diff --git a/auth_oauth_autologin/__manifest__.py b/auth_oauth_autologin/__manifest__.py index 9ff64673a8..efb6af52e0 100644 --- a/auth_oauth_autologin/__manifest__.py +++ b/auth_oauth_autologin/__manifest__.py @@ -11,6 +11,6 @@ "maintainers": ["sbidoul"], "website": "https://github.com/OCA/server-auth", "depends": ["auth_oauth"], - "data": ["views/auth_oauth_provider.xml"], + "data": ["views/assets.xml", "views/auth_oauth_provider.xml"], "demo": [], } diff --git a/auth_oauth_autologin/controllers/main.py b/auth_oauth_autologin/controllers/main.py index 42a9bb28be..d81162565e 100644 --- a/auth_oauth_autologin/controllers/main.py +++ b/auth_oauth_autologin/controllers/main.py @@ -1,35 +1,32 @@ # Copyright 2021 ACSONE SA/NV # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). -import werkzeug +from urllib.parse import parse_qsl, urlparse from odoo import http +from odoo.http import request from odoo.addons.auth_oauth.controllers.main import OAuthLogin class OAuthAutoLogin(OAuthLogin): - def _autologin_disabled(self): - return ( - "no_autologin" in http.request.params - or "oauth_error" in http.request.params - or "error" in http.request.params - ) + def _autologin_disabled(self, redirect): + url = urlparse(redirect) + params = dict(parse_qsl(url.query)) + return "no_autologin" in params or "oauth_error" in params or "error" in params def _autologin_link(self): providers = [p for p in self.list_providers() if p.get("autologin")] if len(providers) == 1: return providers[0].get("auth_link") - @http.route() - def web_login(self, *args, **kw): - response = super().web_login(*args, **kw) - if not response.is_qweb: - # presumably a redirect already - return response - if self._autologin_disabled(): - return response + @http.route( + "/auth/auto_login_redirect_link", type="json", auth="none", + ) + def auto_login_redirect_link(self, *args, **kwargs): + redirect = kwargs.get("redirect") + if self._autologin_disabled(redirect): + return False + request.params["redirect"] = redirect auth_link = self._autologin_link() - if not auth_link: - return response - return werkzeug.utils.redirect(auth_link, 303) + return auth_link diff --git a/auth_oauth_autologin/static/src/js/web_login.js b/auth_oauth_autologin/static/src/js/web_login.js new file mode 100644 index 0000000000..836f404694 --- /dev/null +++ b/auth_oauth_autologin/static/src/js/web_login.js @@ -0,0 +1,31 @@ +odoo.define("auth_oauth_autologin.redirect", function(require) { + "use strict"; + + var publicWidget = require("web.public.widget"); + + publicWidget.registry.authOauthAutologinWidget = publicWidget.Widget.extend({ + selector: ".oe_login_form", + + /** + * @override + */ + start: function() { + const def = this._super.apply(this, arguments); + let url = window.location.href; + if (url.includes("/web/login")) { + url = url.replace("/web/login", "/web"); + } + this._rpc({ + route: "/auth/auto_login_redirect_link", + params: { + redirect: url, + }, + }).then(function(result) { + if (result) { + window.location = result; + } + }); + return def; + }, + }); +}); diff --git a/auth_oauth_autologin/tests/__init__.py b/auth_oauth_autologin/tests/__init__.py deleted file mode 100644 index f94c68ab45..0000000000 --- a/auth_oauth_autologin/tests/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from . import test_auth_oauth_autologin diff --git a/auth_oauth_autologin/tests/test_auth_oauth_autologin.py b/auth_oauth_autologin/tests/test_auth_oauth_autologin.py deleted file mode 100644 index cc8b786bf0..0000000000 --- a/auth_oauth_autologin/tests/test_auth_oauth_autologin.py +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright 2021 ACSONE SA/NV -# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). - -import requests - -from odoo.tests.common import HOST, HttpCase -from odoo.tools import config - - -class TestAuthMethod(HttpCase): - def _assert_no_autologin(self, query=""): - r = requests.get( - f"http://{HOST}:{config['http_port']}/web/login{query}", - allow_redirects=False, - ) - self.assertNotEqual(r.status_code, 303) - self.assertTrue(r.ok) - - def _assert_autologin(self, query=""): - r = requests.get( - f"http://{HOST}:{config['http_port']}/web/login{query}", - allow_redirects=False, - ) - self.assertEqual(r.status_code, 303) - - def test_end_to_end_default_providers(self): - # by default no provider is configured - providers = self.env["auth.oauth.provider"].search( - [("enabled", "=", True), ("autologin", "=", True)] - ) - self.assertFalse(providers) - self._assert_no_autologin() - - def test_end_to_end_one_provider(self): - providers = self.env["auth.oauth.provider"].search( - [("enabled", "=", True), ("autologin", "=", False)] - ) - self.assertEqual(len(providers), 1) - providers.autologin = True - providers.flush() - self._assert_autologin() - self._assert_no_autologin(query="?no_autologin=1") - self._assert_no_autologin(query="?error=...") - self._assert_no_autologin(query="?oauth_error=...") diff --git a/auth_oauth_autologin/views/assets.xml b/auth_oauth_autologin/views/assets.xml new file mode 100644 index 0000000000..5cbe87c2c9 --- /dev/null +++ b/auth_oauth_autologin/views/assets.xml @@ -0,0 +1,15 @@ + + +