erp5_oauth2_authorisation: Factorise MultiFernet instanciation

93f018e7 · Vincent Pelletier · c5410570 · 93f018e7
Commit 93f018e7 authored Jun 14, 2023 by Vincent Pelletier
Showing with 4 additions and 4 deletions

bt5/erp5_oauth2_authorisation/DocumentTemplateItem/portal_components/document.erp5.OAuth2AuthorisationServerConnector.py ...nents/document.erp5.OAuth2AuthorisationServerConnector.py +4 -4

No files found.
--- a/bt5/erp5_oauth2_authorisation/DocumentTemplateItem/portal_components/document.erp5.OAuth2AuthorisationServerConnector.py
+++ b/bt5/erp5_oauth2_authorisation/DocumentTemplateItem/portal_components/document.erp5.OAuth2AuthorisationServerConnector.py
@@ -1022,10 +1022,10 @@ class OAuth2AuthorisationServerConnector(XMLObject):
    Only Zope-based request authentication is supported
    (ex: "Authorization: Basic ..." request header).
    """
+    multi_fernet = self.__getLoginRetryURLMultiFernet()
+    # Retrieve posted field, validate signature and extract the url.
    try:
-      login_retry_url = self.__getLoginRetryURLMultiFernet().decrypt(
+      login_retry_url = multi_fernet.decrypt(REQUEST.form['login_retry_url'])
-        REQUEST.form['login_retry_url'],
-      )
    except (fernet.InvalidToken, TypeError, KeyError):
      # No login_retry_url provided or its value is unusable: if this is a GET
      # request (trying to display a login form), use the current URL.
@@ -1039,7 +1039,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
    def getSignedLoginRetryUrl():
      if login_retry_url is None:
        return None
-      return self.__getLoginRetryURLMultiFernet().encrypt(login_retry_url)
+      return multi_fernet.encrypt(login_retry_url)
    return _ERP5AuthorisationEndpoint(
      server_connector_path=self.getPath(),
      zope_request=REQUEST,