From 61a79a9b7a2c6421381a36ec4c3c2dc27681626a Mon Sep 17 00:00:00 2001
From: vmarkov <vmarkov@mirantis.com>
Date: Fri, 1 Jun 2018 13:56:56 +0300
Subject: [PATCH] Show WEBSSO disclaimer only when it is needed

Horizon can support several auth mechanisms, i.e. Keystone creds and
OpenID. User allowed to choose proper way of auth and disclaimer is
shown. But it is possible to allow choose from the only variant, and in
this case disclaimer also shown, which is confusing. Proposed patch fix
disclaimer display and makes it reasonable

Closes-bug: #1774623
Change-Id: Ib039c6fdf1e4cd21b5ebe426fe2a15355a37353c
---
 horizon/templates/auth/_login_form.html | 2 ++
 openstack_auth/views.py                 | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/horizon/templates/auth/_login_form.html b/horizon/templates/auth/_login_form.html
index f3392f09d7..66ce8ff194 100644
--- a/horizon/templates/auth/_login_form.html
+++ b/horizon/templates/auth/_login_form.html
@@ -30,7 +30,9 @@
           <input type="password" name="fake_password" value="" />
         </div>
       {%endif%}
+      {% if show_sso_opts %}
       {% include "auth/_description.html" %}
+      {% endif %}
       <fieldset hz-login-finder>
         {% if request.user.is_authenticated and 'next' in request.GET %}
           <div class="form-group clearfix error help-block alert alert-danger">
diff --git a/openstack_auth/views.py b/openstack_auth/views.py
index 57c0ae8d43..7f6536f70a 100644
--- a/openstack_auth/views.py
+++ b/openstack_auth/views.py
@@ -92,6 +92,10 @@ def login(request, template_name=None, extra_context=None, **kwargs):
 
     extra_context['csrf_failure'] = request.GET.get('csrf_failure')
 
+    choices = getattr(settings, 'WEBSSO_CHOICES', ())
+    extra_context['show_sso_opts'] = (utils.is_websso_enabled() and
+                                      len(choices) > 1)
+
     if not template_name:
         if request.is_ajax():
             template_name = 'auth/_login.html'