def logout(request, next_page=None): """Redirects to CAS logout page""" # try to find the ticket matching current session for logout signal try: st = SessionTicket.objects.get(session_key=request.session.session_key) ticket = st.ticket except SessionTicket.DoesNotExist: ticket = None # send logout signal cas_user_logout.send( sender="manual", user=request.user, session=request.session, ticket=ticket, ) auth_logout(request) # clean current session ProxyGrantingTicket and SessionTicket ProxyGrantingTicket.objects.filter(session_key=request.session.session_key).delete() SessionTicket.objects.filter(session_key=request.session.session_key).delete() next_page = next_page or get_redirect_url(request) if settings.CAS_LOGOUT_COMPLETELY: protocol = get_protocol(request) host = request.get_host() redirect_url = urllib_parse.urlunparse( (protocol, host, next_page, '', '', ''), ) client = get_cas_client(request=request) return HttpResponseRedirect(settings.CLIENT_HOST) else: # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return render(request, 'index.html')
def get(self, request): """ Redirects to CAS logout page :param request: :return: """ next_page = request.GET.get('next') token = request.GET.get('token') session_key = request.GET.get('session_key') print('token: {} session_key: {}'.format(token, session_key)) # try to find the ticket matching current session for logout signal try: st = SessionTicket.objects.get(session_key=session_key) ticket = st.ticket except SessionTicket.DoesNotExist: ticket = None # send logout signal # print('request.COOKIES: {}'.format(request.COOKIES)) # print('request.session: {}'.format(request.session)) logger.info('request.user: {}'.format(request.user)) logger.info('logout ticket: {}'.format(ticket)) logger.info('Start cas logout.') cas_user_logout.send( sender="manual", user=request.user, session=request.session, ticket=ticket, ) logger.info('Start sys logout.') auth_logout(request) # clean current session ProxyGrantingTicket and SessionTicket ProxyGrantingTicket.objects.filter(session_key=session_key).delete() SessionTicket.objects.filter(session_key=session_key).delete() Token.objects.filter(key=token).delete() next_page = next_page or get_redirect_url(request) logger.info('Logout next_page: {}'.format(next_page)) if settings.CAS_LOGOUT_COMPLETELY: protocol = get_protocol(request) host = request.get_host() redirect_url = urllib_parse.urlunparse( (protocol, host, next_page, '', '', ''), ) logger.info('Logout redirect_url: {}'.format(redirect_url)) client = get_cas_client(request=request) # logger.info('Logout client.get_logout_url(redirect_url): {}'.format(client.get_logout_url(redirect_url))) return HttpResponseRedirect(client.get_logout_url(next_page)) else: # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return HttpResponseRedirect(next_page)
def clean_sessions(client, request): for slo in client.get_saml_slos(request.POST.get('logoutRequest')): try: st = SessionTicket.objects.get(ticket=slo.text) session = SessionStore(session_key=st.session_key) # send logout signal cas_user_logout.send( sender="slo", user=get_user_from_session(session), session=session, ticket=slo.text, ) session.flush() # clean logout session ProxyGrantingTicket and SessionTicket ProxyGrantingTicket.objects.filter(session_key=st.session_key).delete() SessionTicket.objects.filter(session_key=st.session_key).delete() except SessionTicket.DoesNotExist: pass
def get(self, request): """ Redirects to CAS logout page :param request: :return: """ next_page = clean_next_page(request, request.GET.get('next')) # try to find the ticket matching current session for logout signal try: st = SessionTicket.objects.get( session_key=request.session.session_key) ticket = st.ticket except SessionTicket.DoesNotExist: ticket = None # send logout signal cas_user_logout.send( sender="manual", user=request.user, session=request.session, ticket=ticket, ) auth_logout(request) # clean current session ProxyGrantingTicket and SessionTicket ProxyGrantingTicket.objects.filter( session_key=request.session.session_key).delete() SessionTicket.objects.filter( session_key=request.session.session_key).delete() next_page = next_page or get_redirect_url(request) if settings.CAS_LOGOUT_COMPLETELY: protocol = get_protocol(request) host = request.get_host() redirect_url = SERVICE_URL client = get_cas_client(request=request) return HttpResponseRedirect(client.get_logout_url(redirect_url)) else: # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return HttpResponseRedirect(next_page)
def get(self, request: HttpRequest) -> HttpResponse: next_page = settings.SUCCESS_SSO_AUTH_REDIRECT try: del request.session['token'] except KeyError: pass # try to find the ticket matching current session for logout signal try: st = SessionTicket.objects.get( session_key=request.session.session_key) ticket = st.ticket except SessionTicket.DoesNotExist: ticket = None # send logout signal cas_user_logout.send( sender="manual", user=request.user, session=request.session, ticket=ticket, ) # clean current session ProxyGrantingTicket and SessionTicket ProxyGrantingTicket.objects.filter( session_key=request.session.session_key).delete() SessionTicket.objects.filter( session_key=request.session.session_key).delete() auth_logout(request) next_page = next_page or get_redirect_url(request) if settings.CAS_LOGOUT_COMPLETELY: client = get_cas_client(request=request) return HttpResponseRedirect(client.get_logout_url(next_page)) # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return HttpResponseRedirect(next_page)