def _verify_cas3_saml(ticket, service):
"""CAS3 + SAML"""
try:
from xml.etree import ElementTree
except ImportError:
from elementtree import ElementTree
# We do the SAML validation
headers = {
'soapaction': 'http://www.oasis-open.org/committees/security',
'cache-control': 'no-cache',
'pragma': 'no-cache',
'accept': 'text/xml',
'connection': 'keep-alive',
'content-type': 'text/xml; ',
}
params = [('ticket', ticket), ('service', service), ('TARGET', service)]
saml_validat_url = urllib_parse.urljoin(
settings.CAS_SERVER_URL, 'samlValidate',
)
# teste
#saml_validat_url = urllib_parse.urljoin(settings.CAS_SERVER_URL, 'proxyValidate',)
url = Request(
saml_validat_url + '?' + urllib_parse.urlencode(params),
'',
headers,
)
print "#############################"
print params
print urllib_parse.urlencode(params)
print url
print "SAML"
print get_saml_assertion(ticket)
print ""
from urllib2 import URLError
try:
print urlopen(url, data=get_saml_assertion(ticket))
except URLError, e:
print "um erro::::"
print e
def fetch_saml_validation(self, ticket):
# We do the SAML validation
headers = {
'soapaction': 'http://www.oasis-open.org/committees/security',
'cache-control': 'no-cache',
'pragma': 'no-cache',
'accept': 'text/xml',
'connection': 'keep-alive',
'content-type': 'text/xml; charset=utf-8',
}
params = [('TARGET', self.service_url)]
saml_validate_url = urllib_parse.urljoin(
self.server_url,
'samlValidate',
)
request = Request(
saml_validate_url + '?' + urllib_parse.urlencode(params),
self.get_saml_assertion(ticket),
headers,
)
page = urlopen(request)
return page
def _verify_cas2_saml(ticket, service):
"""Verifies CAS 3.0+ XML-based authentication ticket and returns extended attributes.
@date: 2011-11-30
@author: Carlos Gonzalez Vila <*****@*****.**>
Returns username and attributes on success and None,None on failure.
"""
try:
from xml.etree import ElementTree
except ImportError:
from elementtree import ElementTree
# We do the SAML validation
headers = {
'soapaction': 'http://www.oasis-open.org/committees/security',
'cache-control': 'no-cache',
'pragma': 'no-cache',
'accept': 'text/xml',
'connection': 'keep-alive',
'content-type': 'text/xml; charset=utf-8',
}
params = [('TARGET', service)]
saml_validat_url = urllib_parse.urljoin(
settings.CAS_SERVER_URL, 'samlValidate',
)
url = Request(
saml_validat_url + '?' + urllib_parse.urlencode(params),
'',
headers,
)
page = urlopen(url, data=get_saml_assertion(ticket))
try:
user = None
attributes = {}
response = page.read()
tree = ElementTree.fromstring(response)
# Find the authentication status
success = tree.find('.//' + SAML_1_0_PROTOCOL_NS + 'StatusCode')
if success is not None and success.attrib['Value'] == 'samlp:Success':
# User is validated
attrs = tree.findall('.//' + SAML_1_0_ASSERTION_NS + 'Attribute')
for at in attrs:
if 'uid' in list(at.attrib.values()):
user = at.find(SAML_1_0_ASSERTION_NS + 'AttributeValue').text
attributes['uid'] = user
values = at.findall(SAML_1_0_ASSERTION_NS + 'AttributeValue')
if len(values) > 1:
values_array = []
for v in values:
values_array.append(v.text)
attributes[at.attrib['AttributeName']] = values_array
else:
attributes[at.attrib['AttributeName']] = values[0].text
return user, attributes
finally:
page.close()
def _verify_cas3_saml(ticket, service):
"""CAS3 + SAML"""
try:
from xml.etree import ElementTree
except ImportError:
from elementtree import ElementTree
# We do the SAML validation
headers = {
'soapaction': 'http://www.oasis-open.org/committees/security',
'cache-control': 'no-cache',
'pragma': 'no-cache',
'accept': 'text/xml',
'connection': 'keep-alive',
'content-type': 'text/xml; charset=utf-8',
}
params = [('ticket', ticket), ('service', service), ('TARGET', service)]
saml_validat_url = urllib_parse.urljoin(
settings.CAS_SERVER_URL,
'samlValidate',
)
# teste
#saml_validat_url = urllib_parse.urljoin(settings.CAS_SERVER_URL, 'proxyValidate',)
url = Request(
saml_validat_url + '?' + urllib_parse.urlencode(params),
'',
headers,
)
page = urlopen(url, data=get_saml_assertion(ticket))
try:
user = None
attributes = {}
response = page.read() #.replace('\n','')
#response = response.encode("utf-8")
tree = ElementTree.fromstring(response)
#print response
# Find the authentication status
success = tree.find('.//' + SAML_1_0_PROTOCOL_NS + 'StatusCode')
if success is not None and success.attrib['Value'] == 'saml1p:Success':
# User is validated
attrs = tree.findall('.//' + SAML_1_0_ASSERTION_NS + 'Attribute')
for at in attrs:
attributes[at.attrib['AttributeName']] = at.find(
SAML_1_0_ASSERTION_NS + 'AttributeValue').text
"""
if 'login' in list(at.attrib.values()):
user = at.find(SAML_1_0_ASSERTION_NS + 'AttributeValue').text
attributes['login'] = user
#user = attributes['idPessoa']
values = at.findall(SAML_1_0_ASSERTION_NS + 'AttributeValue')
if len(values) > 1:
values_array = []
for v in values:
values_array.append(v.text)
attributes[at.attrib['AttributeName']] = values_array
else:
attributes[at.attrib['AttributeName']] = values[0].text
"""
return attributes['login'], attributes
finally:
page.close()