From 0ad3aa7d3f385c7220bee985664e80c371c6d1be Mon Sep 17 00:00:00 2001 From: David Taylor Date: Wed, 2 Nov 2016 23:50:49 +0000 Subject: [PATCH] Fixed penguins of death due to infinite loop of SSO login redirects --- RIGS/discourse/discourse.py | 7 +++++-- RIGS/discourse/sso.py | 2 +- templates/registration/login.html | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/RIGS/discourse/discourse.py b/RIGS/discourse/discourse.py index ae7d8089..3d6d5458 100644 --- a/RIGS/discourse/discourse.py +++ b/RIGS/discourse/discourse.py @@ -73,8 +73,11 @@ class DiscourseAuth(BaseAuth): def auth_complete(self, *args, **kwargs): """Completes login process, must return user instance.""" - if not self.sso.validate(self.data['sso'], self.data['sig']): - raise Exception("Someone wants to hack us!") + try: + if not self.sso.validate(self.data['sso'], self.data['sig']): + raise Exception("Someone wants to hack us!") + except KeyError: + raise Exception("SSO Error, please try again") nonce = self.sso.get_nonce(self.data['sso']) nonce_obj = self.get_nonce(nonce) diff --git a/RIGS/discourse/sso.py b/RIGS/discourse/sso.py index 9b477693..a3713bea 100644 --- a/RIGS/discourse/sso.py +++ b/RIGS/discourse/sso.py @@ -15,7 +15,7 @@ class DiscourseSSO: payload.encode(), sha256 ).hexdigest() - print(type(computed_sig), type(sig)) + return hmac.compare_digest(unicode(computed_sig), sig) def get_nonce(self, payload): diff --git a/templates/registration/login.html b/templates/registration/login.html index 33338e8c..33007a8a 100644 --- a/templates/registration/login.html +++ b/templates/registration/login.html @@ -10,6 +10,8 @@
+ {% url "social:complete" "discourse" as completeUrl %} + {% if not request.GET.next == completeUrl %}

@@ -28,6 +30,7 @@

+ {% endif %}