Dev oidc (#3941)

* [Update] oidc_rp获取token添加headers base64编码 * [Update] 移除对oidc_rp的支持 * [Update] 移除对oidc_rp的支持2 * [Update] 修改OpenID配置（添加新配置项，并对旧配置项做兼容） * [Update] 移除所有与Keycloak相关的模块 * [Update] 添加jumpserver-django-oidc-rp的使用 * [Update] 更新登录重定向地址(oidc) * [Update] oidc添加一些配置参数；处理用户登录/创建/更新等信号 * [Update] 修改退出登录逻辑 * [Update] 添加oidc user登录成功的信号机制 * [Update] 修改mfa认证choices内容 (otp => code) * [Update] 添加OpenID backend password 认证失败信号机制；修改引入common包问题 * [Update] 用户Token/Auth API 校验用户时，传入request参数（解决登录成功日志记录的问题） * [Update] 添加依赖jumpserver-django-oidc-rp==0.3.7.1 * [Update] oidc认证模块说明
2025-09-16 07:18:22 +00:00 · 2020-04-26 20:36:17 +08:00
parent 5d433456d4
commit 7833ff6671
28 changed files with 241 additions and 906 deletions
--- a/apps/authentication/views/login.py
+++ b/apps/authentication/views/login.py
@@ -58,11 +58,9 @@ class UserLoginView(mixins.AuthMixin, FormView):
        if self.request.GET.get("admin", 0):
            return None
        if settings.AUTH_OPENID:
-            redirect_url = reverse("authentication:openid:openid-login")
+            redirect_url = reverse(settings.AUTH_OPENID_AUTH_LOGIN_URL_NAME)
        elif settings.AUTH_CAS:
            redirect_url = reverse(settings.CAS_LOGIN_URL_NAME)
-        elif settings.AUTH_OIDC_RP:
-            redirect_url = reverse(settings.OIDC_RP_LOGIN_URL_NAME)

        if redirect_url:
            query_string = request.GET.urlencode()
@@ -113,7 +111,6 @@ class UserLoginView(mixins.AuthMixin, FormView):
        context = {
            'demo_mode': os.environ.get("DEMO_MODE"),
            'AUTH_OPENID': settings.AUTH_OPENID,
-            'AUTH_OIDC_RP': settings.AUTH_OIDC_RP,
        }
        kwargs.update(context)
        return super().get_context_data(**kwargs)
@@ -188,24 +185,18 @@ class UserLogoutView(TemplateView):

    @staticmethod
    def get_backend_logout_url():
+        if settings.AUTH_OPENID:
+            return settings.AUTH_OPENID_AUTH_LOGOUT_URL_NAME
        # if settings.AUTH_CAS:
        #     return settings.CAS_LOGOUT_URL_NAME
-
-        # oidc rp
-        if settings.AUTH_OIDC_RP:
-            return reverse(settings.OIDC_RP_LOGOUT_URL_NAME)
+        return None

    def get(self, request, *args, **kwargs):
-        auth_logout(request)
-
        backend_logout_url = self.get_backend_logout_url()
        if backend_logout_url:
            return redirect(backend_logout_url)

-        next_uri = request.COOKIES.get("next")
-        if next_uri:
-            return redirect(next_uri)
-
+        auth_logout(request)
        response = super().get(request, *args, **kwargs)
        return response