Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EREGCSC-2448-End-EUA-Session #1117

Merged
merged 21 commits into from
Jan 5, 2024
Merged

EREGCSC-2448-End-EUA-Session #1117

merged 21 commits into from
Jan 5, 2024

Conversation

peggles2
Copy link
Contributor

@peggles2 peggles2 commented Dec 21, 2023
edited
Loading

Resolves #EREGGCSC-2448 - End EUA Session

Description-

When users sign in to Eregulations using their EUA credentials, authentication is performed via EUA. During the sign-out process from Eregulations, it should terminate the EUA (Okta) session. Several steps were taken to implement this functionality:

The Eregulations application now identifies if the user signed in via EUA, allowing the logout button to sign them out of Okta. Different handling is applied if the user signed in through the Django admin, which has a distinct logout link.

The Okta logout API endpoint is utilized when the user is signed in through EUA.

Updates were made to the admin panel and policy repository to ensure the correct logout link is used.

To manually verify these changes, follow these steps:

EUA Admin signin

  1. Visit the /admin page and sign in through EUA.
  2. Logout of the admin page and confirm the successful sign-out.
    Screen Shot 2023-12-21 at 5 04 46 PM
  3. Visit the admin page again and click on the EUA sign-in link.
  4. Ensure that you are not signed into the admin page but see the EUA login form.
    Screen Shot 2023-12-21 at 4 48 29 PM

EUA Policy repository sign-in

  1. Visit the /policy-repository page after signing in through EUA.
  2. Logout of the policy repository page by clicking on the logout link at the bottom right corner.
    Screen Shot 2024-01-04 at 1 41 21 PM
  3. Visit the /admin page and sign in through EUA.
  4. Confirm that you need to input your credentials in the login form again.
    Screen Shot 2023-12-21 at 4 48 29 PM

Django Admin sign-in

  1. Visit the /admin page and sign in through Django admin.
  2. Logout of the admin page and confirm the successful sign-out.
    Screen Shot 2023-12-21 at 5 04 46 PM
  3. Visit the admin page again and check if you get the admin sign-in page.
    Screen Shot 2023-12-21 at 4 55 09 PM

Django Policy repository sign in

  1. Visit the /policy-repository page after signing in through Django admin.
  2. Logout of the policy repository page by clicking on the logout link at the bottom left corner.
    Screen Shot 2023-12-21 at 4 53 22 PM
  3. Visit the admin page again and check if you get the admin sign-in page.

The logout form at the bottom right of the Policy Repository page exhibits consistent styling, whether accessed through Django or EUA sign-ins.

Screen Shot 2024-01-04 at 1 44 38 PM

@github-actions GitHub Actions
Copy link

✨ See the Django Site in action

@github-actions GitHub Actions
Copy link

✨ See the Django Site in action

@github-actions GitHub Actions
Copy link

✨ See the Django Site in action

@github-actions GitHub Actions
Copy link

✨ See the Django Site in action

@peggles2 peggles2 closed this Jan 2, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 4, 2024

✨ See the Django Site in action

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 4, 2024

✨ See the Django Site in action

@peggles2 peggles2 marked this pull request as ready for review January 4, 2024 18:40
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 4, 2024

✨ See the Django Site in action

cgodwin1
cgodwin1 requested changes Jan 4, 2024
View reviewed changes
Copy link
Contributor

@cgodwin1 cgodwin1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, only one comment.

solution/backend/regulations/logout.py Outdated
Comment on lines 9 to 10
if '//logout' in logout_redirect_url:
logout_redirect_url = logout_redirect_url.replace('//logout', '/logout')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can remove the conditional here. If //logout is not in the variable, the replace function does nothing. Same result.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 4, 2024

✨ See the Django Site in action

cgodwin1
cgodwin1 approved these changes Jan 4, 2024
View reviewed changes
Copy link
Contributor

@cgodwin1 cgodwin1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@peggles2 peggles2 merged commit a925bdf into main Jan 5, 2024
19 checks passed
@peggles2 peggles2 mentioned this pull request Jan 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cgodwin1 cgodwin1 cgodwin1 approved these changes

@PhilR8 PhilR8 Awaiting requested review from PhilR8 PhilR8 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@peggles2 @cgodwin1