From bc31cb92677ec92231ad0d748714ff05950034f9 Mon Sep 17 00:00:00 2001
From: Mike Olund <michaelo@openroad.ca>
Date: Thu, 23 Mar 2017 18:18:32 -0700
Subject: [PATCH] Change 302 redirects to absolute URL's to fix OpenShift SSL
 route issue

---
 edivorce/apps/core/decorators.py                   |  2 +-
 edivorce/apps/core/middleware/bceid_middleware.py  |  4 ++--
 edivorce/apps/core/views/localdev.py               |  4 ++--
 edivorce/apps/core/views/main.py                   | 10 +++++-----
 edivorce/settings/local.py                         |  1 +
 openshift/jenkins/jenkins-persistent-template.json |  0
 6 files changed, 11 insertions(+), 10 deletions(-)
 create mode 100644 openshift/jenkins/jenkins-persistent-template.json

diff --git a/edivorce/apps/core/decorators.py b/edivorce/apps/core/decorators.py
index 32e9b8b2..617ec147 100644
--- a/edivorce/apps/core/decorators.py
+++ b/edivorce/apps/core/decorators.py
@@ -9,7 +9,7 @@ def bceid_required(function=None):
     def _dec(view_func):
         def _view(request, *args, **kwargs):
             if not request.bceid_user.is_authenticated:
-                return redirect(settings.FORCE_SCRIPT_NAME[:-1] + '/login')
+                return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/login')
             else:
                 return view_func(request, *args, **kwargs)
 
diff --git a/edivorce/apps/core/middleware/bceid_middleware.py b/edivorce/apps/core/middleware/bceid_middleware.py
index 7470f2a4..661b942b 100644
--- a/edivorce/apps/core/middleware/bceid_middleware.py
+++ b/edivorce/apps/core/middleware/bceid_middleware.py
@@ -25,8 +25,8 @@ class BceidMiddleware(object):
 
         # make sure the request didn't bypass the proxy
         if not localdev and not self.__request_came_from_proxy(request):
-            print("Redirecting " + request.path + " to " + settings.PROXY_BASE_URL, file=sys.stderr)
-            return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME)
+            print("Redirecting to " + settings.PROXY_BASE_URL + request.path, file=sys.stderr)
+            return redirect(settings.PROXY_BASE_URL + request.path)
 
         if not localdev and request.META.get('HTTP_SM_USERDN', False):
 
diff --git a/edivorce/apps/core/views/localdev.py b/edivorce/apps/core/views/localdev.py
index 5a418c0e..2952a2e5 100644
--- a/edivorce/apps/core/views/localdev.py
+++ b/edivorce/apps/core/views/localdev.py
@@ -16,7 +16,7 @@ def bceid(request):
         # just in case anyone from the general public discovers the dev server
         # make sure they don't accidentally login and think this is production
         if password.lower() != 'divorce':
-            return redirect(settings.FORCE_SCRIPT_NAME[:-1] + '/bceid')
+            return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/bceid')
 
         # convert the login name to a guid
         hex_name = decode(binascii.hexlify(str.encode(login_name)))[0]
@@ -26,7 +26,7 @@ def bceid(request):
         request.session['login-name'] = login_name
         request.session['fake-bceid-guid'] = fake_guid
 
-        return redirect(settings.FORCE_SCRIPT_NAME[:-1] + '/login')
+        return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/login')
 
     else:
         return render(request, 'localdev/bceid.html')
diff --git a/edivorce/apps/core/views/main.py b/edivorce/apps/core/views/main.py
index e88c515a..9d16c734 100644
--- a/edivorce/apps/core/views/main.py
+++ b/edivorce/apps/core/views/main.py
@@ -26,14 +26,14 @@ def intro(request):
     # if the user is returning from BCeID registration, then log them in to the site
     if request.bceid_user.is_authenticated and request.session.get('went-to-register', False) == True:
         request.session['went-to-register'] = False
-        return redirect(settings.FORCE_SCRIPT_NAME[:-1] + '/login')
+        return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/login')
 
     return render(request, 'intro.html', context={'hide_nav': True})
 
 
 def success(request):
     if request.bceid_user.is_authenticated:
-        return redirect(settings.FORCE_SCRIPT_NAME[:-1] + '/overview')
+        return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/overview')
     else:
         return render(request, 'success.html', context={'register_url': settings.REGISTER_URL})
 
@@ -52,7 +52,7 @@ def dashboard_nav(request, nav_step):
 def login(request):
 
     if settings.DEPLOYMENT_TYPE == 'localdev' and not request.session.get('fake-bceid-guid'):
-        return redirect(settings.FORCE_SCRIPT_NAME[:-1] + '/bceid')
+        return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/bceid')
     else:
         guid = request.bceid_user.guid
 
@@ -67,14 +67,14 @@ def login(request):
 
         copy_session_to_db(request, user)
 
-        return redirect(settings.FORCE_SCRIPT_NAME[:-1] + '/overview')
+        return redirect(settings.PROXY_BASE_URL + settings.FORCE_SCRIPT_NAME[:-1] + '/overview')
 
 
 def logout(request):
     request.session.flush()
 
     if settings.DEPLOYMENT_TYPE == 'localdev':
-        return redirect(settings.FORCE_SCRIPT_NAME[:-1] + '/intro')
+        return redirect('/')
     else:
         return redirect(settings.LOGOUT_URL)
 
diff --git a/edivorce/settings/local.py b/edivorce/settings/local.py
index 52143535..284fdbfc 100644
--- a/edivorce/settings/local.py
+++ b/edivorce/settings/local.py
@@ -19,3 +19,4 @@ WEASYPRINT_CSS_LOOPBACK = 'http://10.200.10.1:8000'
 
 DEPLOYMENT_TYPE = 'localdev'
 REGISTER_URL = '#'
+PROXY_BASE_URL = ''
diff --git a/openshift/jenkins/jenkins-persistent-template.json b/openshift/jenkins/jenkins-persistent-template.json
new file mode 100644
index 00000000..e69de29b