diff options
author | Rob Crittenden <rcritten@redhat.com> | 2015-03-30 11:42:10 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2015-04-01 22:53:55 -0400 |
commit | 5497278fab59361c5b6bc5d3c17407128b924b9a (patch) | |
tree | ae9035eb197295c1bb27335a8e29ef531e9d6872 /ipsilon/login/common.py | |
parent | f7150fdefeb58ab4e33f742969ebbc6019f45b08 (diff) | |
download | ipsilon.git-5497278fab59361c5b6bc5d3c17407128b924b9a.tar.gz ipsilon.git-5497278fab59361c5b6bc5d3c17407128b924b9a.tar.xz ipsilon.git-5497278fab59361c5b6bc5d3c17407128b924b9a.zip |
IdP-initiated logout for current user
Perform Single Logout for the current user when a logout is initiated
in the IdP.
A fake initial session is created. In the current logout code the
initial logout requestor holds the final redirect URL. In this case
it redirects back to the root IdP page.
https://fedorahosted.org/ipsilon/ticket/87
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Nathan Kinder <nkinder@redhat.com>
Diffstat (limited to 'ipsilon/login/common.py')
-rw-r--r-- | ipsilon/login/common.py | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py index 9beb741..d616882 100644 --- a/ipsilon/login/common.py +++ b/ipsilon/login/common.py @@ -273,11 +273,28 @@ class Login(Page): class Logout(Page): + def __init__(self, *args, **kwargs): + super(Logout, self).__init__(*args, **kwargs) + self.handlers = {} def root(self, *args, **kwargs): - UserSession().logout(self.user) + us = UserSession() + + for provider in self.handlers: + self.debug("Calling logout for provider %s" % provider) + obj = self.handlers[provider] + obj() + + us.logout(self.user) return self._template('logout.html', title='Logout') + def add_handler(self, provider, handler): + """ + Providers can register a logout handler here that is called + when the IdP logout link is accessed. + """ + self.handlers[provider] = handler + class Cancel(Page): |