From 21e3a32ffc1e3ff3204c755891877b3569d648d5 Mon Sep 17 00:00:00 2001 From: kdhttps Date: Thu, 6 Jan 2022 12:45:35 +0530 Subject: [PATCH] fix(SamlPassportScripts): handle preselectedExternalProvider automatic redirection problem gluu-passport issue https://github.com/GluuFederation/gluu-passport/issues/398 --- .../PassportExternalAuthenticator.py | 12 ++++++++++++ .../SamlPassportAuthenticator.py | 13 ++++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/static/extension/person_authentication/PassportExternalAuthenticator.py b/static/extension/person_authentication/PassportExternalAuthenticator.py index 31b16e3bc..d659e1f9c 100644 --- a/static/extension/person_authentication/PassportExternalAuthenticator.py +++ b/static/extension/person_authentication/PassportExternalAuthenticator.py @@ -165,6 +165,16 @@ def prepareForStep(self, configurationAttributes, requestParameters, step): print "Passport. prepareForStep called %s" % str(step) identity = CdiUtil.bean(Identity) + facesContext = CdiUtil.bean(FacesContext) + requestParameters = facesContext.getExternalContext().getRequestParameterMap() + + passportStrategyFailed = None + try: + passportStrategyFailed = requestParameters['failure'] + print "Passport. failure return from passport: %s, Check Passport logs " % passportStrategyFailed + except: + pass + if step == 1: #re-read the strategies config (for instance to know which strategies have enabled the email account linking) self.parseProviderConfigs() @@ -193,6 +203,8 @@ def prepareForStep(self, configurationAttributes, requestParameters, step): print "Passport. prepareForStep. A provider value could not be extracted from custom authorization request parameter" elif not provider in self.registeredProviders: print "Passport. prepareForStep. Provider '%s' not part of known configured IDPs/OPs" % provider + elif passportStrategyFailed != None: + print "Passport. passport strategy failed : %s, Check Passport logs" % passportStrategyFailed else: url = self.getPassportRedirectUrl(provider) diff --git a/static/extension/person_authentication/SamlPassportAuthenticator.py b/static/extension/person_authentication/SamlPassportAuthenticator.py index 63eb749b4..90818ae9f 100644 --- a/static/extension/person_authentication/SamlPassportAuthenticator.py +++ b/static/extension/person_authentication/SamlPassportAuthenticator.py @@ -199,6 +199,16 @@ def prepareForStep(self, configurationAttributes, requestParameters, step): print "Passport. prepareForStep called %s" % str(step) identity = CdiUtil.bean(Identity) + facesContext = CdiUtil.bean(FacesContext) + requestParameters = facesContext.getExternalContext().getRequestParameterMap() + + passportStrategyFailed = None + try: + passportStrategyFailed = requestParameters['failure'] + print "Passport. failure return from passport: %s, Check Passport logs " % passportStrategyFailed + except: + pass + if step == 1: #re-read the strategies config (for instance to know which strategies have enabled the email account linking) self.parseProviderConfigs() @@ -240,6 +250,8 @@ def prepareForStep(self, configurationAttributes, requestParameters, step): print "Passport. prepareForStep. A provider value could not be extracted from custom authorization request parameter" elif not provider in self.registeredProviders: print "Passport. prepareForStep. Provider '%s' not part of known configured IDPs/OPs" % provider + elif passportStrategyFailed != None: + print "Passport. passport strategy failed : %s, Check Passport logs" % passportStrategyFailed else: url = self.getPassportRedirectUrl(provider) @@ -824,4 +836,3 @@ def isInboundJwt(self, value): def getLogoutExternalUrl(self, configurationAttributes, requestParameters): print "Get external logout URL call" return None -