diff --git a/cms/envs/common.py b/cms/envs/common.py index 43ddc34150..864cc33bed 100644 --- a/cms/envs/common.py +++ b/cms/envs/common.py @@ -439,6 +439,9 @@ LMS_INTERNAL_ROOT_URL = LMS_ROOT_URL LMS_ENROLLMENT_API_PATH = "/api/enrollment/v1/" ENTERPRISE_API_URL = LMS_INTERNAL_ROOT_URL + '/enterprise/api/v1/' ENTERPRISE_CONSENT_API_URL = LMS_INTERNAL_ROOT_URL + '/consent/api/v1/' +FRONTEND_LOGIN_URL = LOGIN_URL +FRONTEND_LOGOUT_URL = lambda settings: settings.LMS_ROOT_URL + '/logout' +derived('FRONTEND_LOGOUT_URL') # List of logout URIs for each IDA that the learner should be logged out of when they logout of # Studio. Only applies to IDA for which the social auth flow uses DOT (Django OAuth Toolkit). diff --git a/cms/envs/production.py b/cms/envs/production.py index a99cb18102..0bbc460665 100644 --- a/cms/envs/production.py +++ b/cms/envs/production.py @@ -13,6 +13,7 @@ import yaml from path import Path as path from xmodule.modulestore.modulestore_settings import convert_module_store_setting_if_needed from openedx.core.djangoapps.plugins import plugin_settings, constants as plugin_constants +from django.core.urlresolvers import reverse_lazy from django.core.exceptions import ImproperlyConfigured from .common import * @@ -298,9 +299,14 @@ HEARTBEAT_CHECKS = ENV_TOKENS.get('HEARTBEAT_CHECKS', HEARTBEAT_CHECKS) HEARTBEAT_EXTENDED_CHECKS = ENV_TOKENS.get('HEARTBEAT_EXTENDED_CHECKS', HEARTBEAT_EXTENDED_CHECKS) HEARTBEAT_CELERY_TIMEOUT = ENV_TOKENS.get('HEARTBEAT_CELERY_TIMEOUT', HEARTBEAT_CELERY_TIMEOUT) -# Login using the LMS as the identity provider +# Login using the LMS as the identity provider. +# Turning the flag to True means that the LMS will NOT be used as the Identity Provider (idp) if FEATURES.get('DISABLE_STUDIO_SSO_OVER_LMS', False): - LOGIN_URL = EDX_ROOT_URL + '/signin' + LOGIN_URL = reverse_lazy('login') + FRONTEND_LOGIN_URL = LOGIN_URL + FRONTEND_LOGOUT_URL = reverse_lazy('logout') + +LOGIN_REDIRECT_WHITELIST = [reverse_lazy('home')] # Specific setting for the File Upload Service to store media in a bucket. FILE_UPLOAD_STORAGE_BUCKET_NAME = ENV_TOKENS.get('FILE_UPLOAD_STORAGE_BUCKET_NAME', FILE_UPLOAD_STORAGE_BUCKET_NAME) diff --git a/cms/templates/widgets/header.html b/cms/templates/widgets/header.html index 45cfface42..1b69f2411e 100644 --- a/cms/templates/widgets/header.html +++ b/cms/templates/widgets/header.html @@ -231,14 +231,6 @@ % else: <% register_url = settings.LMS_ROOT_URL + '/register' - - if settings.FEATURES.get('DISABLE_STUDIO_SSO_OVER_LMS', False): - login_url = settings.LOGIN_URL - else: - login_url = '{lms_root_url}/login?next={next_url}'.format( - lms_root_url=settings.LMS_ROOT_URL, - next_url=current_url, - ) %> diff --git a/cms/templates/widgets/user_dropdown.html b/cms/templates/widgets/user_dropdown.html index 1eb87dcd8e..a59fc3b75b 100644 --- a/cms/templates/widgets/user_dropdown.html +++ b/cms/templates/widgets/user_dropdown.html @@ -39,15 +39,6 @@ - <% - if settings.FEATURES.get('DISABLE_STUDIO_SSO_OVER_LMS', False): - logout_url = reverse('logout') - else: - logout_url = '{lms_root_url}/logout?next={next_url}'.format( - lms_root_url=settings.LMS_ROOT_URL, - next_url=current_site_url, - ) - %>
diff --git a/openedx/core/djangoapps/user_authn/views/logout.py b/openedx/core/djangoapps/user_authn/views/logout.py index 3b58aaf5cb..9dea83a5b7 100644 --- a/openedx/core/djangoapps/user_authn/views/logout.py +++ b/openedx/core/djangoapps/user_authn/views/logout.py @@ -57,7 +57,11 @@ class LogoutView(TemplateView): logout(request) - response = super(LogoutView, self).dispatch(request, *args, **kwargs) + # If we don't need to deal with OIDC logouts, just redirect the user. + if self.oauth_client_ids: + response = super(LogoutView, self).dispatch(request, *args, **kwargs) + else: + response = redirect(self.target) # Clear the cookie used by the edx.org marketing site delete_logged_in_cookies(response)