def get(self, request, *args, **kwargs):
service = request.GET.get('service')
follow_url = getattr(settings, 'MAMA_CAS_FOLLOW_LOGOUT_URL', True)
logout_user(request)
if service and follow_url:
return redirect(service)
return redirect('cas_login')
def get(self, request, *args, **kwargs):
service = request.GET.get('service')
follow_url = getattr(settings, 'MAMA_CAS_FOLLOW_LOGOUT_URL', True)
logout_user(request)
if service and follow_url:
return redirect(service)
return redirect('cas_login')
def form_valid(self, form):
"""
(2.2) As a credential acceptor, /login requires two parameters:
1. ``username``: the username provided by the client
2. ``password``: the password provided by the client
If authentication is successful, the single sign-on session is
created. If a service is provided, a ``ServiceTicket`` is
created and the client is redirected to the service URL with
the ``ServiceTicket`` included. If no service is provided, the
login page is redisplayed with a message indicating a
successful login.
If authentication fails, the login form is redisplayed with an
error message describing the reason for failure.
The credential acceptor accepts one optional parameter:
1. ``warn``: causes the user to be prompted when successive
authentication attempts occur within the single sign-on
session.
"""
login(self.request, form.user)
logger.info("Single sign-on session started for %s" % form.user)
if form.cleaned_data.get('warn'):
self.request.session['warn'] = True
service = self.request.GET.get('service')
if service:
st = ServiceTicket.objects.create_ticket(service=service, user=self.request.user, primary=True)
return redirect(service, params={'ticket': st.ticket})
return redirect('cas_login')
def get(self, request, *args, **kwargs):
"""
(2.1) As a credential requestor, /login accepts three optional
parameters:
1. ``service``: the identifier of the application the client is
accessing. We assume this identifier to be a URL.
2. ``renew``: requires a client to present credentials
regardless of any existing single sign-on session.
3. ``gateway``: causes the client to not be prompted for
credentials. If a single sign-on session exists the user
will be logged in and forwarded to the specified service.
Otherwise, the user remains logged out and is forwarded to
the specified service.
"""
service = request.GET.get('service')
renew = to_bool(request.GET.get('renew'))
gateway = to_bool(request.GET.get('gateway'))
#if (service and service.find("genomics")!= -1) :
# service=request.build_absolute_uri().split("service=")[1]
if renew:
logger.debug("Renew request received by credential requestor")
elif gateway and service:
logger.debug("Gateway request received by credential requestor")
if is_authenticated(request.user):
st = ServiceTicket.objects.create_ticket(service=service,
user=request.user)
if self.warn_user():
return redirect('cas_warn',
params={
'service': service,
'ticket': st.ticket
})
return redirect(service, params={'ticket': st.ticket})
else:
#ipdb.set_trace();
return redirect(service)
elif is_authenticated(request.user):
if service:
logger.debug(
"Service ticket request received by credential requestor")
st = ServiceTicket.objects.create_ticket(service=service,
user=request.user)
#ipdb.set_trace();
if self.warn_user():
return redirect('cas_warn',
params={
'service': service,
'ticket': st.ticket
})
return redirect(service, params={'ticket': st.ticket})
else:
msg = _("You are logged in as %s") % request.user
messages.success(request, msg)
return super(LoginView, self).get(request, *args, **kwargs)
def test_redirect(self):
"""
When redirecting, params should be injected on the redirection
URL.
"""
r = redirect('http://example.com', params={'test1': 'red'})
self.assertEqual('http://example.com?test1=red', r['Location'])
r = redirect('cas_login', params={'test3': 'blue'})
self.assertEqual('/login?test3=blue', r['Location'])
def test_redirect(self):
"""
When redirecting, params should be injected on the redirection
URL.
"""
r = redirect('http://example.com', params={'test1': 'red'})
self.assertEqual('http://example.com?test1=red', r['Location'])
r = redirect('cas_login', params={'test3': 'blue'})
self.assertEqual('/login?test3=blue', r['Location'])
def test_redirect_no_params(self):
"""
When redirecting, if no params are provided only the URL
should be present.
