Changeset 10412
- Timestamp:
- 6 Jul 2013, 11:06:53 (11 years ago)
- Location:
- main/waeup.cas/trunk/waeup/cas
- Files:
-
- 2 edited
-
server.py (modified) (3 diffs)
-
tests/test_server.py (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.cas/trunk/waeup/cas/server.py
r10411 r10412 133 133 134 134 135 def login_redirect_service(db, service, sso=True ):135 def login_redirect_service(db, service, sso=True, create_ticket=True): 136 136 """Return a response redirecting to a service via HTTP 303 See Other. 137 137 """ 138 138 # safely redirect to service given 139 st = create_service_ticket(service, sso) 140 db.add(st) 141 service = '%s?ticket=%s' % (service, st.ticket) 139 if create_ticket: 140 st = create_service_ticket(service, sso) 141 db.add(st) 142 service = '%s?ticket=%s' % (service, st.ticket) 142 143 html = get_template('login_service_redirect.html') 143 144 html = html.replace('SERVICE_URL', service) … … 209 210 service = req.POST.get('service', req.GET.get('service', None)) 210 211 renew = req.POST.get('renew', req.GET.get('renew', None)) 212 gateway = req.POST.get('gateway', req.GET.get('gateway', None)) 213 if renew is not None and gateway is not None: 214 gateway = None 211 215 service_field = '' 212 216 msg = '' … … 215 219 valid_lt = check_login_ticket(self.db, req.POST.get('lt')) 216 220 tgc = check_session_cookie(self.db, req.cookies.get('cas-tgc', None)) 217 if tgc and renew is None: 221 if gateway and (not tgc) and service: 222 return login_redirect_service( 223 self.db, service, sso=True, create_ticket=False) 224 if tgc and (renew is None): 218 225 if service: 219 226 return login_redirect_service(self.db, service, sso=True) -
main/waeup.cas/trunk/waeup/cas/tests/test_server.py
r10411 r10412 140 140 assert 'Set-Cookie' not in resp.headers 141 141 142 def test_login_renew_without_cookie(self): 143 # 2.1.1: with renew and no cookie, normal auth will happen 144 app = CASServer() 145 req = Request.blank('https://localhost/login?renew=true') 146 resp = app(req) 147 assert resp.status == '200 OK' 148 assert b'username' in resp.body 149 142 150 def test_login_renew_as_empty_string(self): 143 151 # `renew` is handled correctly, even with empty value … … 149 157 req.headers['Cookie'] = 'cas-tgc=%s' % value 150 158 resp = app(req) 159 assert resp.status == '200 OK' 160 assert b'username' in resp.body 161 assert 'Set-Cookie' not in resp.headers 162 163 def test_login_gateway_no_cookie_with_service(self): 164 # 2.1.1: with gateway but w/o cookie we will be redirected to service 165 # no service ticket will be issued 166 app = CASServer() 167 params = 'gateway=true&service=http%3A%2F%2Fwww.service.com' 168 req = Request.blank('https://localhost/login?%s' % params) 169 resp = app(req) 170 assert resp.status == '303 See Other' 171 assert 'Location' in resp.headers 172 assert resp.headers['Location'] == 'http://www.service.com' 173 174 def test_login_gateway_with_cookie_and_service(self): 175 # 2.1.1: with cookie and gateway we will be redirected to service 176 app = CASServer() 177 tgc = create_tgc_value() 178 app.db.add(tgc) 179 value = str(tgc.value) 180 params = 'gateway=true&service=http%3A%2F%2Fwww.service.com' 181 req = Request.blank('https://localhost/login?%s' % params) 182 req.headers['Cookie'] = 'cas-tgc=%s' % value 183 resp = app(req) 184 assert resp.status == '303 See Other' 185 assert 'Location' in resp.headers 186 assert resp.headers['Location'].startswith( 187 'http://www.service.com?ticket=ST-') 188 189 def test_login_gateway_and_renew(self): 190 # 2.1.1 if both, gateway and renew are specified, only renew is valid 191 app = CASServer() 192 tgc = create_tgc_value() 193 app.db.add(tgc) 194 value = str(tgc.value) 195 req = Request.blank('https://localhost/login?renew=true&gateway=true') 196 req.headers['Cookie'] = 'cas-tgc=%s' % value 197 resp = app(req) 198 # with only gateway true, this would lead to a redirect 151 199 assert resp.status == '200 OK' 152 200 assert b'username' in resp.body
Note: See TracChangeset for help on using the changeset viewer.
