From de646460b398f5349527920af840655be69e7c96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexandre=20Bult=C3=A9?= Date: Wed, 6 Nov 2024 15:27:04 +0100 Subject: [PATCH 1/3] fix: support auth w/o token --- isomorphe/geonetwork.py | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/isomorphe/geonetwork.py b/isomorphe/geonetwork.py index 7515cd3..53d40b6 100644 --- a/isomorphe/geonetwork.py +++ b/isomorphe/geonetwork.py @@ -92,12 +92,15 @@ def authenticate(self): raise GeonetworkConnectionError( f"Redirection détectée vers {r.headers['Location']}. Merci d'utiliser l'URL canonique du serveur." ) - xsrf_token = r.cookies.get("XSRF-TOKEN") - if xsrf_token: - self.session.headers.update({"X-XSRF-TOKEN": xsrf_token}) - log.debug(f"XSRF token: {xsrf_token}") - else: - raise GeonetworkConnectionError("Impossible de récupérer le token XSRF") + # if the POST above failed, we need the XSFR-TOKEN to procede further + # if it did not, (username, password) basic auth should be enough + if not r.ok: + xsrf_token = r.cookies.get("XSRF-TOKEN") + if xsrf_token: + self.session.headers.update({"X-XSRF-TOKEN": xsrf_token}) + log.debug("XSRF token found") + else: + raise GeonetworkConnectionError("Impossible de récupérer le token XSRF") def _get_md_type(self, md: dict) -> MetadataType: return MetadataType(md.get("isTemplate", MetadataType.METADATA)) From f878315bc25a625521d69f3bb06d50d9fdafd539 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexandre=20Bult=C3=A9?= Date: Wed, 6 Nov 2024 15:27:26 +0100 Subject: [PATCH 2/3] store session info after failed login --- isomorphe/app.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/isomorphe/app.py b/isomorphe/app.py index 2fa3731..b14c658 100644 --- a/isomorphe/app.py +++ b/isomorphe/app.py @@ -70,6 +70,10 @@ def login(): gn_info = migrator.gn.info() except (requests.exceptions.RequestException, GeonetworkConnectionError) as e: flash(f"Problème d'authentification ({e})", "error") + # still record the login info for the next try + session["url"] = url.rstrip("/") + session["username"] = username + session["password"] = password return redirect(url_for("login_form")) else: authenticated = gn_info.get("me", {}).get("@authenticated", "false") == "true" From 13456e1ad233c956eeb1a14c1be38e18445c51ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexandre=20Bult=C3=A9?= Date: Wed, 6 Nov 2024 15:28:47 +0100 Subject: [PATCH 3/3] fix typo --- isomorphe/geonetwork.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/isomorphe/geonetwork.py b/isomorphe/geonetwork.py index 53d40b6..6d72fc2 100644 --- a/isomorphe/geonetwork.py +++ b/isomorphe/geonetwork.py @@ -92,7 +92,7 @@ def authenticate(self): raise GeonetworkConnectionError( f"Redirection détectée vers {r.headers['Location']}. Merci d'utiliser l'URL canonique du serveur." ) - # if the POST above failed, we need the XSFR-TOKEN to procede further + # if the POST above failed, we need the XSFR-TOKEN to proceed further # if it did not, (username, password) basic auth should be enough if not r.ok: xsrf_token = r.cookies.get("XSRF-TOKEN")