"""
r = redirect('http://example.com')
self.assertEqual('http://example.com', r['Location'])
r = redirect('cas_login')
self.assertEqual('/login', r['Location'])
def test_redirect_no_params(self):
"""
When redirecting, if no params are provided only the URL
should be present.
"""
r = redirect('http://example.com')
self.assertEqual('http://example.com', r['Location'])
r = redirect('cas_login')
self.assertEqual('/login', r['Location'])
def get(self, request, *args, **kwargs):
logger.debug("Logout request received for %s" % request.user)
self.logout_user(request)
url = request.GET.get('url')
if url and is_valid_service_url(url):
if getattr(settings, 'MAMA_CAS_FOLLOW_LOGOUT_URL', False):
return redirect(url)
msg = _("The application provided this link to follow: %s") % url
messages.success(request, msg)
return redirect('cas_login')
def get(self, request, *args, **kwargs):
service = request.GET.get('service')
url = request.GET.get('url')
follow_url = getattr(settings, 'MAMA_CAS_FOLLOW_LOGOUT_URL', True)
self.logout_user(request)
if service and follow_url:
return redirect(service)
elif url and is_valid_service_url(url):
if follow_url:
return redirect(url)
msg = _("The application provided this link to follow: %s") % url
messages.success(request, msg)
return redirect('cas_login')
def form_valid(self, form):
login(self.request, form.user)
logger.info("Single sign-on session started for %s" % form.user)
if form.cleaned_data.get('warn'):
self.request.session['warn'] = True
service = self.request.GET.get('service')
if service:
st = ServiceTicket.objects.create_ticket(service=service,
user=self.request.user,
primary=True)
return redirect(service, params={'ticket': st.ticket})
return redirect('home')
def form_valid(self, form):
login(self.request, form.user)
logger.info("Single sign-on session started for %s" % form.user)
if form.cleaned_data.get('warn'):
self.request.session['warn'] = True
service = self.request.GET.get('service')
if service:
st = ServiceTicket.objects.create_ticket(service=service,
user=self.request.user,
primary=True)
return redirect(service, params={'ticket': st.ticket})
return redirect('home')
def get(self, request, *args, **kwargs):
"""
(2.1) As a credential requestor, /login accepts three optional
parameters:
1. ``service``: the identifier of the application the client is
accessing. We assume this identifier to be a URL.
2. ``renew``: requires a client to present credentials
regardless of any existing single sign-on session.
3. ``gateway``: causes the client to not be prompted for
credentials. If a single sign-on session exists the user
will be logged in and forwarded to the specified service.
Otherwise, the user remains logged out and is forwarded to
the specified service.
"""
service = request.GET.get('service')
renew = to_bool(request.GET.get('renew'))
gateway = to_bool(request.GET.get('gateway'))
if renew:
logger.debug("Renew request received by credential requestor")
elif gateway and service:
logger.debug("Gateway request received by credential requestor")
if request.user.is_authenticated():
st = ServiceTicket.objects.create_ticket(service=service,
user=request.user)
if self.warn_user():
return redirect('cas_warn', params={'service': service,
'ticket': st.ticket})
return redirect(service, params={'ticket': st.ticket})
else:
params = request.GET.copy()
params.pop('service', None)
params.pop('renew', None)
return redirect(service, params=params)
elif request.user.is_authenticated():
if service:
logger.debug("Service ticket request received "
"by credential requestor")
st = ServiceTicket.objects.create_ticket(service=service,
user=request.user)
if self.warn_user():
return redirect('cas_warn', params={'service': service,
'ticket': st.ticket})
return redirect(service, params={'ticket': st.ticket})
else:
msg = _("You are logged in as %s") % request.user
messages.success(request, msg)
return super(CustomLoginView, self).get(request, *args, **kwargs)
def test_redirect_invalid(self):
"""
A non-URL that does not match a view name should raise the
appropriate exception.
"""
r = redirect('http')
self.assertEqual('/login', r['Location'])
def test_redirect_invalid(self):
"""
A non-URL that does not match a view name should raise the
appropriate exception.
