- Timestamp:
- 4 Jul 2013, 22:08:53 (11 years ago)
- Location:
- main/waeup.cas/trunk/waeup/cas
- Files:
-
- 3 edited
-
server.py (modified) (2 diffs)
-
templates/login_successful.html (modified) (1 diff)
-
tests/test_server.py (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.cas/trunk/waeup/cas/server.py
r10397 r10398 100 100 101 101 102 def check_session_cookie(db, cookie_value): 103 """Check whether `cookie_value` represents a valid ticket granting 104 ticket in `db`. 105 """ 106 if cookie_value is None: 107 return False 108 print("VAL1: ", cookie_value) 109 try: 110 # turn value into unicode (py2.x) / str (py3.x) 111 cookie_value = cookie_value.decode('utf-8') 112 except AttributeError: # pragma: no cover 113 pass 114 print("VAL2: ", cookie_value) 115 q = db.query(TicketGrantingCookie).filter( 116 TicketGrantingCookie.value == cookie_value) 117 result = [x for x in q] 118 if len(result): 119 return result[0] 120 return None 121 122 102 123 class CASServer(object): 103 124 """A WSGI CAS server. … … 142 163 password = req.POST.get('password', None) 143 164 valid_lt = check_login_ticket(self.db, req.POST.get('lt')) 144 if username and password and valid_lt: 165 tgc = req.cookies.get('cas-tgc', None) 166 print('TGC: ', tgc) 167 tgc = check_session_cookie(self.db, tgc) 168 print("TGC2: ", tgc) 169 print([(x, y) for x, y, in req.headers.items()]) 170 if username and password and valid_lt or tgc: 145 171 # act as credentials acceptor 146 cred_ok, reason = self.auth.check_credentials(username, password) 172 if tgc: 173 cred_ok, reason = True, '' 174 if not service: 175 msg = 'You logged in already.' 176 else: 177 cred_ok, reason = self.auth.check_credentials( 178 username, password) 147 179 if cred_ok: 148 180 if service is None: 149 181 # show logged-in screen 150 182 html = self._get_template('login_successful.html') 183 html = html.replace('MSG_TEXT', msg) 151 184 resp = Response(html) 152 resp = set_session_cookie(resp, self.db) 185 if not tgc: 186 resp = set_session_cookie(resp, self.db) 153 187 return resp 154 188 else: -
main/waeup.cas/trunk/waeup/cas/templates/login_successful.html
r10394 r10398 1 1 <html> 2 2 <head> 3 <title> Single Sign-On initiated</title>3 <title>WAeUP Central Authentication Services</title> 4 4 </head> 5 5 <body> 6 <div>MSG_TEXT</div> 6 7 <h1>Logged in</h1> 7 8 <div>You successfully initiated single sign-on!</div> -
main/waeup.cas/trunk/waeup/cas/tests/test_server.py
r10397 r10398 12 12 CASServer, create_service_ticket, create_login_ticket, 13 13 create_tgc_value, check_login_ticket, set_session_cookie, 14 check_session_cookie, 14 15 ) 15 16 16 17 17 RE_ALPHABET = re.compile('^[a-zA-Z0-9\-]*$') … … 184 184 assert b'ticket=ST-' in resp.body 185 185 186 def test_login_cred_acceptor_sso_no_service(self): 187 # 2.2.4: successful login via single sign on 188 db = self.raw_app.db 189 tgc = create_tgc_value() 190 db.add(tgc) 191 value = str(tgc.value) 192 resp = self.app.get('/login', headers={'Cookie': 'cas-tgc=%s' % value}) 193 assert resp.status == '200 OK' 194 assert b'already' in resp.body 195 assert 'Set-Cookie' not in resp.headers 196 return 197 186 198 def test_login_cred_acceptor_failed(self): 187 199 # 2.2.4: failed login yields a message … … 269 281 TicketGrantingCookie.value == value) 270 282 assert len(list(q)) == 1 283 284 def test_check_session_cookie(self): 285 db = DB('sqlite:///') 286 tgc = create_tgc_value() 287 db.add(tgc) 288 value = tgc.value 289 assert check_session_cookie(db, value) == tgc 290 assert check_session_cookie(db, 'foo') is None 291 assert check_session_cookie(db, b'foo') is None 292 value2 = value.encode('utf-8') 293 assert check_session_cookie(db, value2) == tgc
Note: See TracChangeset for help on using the changeset viewer.
