def test_callback_post_logout(django_user_model, settings):
"""
Test that when logout is from a callback
"""
settings.CAS_VERSION = 'CAS_2_SAML_1_0'
data = {
'logoutRequest':
'<samlp:LogoutRequest '
'xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">'
'<samlp:SessionIndex>fake-ticket'
'</samlp:SessionIndex></samlp:LogoutRequest>'
}
session = SessionStore()
session['fake_session'] = 'fake-session'
session.save()
assert SessionStore(session_key=session.session_key) is not None
factory = RequestFactory()
request = factory.post('/callback/', data)
request.session = session
# Create a fake session ticket and make sure it exists in the db
session_ticket = SessionTicket.objects.create(
session_key=session.session_key, ticket='fake-ticket')
assert session_ticket is not None
assert SessionTicket.objects.filter(session_key=session.session_key,
ticket='fake-ticket').exists() is True
user = django_user_model.objects.create(username='******',
email='*****@*****.**')
assert user is not None
assert django_user_model.objects.filter(
username='******').exists() is True
request.user = user
# Create a fake pgt
pgt = ProxyGrantingTicket.objects.create(session_key=session.session_key,
user=user,
pgtiou='fake-ticket-iou',
pgt='fake-ticket')
assert pgt is not None
assert ProxyGrantingTicket.objects.filter(
session_key=session.session_key,
user=user,
pgtiou='fake-ticket-iou',
pgt='fake-ticket').exists() is True
callback(request)
assert SessionTicket.objects.filter(session_key=session.session_key,
ticket='fake-ticket').exists() is False
assert ProxyGrantingTicket.objects.filter(
session_key=session.session_key,
user=user,
pgtiou='fake-ticket-iou',
pgt='fake-ticket').exists() is False
assert SessionTicket.objects.filter(session_key=session.session_key,
ticket='fake-ticket').exists() is False
def test_callback_post_logout(django_user_model, settings):
"""
Test that when logout is from a callback
"""
settings.CAS_VERSION = 'CAS_2_SAML_1_0'
data = {'logoutRequest': '<samlp:LogoutRequest '
'xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">'
'<samlp:SessionIndex>fake-ticket'
'</samlp:SessionIndex></samlp:LogoutRequest>'
}
session = SessionStore()
session['fake_session'] = 'fake-session'
session.save()
assert SessionStore(session_key=session.session_key) is not None
factory = RequestFactory()
request = factory.post('/callback/', data)
request.session = session
# Create a fake session ticket and make sure it exists in the db
session_ticket = SessionTicket.objects.create(
session_key=session.session_key,
ticket='fake-ticket'
)
assert session_ticket is not None
assert SessionTicket.objects.filter(session_key=session.session_key,
ticket='fake-ticket').exists() is True
user = django_user_model.objects.create(username='******', email='*****@*****.**')
assert user is not None
assert django_user_model.objects.filter(username='******').exists() is True
request.user = user
# Create a fake pgt
pgt = ProxyGrantingTicket.objects.create(session_key=session.session_key,
user=user, pgtiou='fake-ticket-iou',
pgt='fake-ticket')
assert pgt is not None
assert ProxyGrantingTicket.objects.filter(session_key=session.session_key,
user=user, pgtiou='fake-ticket-iou',
pgt='fake-ticket').exists() is True
callback(request)
assert SessionTicket.objects.filter(session_key=session.session_key,
ticket='fake-ticket').exists() is False
assert ProxyGrantingTicket.objects.filter(session_key=session.session_key,
user=user, pgtiou='fake-ticket-iou',
pgt='fake-ticket').exists() is False
assert SessionTicket.objects.filter(session_key=session.session_key,
ticket='fake-ticket').exists() is False
def api_logout(request):
dictResp = auth_check(request, "POST", check_login=False)
if dictResp != {}:
return HttpResponse(json.dumps(dictResp, ensure_ascii=False),
content_type="application/json")
try:
cas_views.callback(request)
dictResp = {"c": ERR_SUCCESS[0], "m": ERR_SUCCESS[1]}
return HttpResponse(json.dumps(dictResp, ensure_ascii=False),
content_type="application/json")
except Exception as ex:
sErrInfo = traceback.format_exc()
logger.error(sErrInfo)
dictResp = {"c": -1, "m": ex.message}
return HttpResponse(json.dumps(dictResp, ensure_ascii=False),
content_type="application/json")
def test_callback_create_pgt():
"""
Test the case where a pgt callback is used.
"""
factory = RequestFactory()
request = factory.get('/callback/', {'pgtId': 'fake-pgtId',
'pgtIou': 'fake-pgtIou'})
response = callback(request)
assert response.status_code == 200
assert ProxyGrantingTicket.objects.filter(pgt='fake-pgtId',
pgtiou='fake-pgtIou'
).exists() is True
def test_callback_create_pgt():
"""
Test the case where a pgt callback is used.
"""
factory = RequestFactory()
request = factory.get('/callback/', {'pgtId': 'fake-pgtId',
'pgtIou': 'fake-pgtIou'})
response = callback(request)
assert response.status_code == 200
assert ProxyGrantingTicket.objects.filter(pgt='fake-pgtId',
pgtiou='fake-pgtIou'
).exists() is True
def test_callback_delete_not_allowed():
factory = RequestFactory()
request = factory.delete('/callback/')
response = callback(request)
assert response.status_code == 405
def test_callback_delete_not_allowed():
factory = RequestFactory()
request = factory.delete('/callback/')
response = callback(request)
assert response.status_code == 405