"""
r = redirect('http')
self.assertEqual('/login', r['Location'])
def get(self, request, *args, **kwargs):
service = request.GET.get('service')
ticket = request.GET.get('ticket')
if not service or not is_valid_service_url(service):
return redirect('cas_login')
msg = _("Do you want to access %(service)s as %(user)s?") % {
'service': clean_service_url(service),
'user': request.user}
messages.info(request, msg)
kwargs['service'] = add_query_params(service, {'ticket': ticket})
return super(WarnView, self).get(request, *args, **kwargs)
def form_valid(self, form):
"""
(2.2) As a credential acceptor, /login requires two parameters:
1. ``username``: the username provided by the client
2. ``password``: the password provided by the client
If authentication is successful, the single sign-on session is
created. If a service is provided, a ``ServiceTicket`` is
created and the client is redirected to the service URL with
the ``ServiceTicket`` included. If no service is provided, the
login page is redisplayed with a message indicating a
successful login.
If authentication fails, the login form is redisplayed with an
error message describing the reason for failure.
The credential acceptor accepts one optional parameter:
1. ``warn``: causes the user to be prompted when successive
authentication attempts occur within the single sign-on
session.
"""
login(self.request, form.user)
logger.info("Single sign-on session started for %s" % form.user)
if form.cleaned_data.get('warn'):
self.request.session['warn'] = True
service = self.request.GET.get('service')
if service:
st = ServiceTicket.objects.create_ticket(service=service,
user=self.request.user,
primary=True)
return redirect(service, params={'ticket': st.ticket})
return redirect('cas_login')
def get(self, request, *args, **kwargs):
self.request.session['service'] = self.request.GET.get('service')
service = request.GET.get('service')
renew = to_bool(request.GET.get('renew'))
gateway = to_bool(request.GET.get('gateway'))
if renew:
logger.debug("Renew request received by credential requestor")
elif gateway and service:
logger.debug("Gateway request received by credential requestor")
if request.user.is_authenticated():
st = ServiceTicket.objects.create_ticket(service=service,
user=request.user)
if self.warn_user():
return redirect('cas_warn',
params={
'service': service,
'ticket': st.ticket
})
return redirect(service, params={'ticket': st.ticket})
else:
return redirect(service)
elif request.user.is_authenticated():
if service:
logger.debug("Service ticket request received by "
"credential requestor")
st = ServiceTicket.objects.create_ticket(service=service,
user=request.user)
if self.warn_user():
return redirect('cas_warn',
params={
'service': service,
'ticket': st.ticket
})
return redirect(service, params={'ticket': st.ticket})
else:
msg = _("You are logged in as %s") % request.user
messages.success(request, msg)
return redirect('home')
return super(LoginView, self).get(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
self.request.session['service'] = self.request.GET.get('service')
service = request.GET.get('service')
renew = to_bool(request.GET.get('renew'))
gateway = to_bool(request.GET.get('gateway'))
if renew:
logger.debug("Renew request received by credential requestor")
elif gateway and service:
logger.debug("Gateway request received by credential requestor")
if request.user.is_authenticated():
st = ServiceTicket.objects.create_ticket(service=service,
user=request.user)
if self.warn_user():
return redirect('cas_warn', params={'service': service,
'ticket': st.ticket})
return redirect(service, params={'ticket': st.ticket})
else:
return redirect(service)
elif request.user.is_authenticated():
if service:
logger.debug("Service ticket request received by "
"credential requestor")
st = ServiceTicket.objects.create_ticket(service=service,
user=request.user)
if self.warn_user():
return redirect('cas_warn', params={'service': service,
'ticket': st.ticket})
return redirect(service, params={'ticket': st.ticket})
else:
msg = _("You are logged in as %s") % request.user
messages.success(request, msg)
return redirect('home')
return super(LoginView, self).get(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
if not is_authenticated(request.user):
return redirect('cas_login')
return super(LoginRequiredMixin,
self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
if not is_authenticated(request.user):
return redirect('cas_login')
return super(LoginRequiredMixin, self).dispatch(request, *args, **kwargs)