From 188a2846ede2df7d1c56c469b504b5ec22d2dc6d Mon Sep 17 00:00:00 2001 From: "Jiangjie.Bai" Date: Tue, 11 Oct 2022 18:37:49 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=20OAuth2=20=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E6=9C=AC=E5=9C=B0=E8=A2=AB=E7=A6=81=E7=94=A8=E5=90=8E?= =?UTF-8?q?,=E9=A1=B5=E9=9D=A2=E4=B8=80=E7=9B=B4=E8=B7=B3=E8=BD=AC?= =?UTF-8?q?=E7=9A=84=E9=97=AE=E9=A2=98.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentication/backends/oauth2/views.py | 4 +++- apps/jumpserver/settings/auth.py | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/apps/authentication/backends/oauth2/views.py b/apps/authentication/backends/oauth2/views.py index d3f4865a2..c0fe06759 100644 --- a/apps/authentication/backends/oauth2/views.py +++ b/apps/authentication/backends/oauth2/views.py @@ -55,7 +55,9 @@ class OAuth2AuthCallbackView(View): ) logger.debug(log_prompt.format('Redirect')) - return HttpResponseRedirect(settings.AUTH_OAUTH2_AUTHENTICATION_FAILURE_REDIRECT_URI) + # OAuth2 服务端认证成功, 但是用户被禁用了, 这时候需要调用服务端的logout + redirect_url = settings.AUTH_OAUTH2_PROVIDER_END_SESSION_ENDPOINT + return HttpResponseRedirect(redirect_url) class OAuth2EndSessionView(View): diff --git a/apps/jumpserver/settings/auth.py b/apps/jumpserver/settings/auth.py index 462aefc57..2cf47e9fe 100644 --- a/apps/jumpserver/settings/auth.py +++ b/apps/jumpserver/settings/auth.py @@ -161,6 +161,8 @@ AUTH_OAUTH2_CLIENT_SECRET = CONFIG.AUTH_OAUTH2_CLIENT_SECRET AUTH_OAUTH2_CLIENT_ID = CONFIG.AUTH_OAUTH2_CLIENT_ID AUTH_OAUTH2_SCOPE = CONFIG.AUTH_OAUTH2_SCOPE AUTH_OAUTH2_USER_ATTR_MAP = CONFIG.AUTH_OAUTH2_USER_ATTR_MAP +AUTH_OAUTH2_LOGOUT_COMPLETELY = CONFIG.AUTH_OAUTH2_LOGOUT_COMPLETELY +AUTH_OAUTH2_PROVIDER_END_SESSION_ENDPOINT = CONFIG.AUTH_OAUTH2_PROVIDER_END_SESSION_ENDPOINT AUTH_OAUTH2_AUTH_LOGIN_CALLBACK_URL_NAME = 'authentication:oauth2:login-callback' AUTH_OAUTH2_AUTHENTICATION_REDIRECT_URI = '/' AUTH_OAUTH2_AUTHENTICATION_FAILURE_REDIRECT_URI = '/'