get("next", ""),
     }
 
     authorization_url_params = {
@@ -107,7 +107,7 @@ def oidc_login_complete(request: HttpRequest) -> HttpResponse:
     except Exception as e:
         return HttpResponseServerError(str(e))
 
-    next_path = login_data["next_path"] or request.build_absolute_uri("/")
+    next = login_data["next"] or request.build_absolute_uri("/")
 
     user = authenticate(
         request=request,
@@ -121,7 +121,7 @@ def oidc_login_complete(request: HttpRequest) -> HttpResponse:
 
     login(request, user)
 
-    return HttpResponseRedirect(next_path)
+    return HttpResponseRedirect(next)
 
 
 def oidc_logout(request: HttpRequest) -> HttpResponse:
@@ -142,7 +142,7 @@ def oidc_logout(request: HttpRequest) -> HttpResponse:
         # remove user data from cache
         cache.delete(oidc_profile_cache_key(oidc_client, user.id))
 
-    return HttpResponseRedirect(request.GET.get("next_path", "/"))
+    return HttpResponseRedirect(request.GET.get("next", "/"))
 
 
 urlpatterns = [

swh/auth/tests/django/test_middlewares.py

@@ -65,7 +65,5 @@ def test_oidc_session_expired_middleware_enabled(client, keycloak_oidc):
     # should redirect to logout page
     response = client.get(url)
     assert response.status_code == 302
-    silent_refresh_url = reverse(
-        "logout", query_params={"next_path": url, "remote_user": 1}
-    )
+    silent_refresh_url = reverse("logout", query_params={"next": url, "remote_user": 1})
     assert response["location"] == silent_refresh_url

swh/auth/tests/django/test_views.py

@@ -118,15 +118,15 @@ def test_oidc_logout_view_success(client, keycloak_oidc):
     keycloak_oidc.authorization_code.assert_called()
 
     # user initiates logout
-    next_path = reverse("root")
-    oidc_logout_url = reverse("oidc-logout", query_params={"next_path": next_path})
+    next = reverse("root")
+    oidc_logout_url = reverse("oidc-logout", query_params={"next": next})
 
     # should redirect to logout page
     response = client.get(oidc_logout_url)
     assert response.status_code == 302
 
     request = response.wsgi_request
-    assert response["location"] == next_path
+    assert response["location"] == next
 
     # should have been logged out in Keycloak
     oidc_profile = keycloak_oidc.login()
@@ -176,7 +176,7 @@ def test_oidc_login_complete_view_missing_parameters(client):
         "code_verifier": "",
         "state": str(uuid.uuid4()),
         "redirect_uri": "",
-        "next_path": "",
+        "next": "",
     }
     session.save()
 
@@ -202,7 +202,7 @@ def test_oidc_login_complete_wrong_csrf_token(client, keycloak_oidc):
         "code_verifier": "",
         "state": str(uuid.uuid4()),
         "redirect_uri": "",
-        "next_path": "",
+        "next": "",
     }
     session.save()
 
@@ -233,7 +233,7 @@ def test_oidc_login_complete_wrong_code_verifier(client, keycloak_oidc):
         "code_verifier": "",
         "state": str(uuid.uuid4()),
         "redirect_uri": "",
-        "next_path": "",
+        "next": "",
     }
     session.save()