def authenticate_CAS_for_URL(url, user, pwd, **url_config):
"""Performs a CAS authentication for the given URL service and returns
the service url with the obtained credential.
The following algorithm is done:
1) A connection is opened on the given URL
2) We check that the response is an HTTP redirection
3) Redirected URL contains the CAS address
4) We ask for a ticket for the given user and password
5) We ask for a service ticket for the given service
6) Then we return a new url with the ticket attached
url: the url of the service to invoke
user: the username
pwd: the password"""
log = logging.getLogger("utils_cas:authenticate_CAS_for_URL")
server, sep, options = url.partition('?')
log.info('Authenticating user %s for service %s' % (user, server))
connexion = utils_http.open_url(url, **url_config)
# connexion response code must be a redirection, else, there's an error (user can't be already connected since no cookie or ticket was sent)
if connexion.url == url:
raise Exception(
utils_messages.get_external_messages()
['motu-client.exception.authentication.not-redirected'] % server)
# find the cas url from the redirected url
redirected_url = connexion.url
p = parse_qs(urlparse(connexion.url).query, keep_blank_values=False)
redirectServiceUrl = p['service'][0]
m = re.search(CAS_URL_PATTERN, redirected_url)
if m is None:
raise Exception(utils_messages.get_external_messages()
['motu-client.exception.authentication.unfound-url'] %
redirected_url)
url_cas = m.group(1) + '/v1/tickets'
opts = utils_http.encode(
utils_collection.ListMultimap(username=urllib.quote(user),
password=urllib.quote(pwd)))
utils_log.log_url(log, "login user into CAS:\t", url_cas + '?' + opts)
url_config['data'] = opts
connexion = utils_http.open_url(url_cas, **url_config)
fp = utils_html.FounderParser()
for line in connexion:
log.log(utils_log.TRACE_LEVEL, 'utils_html.FounderParser() line: %s',
line)
fp.feed(line)
tgt = fp.action_[fp.action_.rfind('/') + 1:]
log.log(utils_log.TRACE_LEVEL, 'TGT: %s', tgt)
# WARNING : don't use 'fp.action_' as url : it seems protocol is always http never https
# use 'url_cas', extract TGT from 'fp.action_' , then construct url_ticket.
# url_ticket = fp.action_
url_ticket = url_cas + '/' + tgt
if url_ticket is None:
raise Exception(utils_messages.get_external_messages()
['motu-client.exception.authentication.tgt'])
utils_log.log_url(log, "found url ticket:\t", url_ticket)
opts = utils_http.encode(
utils_collection.ListMultimap(
service=urllib.quote_plus(redirectServiceUrl)))
utils_log.log_url(log, 'Granting user for service\t',
url_ticket + '?' + opts)
url_config['data'] = opts
ticket = utils_http.open_url(url_ticket, **url_config).readline()
utils_log.log_url(log, "found service ticket:\t", ticket)
# we append the download url with the ticket and return the result
service_url = redirectServiceUrl + '&ticket=' + ticket
utils_log.log_url(log, "service url is:\t", service_url)
return service_url
def authenticate_CAS_for_URL(url, user, pwd, **url_config):
"""Performs a CAS authentication for the given URL service and returns
the service url with the obtained credential.
The following algorithm is done:
1) A connection is opened on the given URL
2) We check that the response is an HTTP redirection
3) Redirected URL contains the CAS address
4) We ask for a ticket for the given user and password
5) We ask for a service ticket for the given service
6) Then we return a new url with the ticket attached
url: the url of the service to invoke
user: the username
pwd: the password"""
log = logging.getLogger("utils_cas:authenticate_CAS_for_URL")
server, sep, options = url.partition( '?' )
log.info( 'Authenticating user %s for service %s' % (user,server) )
connexion = utils_http.open_url(url,**url_config)
# connexion response code must be a redirection, else, there's an error (user can't be already connected since no cookie or ticket was sent)
if connexion.url == url:
raise Exception(utils_messages.get_external_messages()['motu-client.exception.authentication.not-redirected'] % server )
# find the cas url from the redirected url
redirected_url = connexion.url
m = re.search(CAS_URL_PATTERN, redirected_url)
if m is None:
raise Exception(utils_messages.get_external_messages()['motu-client.exception.authentication.unfound-url'] % redirected_url)
url_cas = m.group(1) + '/v1/tickets'
opts = utils_http.encode(utils_collection.ListMultimap(username = user, password = pwd))
utils_log.log_url( log, "login user into CAS:\t", url_cas+'?'+opts )
url_config['data']=opts
connexion = utils_http.open_url(url_cas, **url_config)
fp = utils_html.FounderParser()
for line in connexion:
log.log( utils_log.TRACE_LEVEL, 'utils_html.FounderParser() line: %s', line )
fp.feed(line)
tgt = fp.action_[fp.action_.rfind('/') + 1:]
log.log( utils_log.TRACE_LEVEL, 'TGT: %s', tgt )
# WARNING : don't use 'fp.action_' as url : it seems protocol is always http never https
# use 'url_cas', extract TGT from 'fp.action_' , then construct url_ticket.
# url_ticket = fp.action_
url_ticket = url_cas + '/' + tgt
if url_ticket is None:
raise Exception(utils_messages.get_external_messages()['motu-client.exception.authentication.tgt'])
utils_log.log_url( log, "found url ticket:\t",url_ticket)
opts = utils_http.encode(utils_collection.ListMultimap(service = urllib.quote_plus(url)))
utils_log.log_url( log, 'Granting user for service\t', url_ticket +'?'+opts )
url_config['data']=opts
ticket = utils_http.open_url(url_ticket, **url_config).readline()
utils_log.log_url( log, "found service ticket:\t", ticket)
# we append the download url with the ticket and return the result
service_url = url + '&ticket=' + ticket
utils_log.log_url( log, "service url is:\t",service_url)
return service_url