From 2842d7df372e833a7e01581033bcc73bdea1b7e5 Mon Sep 17 00:00:00 2001
From: Sergey Vilgelm <sergey@vilgelm.info>
Date: Tue, 22 Jan 2019 18:21:29 -0600
Subject: [PATCH] Fix untrusted dashboard host

The `openstack_auth login` view uses `request.build_absolute_uri` function
to build an origin uri when websso is enabled and
the WEBSSO_DEFAULT_REDIRECT_PROTOCOL is set.
This function doesn't insert the `WEBROOT` variable into uri what causes an
error:
    http://domain.name/auth/websso/ is not a trusted dashboard host
Using the `build_absolute_uri` from `utils` module fixes this problem. It
generates the right uri:
    http://domain.name/dashboard/auth/websso/

Change-Id: I94100f66a9f07eb8da75d344cbd120838fe25d1e
---
 openstack_auth/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openstack_auth/views.py b/openstack_auth/views.py
index 14ac0dfca8..a71841c5fe 100644
--- a/openstack_auth/views.py
+++ b/openstack_auth/views.py
@@ -62,7 +62,7 @@ def login(request, template_name=None, extra_context=None, **kwargs):
             utils.is_websso_default_redirect()):
         protocol = utils.get_websso_default_redirect_protocol()
         region = utils.get_websso_default_redirect_region()
-        origin = request.build_absolute_uri('/auth/websso/')
+        origin = utils.build_absolute_uri(request, '/auth/websso/')
         url = ('%s/auth/OS-FEDERATION/websso/%s?origin=%s' %
                (region, protocol, origin))
         return shortcuts.redirect(url)