[Repoze-checkins] r1656 - in repoze.who/trunk: . repoze/who repoze/who/plugins

Chris McDonough chrism at agendaless.com
Fri Aug 22 23:53:11 EDT 2008 

Author: Chris McDonough <chrism at agendaless.com>
Date: Fri Aug 22 23:53:11 2008
New Revision: 1656

Log:
Location header.


Modified:
   repoze.who/trunk/CHANGES.txt
   repoze.who/trunk/repoze/who/plugins/form.py
   repoze.who/trunk/repoze/who/tests.py

Modified: repoze.who/trunk/CHANGES.txt
==============================================================================
--- repoze.who/trunk/CHANGES.txt	(original)
+++ repoze.who/trunk/CHANGES.txt	Fri Aug 22 23:53:11 2008
@@ -6,6 +6,11 @@
  - Fix auth_tkt plugin to set the same cookies in its ``remember`` method that 
    it does in its ``forget`` method.
 
+ - The FormPlugin plugin has grown a redirect-on-unauthorized feature.
+   Any response from a downstream application that causes a challenge
+   and includes a Location header will cause a redirect to the value
+   of the Location header.
+
 1.0.4 (2008/08/22)
 
  - Added a key to the '[general]' config section: ``remote_user_key``.

Modified: repoze.who/trunk/repoze/who/plugins/form.py
==============================================================================
--- repoze.who/trunk/repoze/who/plugins/form.py	(original)
+++ repoze.who/trunk/repoze/who/plugins/form.py	Fri Aug 22 23:53:11 2008
@@ -4,6 +4,7 @@
 
 from paste.httpheaders import CONTENT_LENGTH
 from paste.httpheaders import CONTENT_TYPE
+from paste.httpheaders import LOCATION
 from paste.httpexceptions import HTTPFound
 from paste.httpexceptions import HTTPUnauthorized
 
@@ -107,6 +108,12 @@
 
     # IChallenger
     def challenge(self, environ, status, app_headers, forget_headers):
+        if app_headers:
+            location = LOCATION(app_headers)
+            if location:
+                headers = list(app_headers) + list(forget_headers)
+                return HTTPFound(headers = headers)
+                
         form = self.formbody or _DEFAULT_FORM
         if self.formcallable is not None:
             form = self.formcallable(environ)

Modified: repoze.who/trunk/repoze/who/tests.py
==============================================================================
--- repoze.who/trunk/repoze/who/tests.py	(original)
+++ repoze.who/trunk/repoze/who/tests.py	Fri Aug 22 23:53:11 2008
@@ -1159,6 +1159,23 @@
         self.assertEqual(sr.headers[1], ('Content-Type', 'text/html'))
         self.assertEqual(sr.status, '200 OK')
 
+    def test_challenge_with_location(self):
+        plugin = self._makeOne()
+        environ = self._makeFormEnviron()
+        app = plugin.challenge(environ, '401 Unauthorized',
+                               [('Location', 'http://foo/bar')],
+                               [('Set-Cookie', 'a=123')])
+        sr = DummyStartResponse()
+        app(environ, sr)
+        headers = sorted(sr.headers)
+        self.assertEqual(len(headers), 3)
+        self.assertEqual(headers[0], ('Location', 'http://foo/bar'))
+        self.assertEqual(headers[1],
+                         ('Set-Cookie', 'a=123'))
+        self.assertEqual(headers[2],
+                         ('content-type', 'text/plain; charset=utf8'))
+        self.assertEqual(sr.status, '302 Found')
+
     def test_factory_withform(self):
         from repoze.who.plugins.form import make_plugin
         here = os.path.dirname(__file__)

More information about the Repoze-checkins mailing list