zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-29 22:16:33 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fix infinite loop

Browse source
This commit is contained in:
zandercymatics 2024-05-16 12:37:14 -06:00
parent 28e18e705b
commit f3f1b896bb
No known key found for this signature in database
GPG key ID: FF4636ABEC9682B7
2 changed files with 14 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/djangooidc/views.py
View file

@ -93,14 +93,15 @@ def login_callback(request):
userinfo = CLIENT.callback(query, request.session)
# test for need for identity verification and if it is satisfied
# if not satisfied, redirect user to login with stepped up acr_value
request.session["needs_biometric_validation"] = False
if _requires_step_up_auth(userinfo):
# add acr_value to request.session
if "acr_value" in request.session:
request.session.pop("acr_value")
extra_args = {
"vtm": CLIENT.get_vtm_value(),
}
request.session["needs_biometric_validation"] = True
print(f"session is: {request.session}")
return CLIENT.create_authn_request(request.session, add_acr=False, extra_args=extra_args)
user = authenticate(request=request, **userinfo)
@ -151,7 +152,7 @@ def _requires_step_up_auth(userinfo):
acr_value = userinfo.get("ial", "")
uuid = userinfo.get("sub", "")
email = userinfo.get("email", "")
if acr_value != step_up_acr_value:
if acr_value != step_up_acr_value and (not userinfo.get("vtm") and not userinfo.get("vtr")):
# The acr of this attempt is not at the highest level
# so check if the user needs the higher level
return User.needs_identity_verification(email, uuid)