zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-05-15 17:17:02 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fix reintroduced login loop

Browse source
This commit is contained in:
zandercymatics 2024-05-21 12:25:55 -06:00
parent c0a0e07530
commit 5e9db8f1db
No known key found for this signature in database
GPG key ID: FF4636ABEC9682B7
2 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/djangooidc/oidc.py
View file

@ -247,6 +247,12 @@ class Client(oic.Client):
raise o_e.AuthenticationFailed(locator=state) raise o_e.AuthenticationFailed(locator=state)
info_response_dict = info_response.to_dict() info_response_dict = info_response.to_dict()
# Define vtm/vtr information on the user dictionary so we can track this in one location.
# If a user has this information, then they are bumped up in terms of verification level.
if session.get("needs_step_up_auth") is True:
info_response_dict["vtm"] = session.get("vtm", "")
info_response_dict["vtr"] = session.get("vtr", "")
logger.debug("user info: %s" % info_response_dict) logger.debug("user info: %s" % info_response_dict)
return info_response_dict return info_response_dict

1
src/djangooidc/views.py
View file

@ -98,6 +98,7 @@ def login_callback(request):
# Tests for the presence of the vtm/vtr values in the userinfo object. # Tests for the presence of the vtm/vtr values in the userinfo object.
# If they are there, then we can set a flag in our session for tracking purposes. # If they are there, then we can set a flag in our session for tracking purposes.
needs_step_up_auth = _requires_step_up_auth(userinfo) needs_step_up_auth = _requires_step_up_auth(userinfo)
request.session["needs_step_up_auth"] = needs_step_up_auth
# Return a redirect request to a new auth url that does biometric validation # Return a redirect request to a new auth url that does biometric validation
if needs_step_up_auth: if needs_step_up_auth: