Example #1
0
def get_file_url(path, absolute=None, internet=True):
    """
    :param path: 不包含bucket_name或media,保存在FileObj中的url的原始路径
    :param abs: 是否返回包含域名的绝对地址
    :param internet: 是否返回外网地址,否则返回内网地址,abs为True时生效
    :return: 返回文件的url
    """
    from django_cas_ng.utils import get_service_url

    url = ""
    if not path:
        return url
    path = get_storage_obj().get_relative_url(path)

    # 不包含该参数时采用系统配置
    if settings.DATA_STORAGE_USE_S3_HOST_URL and settings.DATA_STORAGE_USE_S3:  # 开发环境才使用该配置
        url = 'http://' + settings.AWS_S3_HOST + ":" + str(
            settings.AWS_S3_PORT) + path
    elif absolute and not internet and settings.DATA_STORAGE_USE_S3:  # 采用S3存储,获取内网下载地址
        url = 'http://' + settings.AWS_S3_HOST + ":" + str(
            settings.AWS_S3_PORT) + path
    elif absolute or (absolute is None
                      and settings.DATA_STORAGE_USE_ABSOLUTE_URL):
        url = get_service_url(settings.SELF_APP, internet) + path
    else:
        url = path
    return url
Example #2
0
def test_service_url_preserves_query_parameters():
    factory = RequestFactory()
    request = factory.get('/login/?foo=bar', secure=True)

    actual = get_service_url(request,
                             redirect_to='https://testserver/landing-page/')
    assert 'next=https%3A%2F%2Ftestserver%2Flanding-page%2F' in actual
Example #3
0
def test_service_url_helper():
    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request)
    expected = 'http://testserver/login/?next=%2F'

    assert actual == expected
Example #4
0
def test_service_url_helper_with_redirect():
    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request, redirect_to='http://testserver/landing-page/')
    expected = 'http://testserver/login/?next=http%3A%2F%2Ftestserver%2Flanding-page%2F'

    assert actual == expected
Example #5
0
    def post(self, request):
        if request.POST.get('logoutRequest'):
            next_page = request.POST.get('next', settings.CAS_REDIRECT_URL)
            service_url = get_service_url(request, next_page)
            client = get_cas_client(service_url=service_url, request=request)

            clean_sessions(client, request)
            return HttpResponseRedirect(next_page)
Example #6
0
def test_service_url_helper():
    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request)
    expected = 'http://testserver/login/?next=%2F'

    assert actual == expected
Example #7
0
def test_service_url_helper_with_redirect():
    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request, redirect_to='http://testserver/landing-page/')
    expected = 'http://testserver/login/?next=http://testserver/landing-page/'

    assert actual == expected
Example #8
0
def test_service_url_helper_as_https():
    factory = RequestFactory()
    kwargs = {'secure': True, 'wsgi.url_scheme': 'https', 'SERVER_PORT': '443'}
    request = factory.get('/login/', **kwargs)

    actual = get_service_url(request)
    expected = 'https://testserver/login/?next=%2F'

    assert actual == expected
Example #9
0
def test_service_url_avoids_next(settings):
    settings.CAS_STORE_NEXT = True

    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request, redirect_to='/admin/')
    expected = 'http://testserver/login/'
    assert actual == expected
Example #10
0
def test_service_url_helper_as_https():
    factory = RequestFactory()
    kwargs = {'secure': True, 'wsgi.url_scheme': 'https', 'SERVER_PORT': '443'}
    request = factory.get('/login/', **kwargs)

    actual = get_service_url(request)
    expected = 'https://testserver/login/?next=%2F'

    assert actual == expected
Example #11
0
def test_service_url_avoids_next(settings):
    settings.CAS_STORE_NEXT = True

    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request, redirect_to='/admin/')
    expected = 'http://testserver/login/'
    assert actual == expected
Example #12
0
def test_service_url_root_proxied_as(settings):
    settings.CAS_ROOT_PROXIED_AS = 'https://foo.bar:8443'

    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request)
    expected = 'https://foo.bar:8443/login/?next=%2F'
    assert actual == expected
Example #13
0
def test_service_url_root_proxied_as(settings):
    settings.CAS_ROOT_PROXIED_AS = 'https://foo.bar:8443'

    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request)
    expected = 'https://foo.bar:8443/login/?next=%2F'
    assert actual == expected
Example #14
0
def test_force_ssl_service_url(settings):
    settings.CAS_FORCE_SSL_SERVICE_URL = True

    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request)
    expected = 'https://testserver/login/?next=%2F'

    assert actual == expected
Example #15
0
    def post(self, request):
        next_page = clean_next_page(
            request, request.POST.get('next', settings.CAS_REDIRECT_URL))
        service_url = get_service_url(request, next_page)
        client = get_cas_client(service_url=SERVICE_URL + LOGIN_PATH,
                                request=request)

        if request.POST.get('logoutRequest'):
            clean_sessions(client, request)
            return HttpResponseRedirect(next_page)

        return HttpResponseRedirect(client.get_login_url())
Example #16
0
def test_service_url_root_proxied_as_empty_string(settings):
    """
    If the settings module has the attribute CAS_ROOT_PROXIED_AS but its value
    is an empty string (or another falsy value), we must make sure the setting
    is not considered while constructing the redirect url.
    """
    settings.CAS_ROOT_PROXIED_AS = ''

    factory = RequestFactory()
    request = factory.get('/login/')

    actual = get_service_url(request)
    expected = 'http://testserver/login/?next=%2F'
    assert actual == expected
Example #17
0
def brcas_token(request):
    service_url = get_service_url(request)
    redirect_url = get_redirect_url(request)
    client = get_cas_client(service_url=service_url, request=request)
    ticket = request.GET.get('ticket')
    if ticket:
        user = django.contrib.auth.authenticate(
            ticket=ticket,
            service="https://api.x-passion.binets.fr/api-brcas-token-auth/",
            request=request)
        if user is not None:
            jwt_payload_handler = rest_framework_jwt.settings.api_settings.JWT_PAYLOAD_HANDLER
            jwt_encode_handler = rest_framework_jwt.settings.api_settings.JWT_ENCODE_HANDLER
            payload = jwt_payload_handler(user)
            token = jwt_encode_handler(payload)
            return render(request,
                          "storer.html",
                          context={
                              "token": token,
                              "redirect_url": redirect_url
                          })
    raise PermissionDenied('BR CAS login failed.')
Example #18
0
    def get(self, request):
        """
        Forwards to CAS login URL or verifies CAS ticket

        :param request:
        :return:
        """
        next_page = request.GET.get('next')
        required = request.GET.get('required', False)

        service_url = get_service_url(request, next_page)
        # logger.info('service_url: {}'.format(service_url))
        client = get_cas_client(service_url=service_url, request=request)

        if not next_page and settings.CAS_STORE_NEXT and 'CASNEXT' in request.session:
            next_page = request.session['CASNEXT']
            del request.session['CASNEXT']

        if not next_page:
            next_page = get_redirect_url(request)

        if request.user.is_authenticated:
            if settings.CAS_LOGGED_MSG is not None:
                message = settings.CAS_LOGGED_MSG % request.user.get_username()
                messages.success(request, message)
                logger.info('user is authenticated')
                user = request.user
                Token.objects.update_or_create(user=user)
            return self.successful_login(request=request, next_page=next_page)

        ticket = request.GET.get('ticket')
        logger.info('Login ticket: {}'.format(ticket))
        if ticket:
            user = authenticate(ticket=ticket,
                                service=service_url,
                                request=request)
            logger.info('ticket user: {}'.format(user))
            # print('user:'******'Login failed.'))
        else:
            if settings.CAS_STORE_NEXT:
                request.session['CASNEXT'] = next_page
            return HttpResponseRedirect(client.get_login_url())
Example #19
0
def login(request, next_page=None, required=False):
    """Forwards to CAS login URL or verifies CAS ticket"""
    service_url = get_service_url(request, next_page)
    client = get_cas_client(service_url=service_url, request=request)

    if not next_page and settings.CAS_STORE_NEXT and 'CASNEXT' in request.session:
        next_page = request.session['CASNEXT']
        del request.session['CASNEXT']

    if not next_page:
        next_page = get_redirect_url(request)

    if request.method == 'POST' and request.POST.get('logoutRequest'):
        clean_sessions(client, request)
        return HttpResponseRedirect(next_page)

    # backward compability for django < 2.0
    is_user_authenticated = False

    if sys.version_info >= (3, 0):
        bool_type = bool
    else:
        bool_type = types.BooleanType

    if isinstance(request.user.is_authenticated, bool_type):
        is_user_authenticated = request.user.is_authenticated
    else:
        is_user_authenticated = request.user.is_authenticated()

    if is_user_authenticated:
        if settings.CAS_LOGGED_MSG is not None:
            message = settings.CAS_LOGGED_MSG % request.user.get_username()
            user = request.user
            payload = jwt_payload_handler(user)
            token = jwt_encode_handler(payload)
            user_profile = UserProfile.objects.get(user=user)
            profile_id = user_profile.id
            name = user_profile.name
            npm = user_profile.npm
            email = user_profile.email
            role = user_profile.role.role_name
            angkatan = user_profile.angkatan.name

            data = {'user_id': user.id, 'user': user.username, 'token': token,
                    'profile_id': profile_id,
                    'name': name, 'npm': npm, 'email': email, 'role': role, 'angkatan': angkatan}
        return render(request, 'index.html')

    ticket = request.GET.get('ticket')
    if ticket:
        user = authenticate(ticket=ticket,
                            service=service_url,
                            request=request)
        pgtiou = request.session.get("pgtiou")
        if user is not None:
            if not request.session.exists(request.session.session_key):
                request.session.create()
            auth_login(request, user)
            SessionTicket.objects.create(
                session_key=request.session.session_key,
                ticket=ticket
            )

            if pgtiou and settings.CAS_PROXY_CALLBACK:
                # Delete old PGT
                ProxyGrantingTicket.objects.filter(
                    user=user,
                    session_key=request.session.session_key
                ).delete()
                # Set new PGT ticket
                try:
                    pgt = ProxyGrantingTicket.objects.get(pgtiou=pgtiou)
                    pgt.user = user
                    pgt.session_key = request.session.session_key
                    pgt.save()
                except ProxyGrantingTicket.DoesNotExist:
                    pass

            if settings.CAS_LOGIN_MSG is not None:
                name = user.get_username()
                message = settings.CAS_LOGIN_MSG % name
                messages.success(request, message)
            
            payload = jwt_payload_handler(user)
            token = jwt_encode_handler(payload)

            user_profile = UserProfile.objects.get(user=user)
            profile_id = user_profile.id
            name = user_profile.name
            npm = user_profile.npm
            email = user_profile.email
            role = user_profile.role.role_name
            angkatan = user_profile.angkatan.name

            data = {'user_id': user.id, 'user': user.username, 'token': token,
                    'profile_id': profile_id,
                    'name': name, 'npm': npm, 'email': email, 'role': role, 'angkatan': angkatan}
            return render(request, 'index.html', data)
        elif settings.CAS_RETRY_LOGIN or required:
            return HttpResponseRedirect(client.get_login_url())
        else:
            raise PermissionDenied(_('Login failed.'))
    else:
        if settings.CAS_STORE_NEXT:
            request.session['CASNEXT'] = next_page
        return HttpResponseRedirect(client.get_login_url())
Example #20
0
def test_service_url_preserves_query_parameters():
    factory = RequestFactory()
    request = factory.get('/login/?foo=bar', secure=True)

    actual = get_service_url(request, redirect_to='https://testserver/landing-page/')
    assert 'next=https%3A%2F%2Ftestserver%2Flanding-page%2F' in actual
Example #21
0
 def dispatch(self, request, *args, **kwargs):
     self.ticket = request.GET.get('ticket')
     self.service = get_service_url(request)
     return super(LoginView, self).dispatch(request, *args, **kwargs)