perf: 优化 saml2 log

pull/7371/head^2
ibuler 2021-12-13 15:57:55 +08:00 committed by 老广
parent c5013dcbd6
commit 5024d0d739
1 changed files with 28 additions and 25 deletions

View File

@ -40,18 +40,20 @@ class PrepareRequestMixin:
idp_metadata_url = settings.SAML2_IDP_METADATA_URL idp_metadata_url = settings.SAML2_IDP_METADATA_URL
logger.debug('Start getting IDP configuration') logger.debug('Start getting IDP configuration')
xml_idp_settings = None
try: try:
xml_idp_settings = IdPMetadataParse.parse(idp_metadata_xml) if idp_metadata_xml.strip():
xml_idp_settings = IdPMetadataParse.parse(idp_metadata_xml)
except Exception as err: except Exception as err:
xml_idp_settings = None
logger.warning('Failed to get IDP metadata XML settings, error: %s', str(err)) logger.warning('Failed to get IDP metadata XML settings, error: %s', str(err))
url_idp_settings = None
try: try:
url_idp_settings = IdPMetadataParse.parse_remote( if idp_metadata_url.strip():
idp_metadata_url, timeout=20 url_idp_settings = IdPMetadataParse.parse_remote(
) idp_metadata_url, timeout=20
)
except Exception as err: except Exception as err:
url_idp_settings = None
logger.warning('Failed to get IDP metadata URL settings, error: %s', str(err)) logger.warning('Failed to get IDP metadata URL settings, error: %s', str(err))
idp_settings = url_idp_settings or xml_idp_settings idp_settings = url_idp_settings or xml_idp_settings
@ -164,7 +166,7 @@ class PrepareRequestMixin:
class Saml2AuthRequestView(View, PrepareRequestMixin): class Saml2AuthRequestView(View, PrepareRequestMixin):
def get(self, request): def get(self, request):
log_prompt = "Process GET requests [SAML2AuthRequestView]: {}" log_prompt = "Process SAML GET requests: {}"
logger.debug(log_prompt.format('Start')) logger.debug(log_prompt.format('Start'))
try: try:
@ -183,12 +185,12 @@ class Saml2EndSessionView(View, PrepareRequestMixin):
http_method_names = ['get', 'post', ] http_method_names = ['get', 'post', ]
def get(self, request): def get(self, request):
log_prompt = "Process GET requests [SAML2EndSessionView]: {}" log_prompt = "Process SAML GET requests: {}"
logger.debug(log_prompt.format('Start')) logger.debug(log_prompt.format('Start'))
return self.post(request) return self.post(request)
def post(self, request): def post(self, request):
log_prompt = "Process POST requests [SAML2EndSessionView]: {}" log_prompt = "Process SAML POST requests: {}"
logger.debug(log_prompt.format('Start')) logger.debug(log_prompt.format('Start'))
logout_url = settings.LOGOUT_REDIRECT_URL or '/' logout_url = settings.LOGOUT_REDIRECT_URL or '/'
@ -209,7 +211,7 @@ class Saml2EndSessionView(View, PrepareRequestMixin):
class Saml2AuthCallbackView(View, PrepareRequestMixin): class Saml2AuthCallbackView(View, PrepareRequestMixin):
def post(self, request): def post(self, request):
log_prompt = "Process POST requests [SAML2AuthCallbackView]: {}" log_prompt = "Process SAML2 POST requests: {}"
post_data = request.POST post_data = request.POST
try: try:
@ -224,24 +226,25 @@ class Saml2AuthCallbackView(View, PrepareRequestMixin):
logger.debug(log_prompt.format('Process saml response')) logger.debug(log_prompt.format('Process saml response'))
saml_instance.process_response(request_id=request_id) saml_instance.process_response(request_id=request_id)
errors = saml_instance.get_errors() errors = saml_instance.get_last_error_reason()
if not errors: if errors:
if 'AuthNRequestID' in request.session: logger.error(log_prompt.format('Saml response has error: %s' % str(errors)))
del request.session['AuthNRequestID'] return HttpResponseRedirect(settings.AUTH_SAML2_AUTHENTICATION_FAILURE_REDIRECT_URI)
logger.debug(log_prompt.format('Process authenticate')) if 'AuthNRequestID' in request.session:
saml_user_data = self.get_attributes(saml_instance) del request.session['AuthNRequestID']
user = auth.authenticate(request=request, saml_user_data=saml_user_data)
if user and user.is_valid:
logger.debug(log_prompt.format('Login: {}'.format(user)))
auth.login(self.request, user)
logger.debug(log_prompt.format('Redirect')) logger.debug(log_prompt.format('Process authenticate'))
next_url = saml_instance.redirect_to(post_data.get('RelayState', '/')) saml_user_data = self.get_attributes(saml_instance)
return HttpResponseRedirect(next_url) user = auth.authenticate(request=request, saml_user_data=saml_user_data)
logger.error(log_prompt.format('Saml response has error: %s' % str(errors))) if user and user.is_valid:
return HttpResponseRedirect(settings.AUTH_SAML2_AUTHENTICATION_FAILURE_REDIRECT_URI) logger.debug(log_prompt.format('Login: {}'.format(user)))
auth.login(self.request, user)
logger.debug(log_prompt.format('Redirect'))
next_url = saml_instance.redirect_to(post_data.get('RelayState', '/'))
return HttpResponseRedirect(next_url)
@csrf_exempt @csrf_exempt
def dispatch(self, *args, **kwargs): def dispatch(self, *args, **kwargs):