def logout(request, next_page=None): """Redirects to CAS logout page""" # try to find the ticket matching current session for logout signal try: st = SessionTicket.objects.get(session_key=request.session.session_key) ticket = st.ticket except SessionTicket.DoesNotExist: ticket = None # send logout signal cas_user_logout.send( sender="manual", user=request.user, session=request.session, ticket=ticket, ) auth_logout(request) # clean current session ProxyGrantingTicket and SessionTicket ProxyGrantingTicket.objects.filter(session_key=request.session.session_key).delete() SessionTicket.objects.filter(session_key=request.session.session_key).delete() next_page = next_page or get_redirect_url(request) if settings.CAS_LOGOUT_COMPLETELY: protocol = get_protocol(request) host = request.get_host() redirect_url = urllib_parse.urlunparse( (protocol, host, next_page, '', '', ''), ) client = get_cas_client() return HttpResponseRedirect(client.get_logout_url(redirect_url)) else: # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return HttpResponseRedirect(next_page)
def _redirect_url(request, referrer_uri, next_url_arg): """Redirects to referring page, or CAS_REDIRECT_URL if no referrer is set. """ # 处理 next 参数中含有登录或退出链接,会引起重定向循环的问题 if next_url_arg in request.GET.get(REDIRECT_FIELD_NAME, ''): next_ = settings.CAS_REDIRECT_URL else: next_ = request.GET.get(REDIRECT_FIELD_NAME) if not next_: if settings.CAS_IGNORE_REFERER: next_ = settings.CAS_REDIRECT_URL else: # 处理 http_referer 中含有登录或退出链接,会引起重定向循环的问题 http_referer = request.META.get('HTTP_REFERER', '') if referrer_uri in http_referer: next_ = settings.CAS_REDIRECT_URL else: next_ = request.META.get('HTTP_REFERER', settings.CAS_REDIRECT_URL) prefix = urllib_parse.urlunparse( (get_protocol(request), request.get_host(), '', '', '', ''), ) if next_.startswith(prefix): next_ = next_[len(prefix):] return next_
def get_service_url(request, redirect_to=None): protocol = get_protocol(request) host = request.get_host() service = urllib_parse.urlunparse( (protocol, host, request.path, "", "", "")) return service
def logout(request, next_page=None): """Redirects to CAS logout page""" # try to find the ticket matching current session for logout signal try: st = SessionTicket.objects.get(session_key=request.session.session_key) ticket = st.ticket except SessionTicket.DoesNotExist: ticket = None # send logout signal cas_user_logout.send( sender="manual", user=request.user, session=request.session, ticket=ticket, ) auth_logout(request) # clean current session ProxyGrantingTicket and SessionTicket ProxyGrantingTicket.objects.filter( session_key=request.session.session_key).delete() SessionTicket.objects.filter( session_key=request.session.session_key).delete() next_page = next_page or get_redirect_url(request) if settings.CAS_LOGOUT_COMPLETELY: protocol = get_protocol(request) host = request.get_host() redirect_url = urllib_parse.urlunparse( (protocol, host, next_page, '', '', ''), ) client = get_cas_client() return HttpResponseRedirect(client.get_logout_url(redirect_url)) else: # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return HttpResponseRedirect(next_page)
def _logout_url(request, next_page=None): """Generates CAS logout URL""" url = urllib_parse.urljoin(settings.CAS_SERVER_URL, "logout") if next_page: protocol = get_protocol(request) host = request.get_host() next_page_url = urllib_parse.urlunparse((protocol, host, next_page, "", "", "")) url += "?" + urllib_parse.urlencode({"url": next_page_url}) return url
def _logout_url(request, next_page=None): """Generates CAS logout URL""" url = urllib_parse.urljoin(settings.CAS_SERVER_URL, 'logout') if next_page: protocol = get_protocol(request) host = request.get_host() next_page_url = urllib_parse.urlunparse( (protocol, host, next_page, '', '', ''), ) url += '?' + urllib_parse.urlencode({'url': next_page_url}) return url
def get_service_url(request, redirect_to=None): """Generates application django service URL for CAS""" protocol = get_protocol(request) host = request.get_host() service = urllib_parse.urlunparse( (protocol, host, request.path, '', '', ''), ) if '?' in service: service += '&' else: service += '?' service += urllib_parse.urlencode( {REDIRECT_FIELD_NAME: redirect_to or get_redirect_url(request)}) return service
def _service_url(request, redirect_to=None): """Generates application service URL for CAS""" protocol = get_protocol(request) host = request.get_host() service = urllib_parse.urlunparse((protocol, host, request.path, "", "", "")) if redirect_to: if "?" in service: service += "&" else: service += "?" service += urllib_parse.urlencode({REDIRECT_FIELD_NAME: redirect_to}) return service
def get_service_url(request, redirect_to=None): """Generates application django service URL for CAS""" protocol = get_protocol(request) host = request.get_host() service = urllib_parse.urlunparse( (protocol, host, request.path, '', '', ''), ) if redirect_to: if '?' in service: service += '&' else: service += '?' service += urllib_parse.urlencode({REDIRECT_FIELD_NAME: redirect_to}) return service
def _redirect_url(request): """Redirects to referring page, or CAS_REDIRECT_URL if no referrer is set. """ next_ = request.GET.get(REDIRECT_FIELD_NAME) if not next_: if settings.CAS_IGNORE_REFERER: next_ = settings.CAS_REDIRECT_URL else: next_ = request.META.get("HTTP_REFERER", settings.CAS_REDIRECT_URL) prefix = urllib_parse.urlunparse((get_protocol(request), request.get_host(), "", "", "", "")) if next_.startswith(prefix): next_ = next_[len(prefix) :] return next_
def _redirect_url(request): """Redirects to referring page, or CAS_REDIRECT_URL if no referrer is set. """ next_ = request.GET.get(REDIRECT_FIELD_NAME) if not next_: if settings.CAS_IGNORE_REFERER: next_ = settings.CAS_REDIRECT_URL else: next_ = request.META.get('HTTP_REFERER', settings.CAS_REDIRECT_URL) prefix = urllib_parse.urlunparse( (get_protocol(request), request.get_host(), '', '', '', ''), ) if next_.startswith(prefix): next_ = next_[len(prefix):] return next_
def logout(request, next_page=None): """Redirects to CAS logout page""" auth_logout(request) next_page = next_page or get_redirect_url(request) if settings.CAS_LOGOUT_COMPLETELY: protocol = get_protocol(request) host = request.get_host() redirect_url = urllib_parse.urlunparse( (protocol, host, next_page, '', '', ''), ) client = get_cas_client() return HttpResponseRedirect(client.get_logout_url(redirect_url)) else: # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return HttpResponseRedirect(next_page)
def get_service_url(request, redirect_to=None): """Generates application django service URL for CAS""" if hasattr(django_settings, 'CAS_ROOT_PROXIED_AS'): service = django_settings.CAS_ROOT_PROXIED_AS + '/' + request.path else: protocol = get_protocol(request) host = request.get_host() service = urllib_parse.urlunparse( (protocol, host, request.path, '', '', ''), ) if not django_settings.CAS_STORE_NEXT: if '?' in service: service += '&' else: service += '?' service += urllib_parse.urlencode( {REDIRECT_FIELD_NAME: redirect_to or get_redirect_url(request)}) return service
def get_redirect_url(request): """Redirects to referring page, or CAS_REDIRECT_URL if no referrer is set. """ next_ = request.GET.get(REDIRECT_FIELD_NAME) if not next_: redirect_url = resolve_url(django_settings.CAS_REDIRECT_URL) if django_settings.CAS_IGNORE_REFERER: next_ = redirect_url else: next_ = request.META.get('HTTP_REFERER', redirect_url) prefix = urllib_parse.urlunparse( (get_protocol(request), request.get_host(), '', '', '', ''), ) if next_.startswith(prefix): next_ = next_[len(prefix):] return next_
def get_service_url(request, redirect_to=None): """Generates application django service URL for CAS""" protocol = get_protocol(request) if django_settings.DEBUG: host = request.get_host() else: host = django_settings.SUCC_REDIRECT_URL # print("::::::: ", host) service = urllib_parse.urlunparse( (protocol, host, request.path, '', '', ''), ) if not django_settings.CAS_STORE_NEXT: if '?' in service: service += '&' else: service += '?' service += urllib_parse.urlencode( {REDIRECT_FIELD_NAME: redirect_to or get_redirect_url(request)}) return service
def _redirect_url(request): """Redirects to referring page, or CAS_REDIRECT_URL if no referrer is set. """ next_ = request.GET.get(REDIRECT_FIELD_NAME) if not next_: if settings.CAS_IGNORE_REFERER: next_ = settings.CAS_REDIRECT_URL else: next_ = request.META.get("HTTP_REFERER", settings.CAS_REDIRECT_URL) prefix = urllib_parse.urlunparse((get_protocol(request), request.get_host(), "", "", "", "")) # here prefix is unicode string, but next_ is not if isinstance(next_, str): # convert to unicode or we'll get "ascii codec can't decode" error next_ = next_.decode("utf8") if next_.startswith(prefix): next_ = next_[len(prefix) :] return next_
def _service_url(request, redirect_to=None): """Generates application service URL for CAS""" protocol = get_protocol(request) host = request.get_host() ticketless_full_path = request.get_full_path() match = re.search(r"(&ticket=[\w\-\.]+)(?:[&].+|$)(?:$|)", ticketless_full_path) if match: ticketless_full_path = ticketless_full_path.replace(match.group(1), "") service = urllib_parse.urlunparse((protocol, host, ticketless_full_path, "", "", "")) if redirect_to: if "?" in service: service += "&" else: service += "?" service += urllib_parse.urlencode({REDIRECT_FIELD_NAME: redirect_to}) return service
def get_service_url(request, redirect_to=None): """Generates application django service URL for CAS""" if hasattr(django_settings, 'CAS_ROOT_PROXIED_AS'): service = django_settings.CAS_ROOT_PROXIED_AS + request.path else: protocol = get_protocol(request) host = request.get_host() service = urllib_parse.urlunparse( (protocol, host, request.path, '', '', ''), ) if not django_settings.CAS_STORE_NEXT: if '?' in service: service += '&' else: service += '?' service += urllib_parse.urlencode({ REDIRECT_FIELD_NAME: redirect_to or get_redirect_url(request) }) return service
def logout(request, next_page=None): """Redirects to CAS logout page""" auth_logout(request) # clean current session ProxyGrantingTicket and SessionTicket ProxyGrantingTicket.objects.filter(session_key=request.session.session_key).delete() SessionTicket.objects.filter(session_key=request.session.session_key).delete() next_page = next_page or get_redirect_url(request) if settings.CAS_LOGOUT_COMPLETELY: protocol = get_protocol(request) host = request.get_host() redirect_url = urllib_parse.urlunparse( (protocol, host, next_page, '', '', ''), ) client = get_cas_client() return HttpResponseRedirect(client.get_logout_url(redirect_url)) else: # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return HttpResponseRedirect(next_page)
def _service_url(request, redirect_to=None): """Generates application service URL for CAS""" protocol = get_protocol(request) host = request.get_host() ticketless_full_path = request.get_full_path() match = re.search(r'(&ticket=[\w\-\.]+)(?:[&].+|$)(?:$|)', ticketless_full_path) if match: ticketless_full_path = ticketless_full_path.replace(match.group(1), "") service = urllib_parse.urlunparse( (protocol, host, ticketless_full_path, '', '', ''), ) if redirect_to: if '?' in service: service += '&' else: service += '?' service += urllib_parse.urlencode({REDIRECT_FIELD_NAME: redirect_to}) return service
def logout(request, next_page=None, **kwargs): backend = request.session.get("_auth_user_backend", "").split(".")[-1] if CONFIG.get("CAS_LOGIN") and backend == "IPAMCASBackend": cas_logout(request, next_page, **kwargs) next_page = next_page or get_redirect_url(request) if settings.CAS_LOGOUT_COMPLETELY: protocol = get_protocol(request) host = request.get_host() redirect_url = urllib_parse.urlunparse( (protocol, host, next_page, "", "", "") ) client = get_cas_client() client.server_url = settings.CAS_SERVER_URL[:-3] return HttpResponseRedirect(client.get_logout_url(redirect_url)) else: # This is in most cases pointless if not CAS_RENEW is set. The user will # simply be logged in again on next request requiring authorization. return HttpResponseRedirect(next_page) else: next_page = "internal_login" if CONFIG.get("CAS_LOGIN") else "login" return auth_logout_view(request, next_page=next_page, **kwargs)