def test_callback_post_logout(django_user_model, settings): """ Test that when logout is from a callback """ settings.CAS_VERSION = 'CAS_2_SAML_1_0' data = { 'logoutRequest': '<samlp:LogoutRequest ' 'xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">' '<samlp:SessionIndex>fake-ticket' '</samlp:SessionIndex></samlp:LogoutRequest>' } session = SessionStore() session['fake_session'] = 'fake-session' session.save() assert SessionStore(session_key=session.session_key) is not None factory = RequestFactory() request = factory.post('/callback/', data) request.session = session # Create a fake session ticket and make sure it exists in the db session_ticket = SessionTicket.objects.create( session_key=session.session_key, ticket='fake-ticket') assert session_ticket is not None assert SessionTicket.objects.filter(session_key=session.session_key, ticket='fake-ticket').exists() is True user = django_user_model.objects.create(username='******', email='*****@*****.**') assert user is not None assert django_user_model.objects.filter( username='******').exists() is True request.user = user # Create a fake pgt pgt = ProxyGrantingTicket.objects.create(session_key=session.session_key, user=user, pgtiou='fake-ticket-iou', pgt='fake-ticket') assert pgt is not None assert ProxyGrantingTicket.objects.filter( session_key=session.session_key, user=user, pgtiou='fake-ticket-iou', pgt='fake-ticket').exists() is True callback(request) assert SessionTicket.objects.filter(session_key=session.session_key, ticket='fake-ticket').exists() is False assert ProxyGrantingTicket.objects.filter( session_key=session.session_key, user=user, pgtiou='fake-ticket-iou', pgt='fake-ticket').exists() is False assert SessionTicket.objects.filter(session_key=session.session_key, ticket='fake-ticket').exists() is False
def test_callback_post_logout(django_user_model, settings): """ Test that when logout is from a callback """ settings.CAS_VERSION = 'CAS_2_SAML_1_0' data = {'logoutRequest': '<samlp:LogoutRequest ' 'xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">' '<samlp:SessionIndex>fake-ticket' '</samlp:SessionIndex></samlp:LogoutRequest>' } session = SessionStore() session['fake_session'] = 'fake-session' session.save() assert SessionStore(session_key=session.session_key) is not None factory = RequestFactory() request = factory.post('/callback/', data) request.session = session # Create a fake session ticket and make sure it exists in the db session_ticket = SessionTicket.objects.create( session_key=session.session_key, ticket='fake-ticket' ) assert session_ticket is not None assert SessionTicket.objects.filter(session_key=session.session_key, ticket='fake-ticket').exists() is True user = django_user_model.objects.create(username='******', email='*****@*****.**') assert user is not None assert django_user_model.objects.filter(username='******').exists() is True request.user = user # Create a fake pgt pgt = ProxyGrantingTicket.objects.create(session_key=session.session_key, user=user, pgtiou='fake-ticket-iou', pgt='fake-ticket') assert pgt is not None assert ProxyGrantingTicket.objects.filter(session_key=session.session_key, user=user, pgtiou='fake-ticket-iou', pgt='fake-ticket').exists() is True callback(request) assert SessionTicket.objects.filter(session_key=session.session_key, ticket='fake-ticket').exists() is False assert ProxyGrantingTicket.objects.filter(session_key=session.session_key, user=user, pgtiou='fake-ticket-iou', pgt='fake-ticket').exists() is False assert SessionTicket.objects.filter(session_key=session.session_key, ticket='fake-ticket').exists() is False
def api_logout(request): dictResp = auth_check(request, "POST", check_login=False) if dictResp != {}: return HttpResponse(json.dumps(dictResp, ensure_ascii=False), content_type="application/json") try: cas_views.callback(request) dictResp = {"c": ERR_SUCCESS[0], "m": ERR_SUCCESS[1]} return HttpResponse(json.dumps(dictResp, ensure_ascii=False), content_type="application/json") except Exception as ex: sErrInfo = traceback.format_exc() logger.error(sErrInfo) dictResp = {"c": -1, "m": ex.message} return HttpResponse(json.dumps(dictResp, ensure_ascii=False), content_type="application/json")
def test_callback_create_pgt(): """ Test the case where a pgt callback is used. """ factory = RequestFactory() request = factory.get('/callback/', {'pgtId': 'fake-pgtId', 'pgtIou': 'fake-pgtIou'}) response = callback(request) assert response.status_code == 200 assert ProxyGrantingTicket.objects.filter(pgt='fake-pgtId', pgtiou='fake-pgtIou' ).exists() is True
def test_callback_delete_not_allowed(): factory = RequestFactory() request = factory.delete('/callback/') response = callback(request) assert response.status_code == 405