From e868759ceb82d3f1cc51fbb596d51c0b3f3acc25 Mon Sep 17 00:00:00 2001
From: ichuang <ichuang@mit.edu>
Date: Mon, 12 Aug 2013 20:41:58 +0000
Subject: [PATCH] fix external_auth @ssl_login_shortcut decorator to properly
 use retfun

---
 common/djangoapps/external_auth/views.py | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/common/djangoapps/external_auth/views.py b/common/djangoapps/external_auth/views.py
index 42d0f2bf89..94ab224f24 100644
--- a/common/djangoapps/external_auth/views.py
+++ b/common/djangoapps/external_auth/views.py
@@ -180,7 +180,7 @@ def _external_login_or_signup(request,
                 return _signup(request, eamap)
         else:
             log.info('No user for %s yet. doing signup', eamap.external_email)
-            return _signup(request, eamap)
+            return _signup(request, eamap, retfun)
 
     # We trust shib's authentication, so no need to authenticate using the password again
     uname = internal_user.username
@@ -198,7 +198,7 @@ def _external_login_or_signup(request,
     if user is None:
         # we want to log the failure, but don't want to log the password attempted:
         AUDIT_LOG.warning('External Auth Login failed for "%s"', uname)
-        return _signup(request, eamap)
+        return _signup(request, eamap, retfun)
 
     if not user.is_active:
         AUDIT_LOG.warning('User "%s" is not active after external login', uname)
@@ -237,7 +237,8 @@ def _flatten_to_ascii(txt):
 
 
 @ensure_csrf_cookie
-def _signup(request, eamap):
+@cache_if_anonymous
+def _signup(request, eamap, retfun=None):
     """
     Present form to complete for signup via external authentication.
     Even though the user has external credentials, he/she still needs
@@ -246,6 +247,9 @@ def _signup(request, eamap):
 
     eamap is an ExternalAuthMap object, specifying the external user
     for which to complete the signup.
+    
+    retfun is a function to execute for the return value, if immediate
+    signup is used.  That allows @ssl_login_shortcut() to work.
     """
     # save this for use by student.views.create_account
     request.session['ExternalAuthMap'] = eamap
@@ -352,10 +356,17 @@ def ssl_login_shortcut(fn):
         if not settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']:
             return fn(*args, **kwargs)
         request = args[0]
+
+        if request.user and request.user.is_authenticated():	# don't re-authenticate
+            return fn(*args, **kwargs)
+
         cert = _ssl_get_cert_from_request(request)
         if not cert:		# no certificate information - show normal login window
             return fn(*args, **kwargs)
 
+        def retfun():
+            return fn(*args, **kwargs)
+
         (_user, email, fullname) = _ssl_dn_extract_info(cert)
         return _external_login_or_signup(
             request,
@@ -363,7 +374,8 @@ def ssl_login_shortcut(fn):
             external_domain="ssl:MIT",
             credentials=cert,
             email=email,
-            fullname=fullname
+            fullname=fullname,
+            retfun=retfun
         )
     return wrapped