flows: add SESSION_KEY_APPLICATION_PRE

whenever a user tries to access an application without being authenticated to passbook, we now show notice which application they are going to continue to.
2020-07-12 22:47:46 +02:00
parent a3baa100d4
commit b452e751ea
7 changed files with 44 additions and 4 deletions
--- a/passbook/providers/oidc/views.py
+++ b/passbook/providers/oidc/views.py
@ -42,6 +42,10 @@ class AuthorizationFlowInitView(PolicyAccessMixin, LoginRequiredMixin, View):
            application = self.provider_to_application(provider)
        except Application.DoesNotExist:
            return self.handle_no_permission_authorized()
+        # Check if user is unauthenticated, so we pass the application
+        # for the identification stage
+        if not request.user.is_authenticated:
+            return self.handle_no_permission(application)
        # Check permissions
        result = self.user_has_access(application)
        if not result.passing: