def logout(request, next_page=None):
"""Redirects to CAS logout page"""
# try to find the ticket matching current session for logout signal
try:
st = SessionTicket.objects.get(session_key=request.session.session_key)
ticket = st.ticket
except SessionTicket.DoesNotExist:
ticket = None
# send logout signal
cas_user_logout.send(
sender="manual",
user=request.user,
session=request.session,
ticket=ticket,
)
auth_logout(request)
# clean current session ProxyGrantingTicket and SessionTicket
ProxyGrantingTicket.objects.filter(session_key=request.session.session_key).delete()
SessionTicket.objects.filter(session_key=request.session.session_key).delete()
next_page = next_page or get_redirect_url(request)
if settings.CAS_LOGOUT_COMPLETELY:
protocol = get_protocol(request)
host = request.get_host()
redirect_url = urllib_parse.urlunparse(
(protocol, host, next_page, '', '', ''),
)
client = get_cas_client(request=request)
return HttpResponseRedirect(settings.CLIENT_HOST)
else:
# This is in most cases pointless if not CAS_RENEW is set. The user will
# simply be logged in again on next request requiring authorization.
return render(request, 'index.html')
def get(self, request):
"""
Redirects to CAS logout page
:param request:
:return:
"""
next_page = request.GET.get('next')
token = request.GET.get('token')
session_key = request.GET.get('session_key')
print('token: {} session_key: {}'.format(token, session_key))
# try to find the ticket matching current session for logout signal
try:
st = SessionTicket.objects.get(session_key=session_key)
ticket = st.ticket
except SessionTicket.DoesNotExist:
ticket = None
# send logout signal
# print('request.COOKIES: {}'.format(request.COOKIES))
# print('request.session: {}'.format(request.session))
logger.info('request.user: {}'.format(request.user))
logger.info('logout ticket: {}'.format(ticket))
logger.info('Start cas logout.')
cas_user_logout.send(
sender="manual",
user=request.user,
session=request.session,
ticket=ticket,
)
logger.info('Start sys logout.')
auth_logout(request)
# clean current session ProxyGrantingTicket and SessionTicket
ProxyGrantingTicket.objects.filter(session_key=session_key).delete()
SessionTicket.objects.filter(session_key=session_key).delete()
Token.objects.filter(key=token).delete()
next_page = next_page or get_redirect_url(request)
logger.info('Logout next_page: {}'.format(next_page))
if settings.CAS_LOGOUT_COMPLETELY:
protocol = get_protocol(request)
host = request.get_host()
redirect_url = urllib_parse.urlunparse(
(protocol, host, next_page, '', '', ''), )
logger.info('Logout redirect_url: {}'.format(redirect_url))
client = get_cas_client(request=request)
# logger.info('Logout client.get_logout_url(redirect_url): {}'.format(client.get_logout_url(redirect_url)))
return HttpResponseRedirect(client.get_logout_url(next_page))
else:
# This is in most cases pointless if not CAS_RENEW is set. The user will
# simply be logged in again on next request requiring authorization.
return HttpResponseRedirect(next_page)
def clean_sessions(client, request):
for slo in client.get_saml_slos(request.POST.get('logoutRequest')):
try:
st = SessionTicket.objects.get(ticket=slo.text)
session = SessionStore(session_key=st.session_key)
# send logout signal
cas_user_logout.send(
sender="slo",
user=get_user_from_session(session),
session=session,
ticket=slo.text,
)
session.flush()
# clean logout session ProxyGrantingTicket and SessionTicket
ProxyGrantingTicket.objects.filter(session_key=st.session_key).delete()
SessionTicket.objects.filter(session_key=st.session_key).delete()
except SessionTicket.DoesNotExist:
pass
def get(self, request):
"""
Redirects to CAS logout page
:param request:
:return:
"""
next_page = clean_next_page(request, request.GET.get('next'))
# try to find the ticket matching current session for logout signal
try:
st = SessionTicket.objects.get(
session_key=request.session.session_key)
ticket = st.ticket
except SessionTicket.DoesNotExist:
ticket = None
# send logout signal
cas_user_logout.send(
sender="manual",
user=request.user,
session=request.session,
ticket=ticket,
)
auth_logout(request)
# clean current session ProxyGrantingTicket and SessionTicket
ProxyGrantingTicket.objects.filter(
session_key=request.session.session_key).delete()
SessionTicket.objects.filter(
session_key=request.session.session_key).delete()
next_page = next_page or get_redirect_url(request)
if settings.CAS_LOGOUT_COMPLETELY:
protocol = get_protocol(request)
host = request.get_host()
redirect_url = SERVICE_URL
client = get_cas_client(request=request)
return HttpResponseRedirect(client.get_logout_url(redirect_url))
else:
# This is in most cases pointless if not CAS_RENEW is set. The user will
# simply be logged in again on next request requiring authorization.
return HttpResponseRedirect(next_page)
def get(self, request: HttpRequest) -> HttpResponse:
next_page = settings.SUCCESS_SSO_AUTH_REDIRECT
try:
del request.session['token']
except KeyError:
pass
# try to find the ticket matching current session for logout signal
try:
st = SessionTicket.objects.get(
session_key=request.session.session_key)
ticket = st.ticket
except SessionTicket.DoesNotExist:
ticket = None
# send logout signal
cas_user_logout.send(
sender="manual",
user=request.user,
session=request.session,
ticket=ticket,
)
# clean current session ProxyGrantingTicket and SessionTicket
ProxyGrantingTicket.objects.filter(
session_key=request.session.session_key).delete()
SessionTicket.objects.filter(
session_key=request.session.session_key).delete()
auth_logout(request)
next_page = next_page or get_redirect_url(request)
if settings.CAS_LOGOUT_COMPLETELY:
client = get_cas_client(request=request)
return HttpResponseRedirect(client.get_logout_url(next_page))
# This is in most cases pointless if not CAS_RENEW is set. The user will
# simply be logged in again on next request requiring authorization.
return HttpResponseRedirect(next_page)