fix: 修复 OAuth2 用户本地被禁用后,页面一直跳转的问题.

2022-10-11 18:37:49 +08:00 · 2022-10-11 18:37:49 +08:00 · 680c174dcf
parent 68a1388afd
commit 680c174dcf
2 changed files with 5 additions and 1 deletions
--- a/apps/authentication/backends/oauth2/views.py
+++ b/apps/authentication/backends/oauth2/views.py
@ -55,7 +55,9 @@ class OAuth2AuthCallbackView(View):
                )

        logger.debug(log_prompt.format('Redirect'))
-        return HttpResponseRedirect(settings.AUTH_OAUTH2_AUTHENTICATION_FAILURE_REDIRECT_URI)
+        # OAuth2 服务端认证成功, 但是用户被禁用了, 这时候需要调用服务端的logout
+        redirect_url = settings.AUTH_OAUTH2_PROVIDER_END_SESSION_ENDPOINT
+        return HttpResponseRedirect(redirect_url)


 class OAuth2EndSessionView(View):
--- a/apps/jumpserver/settings/auth.py
+++ b/apps/jumpserver/settings/auth.py
@ -161,6 +161,8 @@ AUTH_OAUTH2_CLIENT_SECRET = CONFIG.AUTH_OAUTH2_CLIENT_SECRET
 AUTH_OAUTH2_CLIENT_ID = CONFIG.AUTH_OAUTH2_CLIENT_ID
 AUTH_OAUTH2_SCOPE = CONFIG.AUTH_OAUTH2_SCOPE
 AUTH_OAUTH2_USER_ATTR_MAP = CONFIG.AUTH_OAUTH2_USER_ATTR_MAP
+AUTH_OAUTH2_LOGOUT_COMPLETELY = CONFIG.AUTH_OAUTH2_LOGOUT_COMPLETELY
+AUTH_OAUTH2_PROVIDER_END_SESSION_ENDPOINT = CONFIG.AUTH_OAUTH2_PROVIDER_END_SESSION_ENDPOINT
 AUTH_OAUTH2_AUTH_LOGIN_CALLBACK_URL_NAME = 'authentication:oauth2:login-callback'
 AUTH_OAUTH2_AUTHENTICATION_REDIRECT_URI = '/'
 AUTH_OAUTH2_AUTHENTICATION_FAILURE_REDIRECT_URI = '/'