Merge pull request #4675 from communitybridge/unicron-add-option-for-manual-redirect

lukaszgryglicki · web-flow · commit 17552f5b3523 · 2025-05-28T12:47:23.000+02:00
Allow get_redirect_url param
diff --git a/cla-backend/cla/controllers/repository_service.py b/cla-backend/cla/controllers/repository_service.py
@@ -6,7 +6,7 @@
 """
 
 import cla
-from falcon import HTTP_404
+from falcon import HTTP_202, HTTP_404
 
 def received_activity(provider, data):
     """
@@ -34,7 +34,7 @@ def sign_request(provider, installation_id, github_repository_id, change_request
     service = cla.utils.get_repository_service(provider)
     return service.sign_request(installation_id, github_repository_id, change_request_id, request)
 
-def user_from_session(request, response=None):
+def user_from_session(get_redirect_url, request, response=None):
     """
     Return user from OAuth2 session
     """
@@ -45,9 +45,12 @@ def user_from_session(request, response=None):
     # os.environ["CLA_API_BASE"] = os.getenv("CLA_API_BASE_CLI", os.environ["CLA_API_BASE"])
     # LG: to test using MockGitHub class
     # from cla.models.github_models import MockGitHub
-    # user = MockGitHub(os.environ["GITHUB_OAUTH_TOKEN"]).user_from_session(request)
-    user = cla.utils.get_repository_service('github').user_from_session(request)
+    # user = MockGitHub(os.environ["GITHUB_OAUTH_TOKEN"]).user_from_session(request, get_redirect_url)
+    user = cla.utils.get_repository_service('github').user_from_session(request, get_redirect_url)
     if user is None:
         response.status = HTTP_404
         return {"errors": "Cannot find user from session"}
+    if isinstance(user, dict):
+        response.status = HTTP_202
+        return user
     return user.to_dict()
diff --git a/cla-backend/cla/models/github_models.py b/cla-backend/cla/models/github_models.py
@@ -98,7 +98,7 @@ def received_activity(self, data):
         else:
             cla.log.debug("github_models.received_activity - Ignoring unsupported action: {}".format(data["action"]))
 
-    def user_from_session(self, request):
+    def user_from_session(self, request, get_redirect_url):
         fn = "github_models.user_from_session"
         cla.log.debug(f"{fn} - loading session from request: {request}...")
         session = self._get_request_session(request)
@@ -118,9 +118,13 @@ def user_from_session(self, request):
         cla.log.debug(f"{fn} - obtained GitHub OAuth2 state from authorization - storing CSRF token in the session...")
         session["github_oauth2_state"] = csrf_token
         cla.log.debug(f"{fn} - GitHub OAuth2 request with CSRF token {csrf_token} - sending user to {authorization_url}")
-        cla.log.debug(f"{fn} - redirecting by returning 302 and redirect URL")
         # We must redirect to GitHub OAuth app for authentication, it will return you to /v2/github/installation which will handle returning user data
-        raise falcon.HTTPFound(authorization_url)
+        if get_redirect_url:
+            cla.log.debug(f"{fn} - sending redirect_url via 202 HTTP status JSON payload")
+            return { "redirect_url": authorization_url }
+        else:
+            cla.log.debug(f"{fn} - redirecting by returning 302 and redirect URL")
+            raise falcon.HTTPFound(authorization_url)
 
     def sign_request(self, installation_id, github_repository_id, change_request_id, request):
         """
diff --git a/cla-backend/cla/routes.py b/cla-backend/cla/routes.py
@@ -1809,6 +1809,7 @@ def user_from_session(request, response):
     """
     GET: /user-from-session
     Example: https://api.dev.lfcla.com/v2/user-from-session
+    Example: https://api.dev.lfcla.com/v2/user-from-session?get_redirect_url=1
     Returns user object from OAuth2 session
     Example user returned:
     {
@@ -1833,10 +1834,13 @@ def user_from_session(request, response):
       "version": "v1"
     }
     Will 302 redirect to /v2/github/installation if there is no session and that callback will return user data then
+    WIll return 202 redirect to the same in reponse's JSON 'redirect_url' property if get_redirect_url=1 (param)
     Will return 200 and user data if there is an active GitHub session
     Can return 404 on OAuth2 errors
     """
-    return cla.controllers.repository_service.user_from_session(request, response)
+    raw_redirect = request.params.get('get_redirect_url', 'false').lower()
+    get_redirect_url = raw_redirect in ('1', 'true', 'yes')
+    return cla.controllers.repository_service.user_from_session(get_redirect_url, request, response)
 
 
 @hug.post("/events", versions=1)
diff --git a/utils/get_user_from_session_py.sh b/utils/get_user_from_session_py.sh
@@ -1,17 +1,22 @@
 #!/bin/bash
 # API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000)
 # API_URL=https://api.lfcla.dev.platform.linuxfoundation.org
-# DEBUG='' ./utils/get_user_from_session_py.sh
+# DEBUG='' [GET_REDIRECT_URL=1] ./utils/get_user_from_session_py.sh
 # Flow with custom GitHub app: see 'LG:' in cla/controllers/repository_service.py, then:
 # Start server via: CLA_API_BASE_CLI='http://147.75.85.27:5000' GH_OAUTH_CLIENT_ID_CLI="$(cat ../lg-github-oauth-app.client-id.secret)" GH_OAUTH_SECRET_CLI="$(cat ../lg-github-oauth-app.client-secret.secret)" yarn serve:ext
 # In the browser: open page: http://147.75.85.27:5000/v2/user-from-session
 
+if [ -z "${GET_REDIRECT_URL}" ]
+then
+  export GET_REDIRECT_URL="0"
+fi
+
 if [ -z "$API_URL" ]
 then
   export API_URL="http://localhost:5000"
 fi
 
-export API="${API_URL}/v2/user-from-session"
+export API="${API_URL}/v2/user-from-session?get_redirect_url=${GET_REDIRECT_URL}"
 
 if [ ! -z "$DEBUG" ]
 then
