Adds redirects for login pages and the registration page

common/djangoapps/external_auth/tests/test_ssl.py

@@ -140,3 +140,47 @@ def test_ssl_login_without_signup_cms(self):
             User.objects.get(email=self.USER_EMAIL)
         except ExternalAuthMap.DoesNotExist, ex:
             self.fail('User did not get properly added to internal users, exception was {0}'.format(str(ex)))
+
+    @unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
+    @override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
+    def test_default_login_decorator_ssl(self):
+        """
+        Make sure that SSL login happens if it is enabled on protected
+        views instead of showing the login form.
+        """
+        response = self.client.get(reverse('dashboard'), follows=True)
+        self.assertEqual(response.status_code, 302)
+        self.assertIn(reverse('accounts_login'), response['location'])
+
+        response = self.client.get(
+            reverse('dashboard'), follow=True,
+            SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
+        self.assertIn(reverse('dashboard'), response['location'])
+        self.assertIn('_auth_user_id', self.client.session)
+
+    @unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
+    @override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
+    def test_registration_page_bypass(self):
+        """
+        This tests to make sure when immediate signup is on that
+        the user doesn't get presented with the registration page.
+        """
+        response = self.client.get(
+            reverse('register_user'), follow=True,
+            SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
+        self.assertIn(reverse('dashboard'), response['location'])
+        self.assertIn('_auth_user_id', self.client.session)
+
+    @unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
+    @override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
+    def test_signin_page_bypass(self):
+        """
+        This tests to make sure when ssl authentication is on
+        that user doesn't get presented with the login page if they
+        have a certificate.
+        """
+        response = self.client.get(
+            reverse('signin_user'), follow=True,
+            SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
+        self.assertIn(reverse('dashboard'), response['location'])
+        self.assertIn('_auth_user_id', self.client.session)

common/djangoapps/student/views.py

@@ -239,6 +239,10 @@ def signin_user(request):
     """
     This view will display the non-modal login form
     """
+    if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']:
+        # SSL login doesn't require a view, so redirect
+        # branding and allow that to process the login.
+        return redirect(reverse('root'))
     if request.user.is_authenticated():
         return redirect(reverse('dashboard'))
 
@@ -256,6 +260,10 @@ def register_user(request, extra_context=None):
     """
     if request.user.is_authenticated():
         return redirect(reverse('dashboard'))
+    if settings.FEATURES.get('AUTH_USE_MIT_CERTIFICATES_IMMEDIATE_SIGNUP'):
+        # Redirect to branding to process their certificate if SSL is enabled
+        # and registration is disabled.
+        return redirect(reverse('root'))
 
     context = {
         'course_id': request.GET.get('course_id'),
@@ -518,6 +526,10 @@ def accounts_login(request):
     """
     if settings.FEATURES.get('AUTH_USE_CAS'):
         return redirect(reverse('cas-login'))
+    if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']:
+        # SSL login doesn't require a view, so redirect
+        # to branding and allow that to process the login.
+        return redirect(reverse('root'))
     # see if the "next" parameter has been set, whether it has a course context, and if so, whether
     # there is a course-specific place to redirect
     redirect_to = request.GET.get('next')