def _cas_client(target_url=None): cas_server = app.config['CAS_SERVER'] # One (possible) advantage this has over "request.base_url" is that it embeds the configured SERVER_NAME. service_url = url_for('.cas_login', _external=True) if target_url: service_url = service_url + '?' + urlencode({'url': target_url}) return cas.CASClientV3(server_url=cas_server, service_url=service_url)
def cas_login_verify(): client = cas.CASClientV3(renew=False, extra_login_params=False, server_url=app.config['CAS_SERVER_URL'], service_url=url_for('cas_login_verify', _external=True)) if 'ticket' in request.args: (username, attributes, pgtiou) = client.verify_ticket(request.args['ticket']) if username is None: return redirect(client.get_login_url()) else: username = username.lower() if not zero.lib.user.is_user_authorised(username): app.logger.info( "User " + username + " tried to use the service, but they were not in linuxsys or linuxadm, rejecting" ) flash("You are not authorised to use this service, sorry!", "alert-danger") return redirect(url_for('login')) # Logon is OK to proceed return zero.lib.user.logon_ok(username) else: abort(400)
def cas_login(): client = cas.CASClientV3(renew=False, extra_login_params=False, server_url=app.config['CAS_SERVER_URL'], service_url=url_for('cas_login_verify', _external=True)) return redirect(client.get_login_url())
def setup_app(): fernet_key = fernet.Fernet.generate_key() secret_key = base64.urlsafe_b64decode(fernet_key) app = web.Application( debug=True, middlewares=[ session_middleware(EncryptedCookieStorage(secret_key)), cas_middleware ] ) app['cas_client'] = cas.CASClientV3( server_url=CAS_SERVER_URL, service_url=SERVICE_NAME, extra_login_params=False, renew=False ) aiohttp_jinja2.setup( app, loader=jinja2.FileSystemLoader(os.path.join(PROJECT_ROOT, 'templates')) ) setup_routes(app) return app
def __init__(self, db: DBConnector, ticket: str = None): self.client = cas.CASClientV3(renew=False, extra_login_params=False, server_url='https://login.case.edu/cas/', service_url=request.url_root) self.login_url = self.client.get_login_url() self.logout_url = self.client.get_logout_url( f"{request.url_root}logout") #there is a user logged in if USER_SESSION_KEY in session and session.get( USER_SESSION_KEY) is not None: self.__login_from_session() #we got a ticket from CAS, so the user just logged in elif ticket is not None: self.__login_from_cas_ticket(db, ticket) #no logged in user else: self.user = None
from requests.exceptions import HTTPError import cas import requests from flask import Flask app = Flask(__name__) CAS_URL_LOGIN = '******' CAS_SERVER_URL = 'http://cas.somenergia.coop:8000/' SERVICE_NAME = 'http://api.somenergia.coop' CAS_CLIENT = cas.CASClientV3(server_url=CAS_SERVER_URL, service_url=SERVICE_NAME, extra_login_params=False, renew=False) def _get_ticket(response): response_info = response.raw.info().get('Location', '') if response_info: return parse_qs(urlparse(response_info).query)['ticket'][0] raise HTTPError() def cas_login(username, password): resp = requests.get(CAS_URL_LOGIN) headers = {
def logout_client_v3(): return cas.CASClientV3(server_url='http://www.example.com/cas/')
def client_v3(): return cas.CASClientV3()