Updated HTML precursors to be more versatile.

Author: rohe

flask_rp/templates/opresult.html

@@ -27,7 +27,7 @@ <h3>User information</h3>
 </dl>
 
 {% if check_session_iframe is defined %}
-    <iframe id="rp_iframe" src="/session_iframe" hidden></iframe>
+    <iframe id="rp_iframe" src={{ status_check_iframe }} hidden></iframe>
     <iframe id="op_iframe" src={{ check_session_iframe }} hidden></iframe>
 {% endif %}
 

flask_rp/templates/rp_iframe.html

@@ -10,7 +10,7 @@
     var client_id = {{ client_id }};
     var session_state = {{ session_state }};
     console.log("RP session state: " + session_state);
-    var targetOrigin = {{ issuer }}.replace(/\/$/, "");
+    var targetOrigin = new URL({{ issuer }}).origin;
 
     var stat = "unchanged";
     var mes = client_id + " " + session_state;
@@ -32,9 +32,8 @@
         }
         stat = e.data;
 
-        if (stat == "changed") {
+        if (stat === "changed") {
             clearInterval(timer_id);
-            alert("Your session has changed, you will be redirected to log in again.");
             window.parent.window.location = {{ session_change_url }};
         }
     }

flask_rp/templates/session_status.html

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+
+
+<html>
+<head>
+    <title>pyoidc RP</title>
+</head>
+<body>
+
+<h1>Session verification</h1>
+<h2>Checking that the session hasn't changed!</h2>
+
+<iframe id="op_iframe" src={check_session_iframe} hidden></iframe>
+<iframe id="rp_iframe" src={status_check_iframe} hidden></iframe>
+
+</body>
+</html>

flask_rp/views.py

@@ -133,6 +133,8 @@ def finalize(op_hash, request_args):
             }
         except KeyError:
             kwargs = {}
+        else:
+            kwargs["status_check_iframe"] = rp.service_context.add_on['status_check']
 
         kwargs['logout_url'] = "{}/logout".format(rp.service_context.base_url)
 
@@ -182,14 +184,15 @@ def session_iframe():  # session management
         'session_change_url': session_change_url
     }
     logger.debug('rp_iframe args: {}'.format(args))
-
-    return render_template('rp_iframe.html', **args)
+    _template = _rp.service_context.add_on["status_check"]["session_iframe_template_file"]
+    return render_template(_template, **args)
 
 
 @oidc_rp_views.route('/session_change')
 def session_change():
     logger.debug('session_change: {}'.format(session['op_hash']))
     _rp = get_rp(session['op_hash'])
+
     # If there is an ID token send it along as a id_token_hint
     _aserv = _rp.service_context.service['authorization']
     request_args = {"prompt": "none"}