# HG changeset patch # User ymh # Date 1442420269 -7200 # Node ID 0de175cdcb7f825d563dae5eb5f9e0b1a20bc598 # Parent d23705b04d7b775da4f9b0c838bc3b91aefee340 new iri django-cas-ng version, customize CASClient, update ldt to resize some user's fields diff -r d23705b04d7b -r 0de175cdcb7f server/src/remie/apps.py --- a/server/src/remie/apps.py Tue Sep 15 15:12:08 2015 +0200 +++ b/server/src/remie/apps.py Wed Sep 16 18:17:49 2015 +0200 @@ -10,5 +10,4 @@ verbose_name = 'REMIE' def ready(self): - from django_cas_ng import backends - backends._verify_cas2 = REMIE_verify_cas2 + pass diff -r d23705b04d7b -r 0de175cdcb7f server/src/remie/cas.py --- a/server/src/remie/cas.py Tue Sep 15 15:12:08 2015 +0200 +++ b/server/src/remie/cas.py Wed Sep 16 18:17:49 2015 +0200 @@ -1,21 +1,31 @@ +from django.conf import settings +from django.contrib.auth import get_user_model from django.utils.six.moves import urllib_parse from django.utils.six.moves.urllib_request import urlopen, Request +from django_cas_ng.cas.CASClientV2 import logging + logger = logging.getLogger(__name__) -def REMIE_verify_cas2(ticket, service): - """Verifies CAS 2.0+ XML-based authentication ticket. - Returns username on success and None on failure. - """ +class CASClientRemie(CASClientV2): + + def verify_ticket(self, ticket): + """Verifies CAS 2.0+ XML-based authentication ticket.""" try: from xml.etree import ElementTree except ImportError: from elementtree import ElementTree - params = [('ticket', ticket), ('service', service)] - url = (urllib_parse.urljoin(settings.CAS_SERVER_URL, 'serviceValidate') + '?' + + user = None + pgtiou = None + + params = [('ticket', ticket), ('service', self.service_url)] + if self.proxy_callback: + params.append(('pgtUrl', self.proxy_callback)) + + url = (urllib_parse.urljoin(self.server_url, 'serviceValidate') + '?' + urllib_parse.urlencode(params)) page = urlopen(url) try: @@ -24,8 +34,45 @@ logger.debug(response) tree = ElementTree.fromstring(response) if tree[0].tag.endswith('authenticationSuccess'): - return tree[0][0].text, None + attributes = {} + for element in tree[0]: + if element.tag.endswith('user'): + user = element.text + elif element.tag.endswith('nom'): + attributes['lastname'] = element.text + elif element.tag.endswith('prenom'): + attributes['firstname'] = element.text + elif element.tag.endswith('proxyGrantingTicket'): + pgtiou = element.text + return user, attributes, pgtiou else: - return None, None + return None, None, None finally: page.close() + + def get_or_create_user(self, username, attributes): + """get or create a user + Return (created, user). + The returned user can be `None`. + """ + if not username: + return None, False + + User = get_user_model() + + if attributes is None: + attributes = {} + + try: + user = User.objects.get(**{User.USERNAME_FIELD: username}) + created = False + except User.DoesNotExist: + # check if we want to create new users, if we don't fail auth + create = getattr(settings, 'CAS_CREATE_USER', True) + if not create: + return None, False + # user will have an "unusable" password + user = User.objects.create_user(username=username, password='', firstname=attributes.get('firstname',''), lastname=attributes.get('lastname', '')) + user.save() + created = True + return created, user diff -r d23705b04d7b -r 0de175cdcb7f server/src/remieplt/settings/__init__.py --- a/server/src/remieplt/settings/__init__.py Tue Sep 15 15:12:08 2015 +0200 +++ b/server/src/remieplt/settings/__init__.py Wed Sep 16 18:17:49 2015 +0200 @@ -196,6 +196,7 @@ EMPTY_MEDIA_EXTERNALID = None CAS_URLPARAMETER_NAME = "casticket" +CAS_VERSION = "remie.cas.CASClientRemie" SOCIAL_AUTH_COMPLETE_URL_NAME = 'complete' SOCIAL_AUTH_ASSOCIATE_URL_NAME = 'associate_complete' @@ -241,6 +242,7 @@ #Cors headers for API CORS_ORIGIN_ALLOW_ALL = True +CORS_EXPOSE_HEADERS = ('Location',) MAX_TAG_LENGTH = 255 diff -r d23705b04d7b -r 0de175cdcb7f server/src/requirement.txt --- a/server/src/requirement.txt Tue Sep 15 15:12:08 2015 +0200 +++ b/server/src/requirement.txt Wed Sep 16 18:17:49 2015 +0200 @@ -1,1 +1,1 @@ -ldt (==1.59) +ldt (==1.59.1) diff -r d23705b04d7b -r 0de175cdcb7f server/virtualenv/res/lib/lib_create_env.py --- a/server/virtualenv/res/lib/lib_create_env.py Tue Sep 15 15:12:08 2015 +0200 +++ b/server/virtualenv/res/lib/lib_create_env.py Wed Sep 16 18:17:49 2015 +0200 @@ -54,7 +54,7 @@ 'PYJWT' : { 'setup': 'pyjwt', 'url': 'https://github.com/jpadilla/pyjwt/archive/1.1.0.tar.gz', 'local' : 'pyjwt-1.1.0.tar.gz', 'install': {'method': 'pip', 'option_str': None, 'dict_extra_env': None}}, 'PYTHON-MIMEPARSE': { 'setup': 'python-mimeparse', 'url': 'https://pypi.python.org/packages/source/p/python-mimeparse/python-mimeparse-0.1.4.tar.gz', 'local' : 'python-mimeparse-0.1.4.tar.gz', 'install': {'method': 'pip', 'option_str': None, 'dict_extra_env': None}}, 'REQUESTS-OAUTHLIB': { 'setup': 'requests-oauthlib', 'url': 'https://github.com/requests/requests-oauthlib/archive/v0.5.0.tar.gz', 'local' : 'requests-oauthlib-0.5.0.tar.gz', 'install': {'method': 'pip', 'option_str': None, 'dict_extra_env': None}}, - 'DJANGO_CAS_NG': {'setup': 'django-cas-ng', 'url': 'https://github.com/mingchen/django-cas-ng/archive/v3.4.2.tar.gz', 'local':'django-cas-ng-3.4.2.tar.gz', 'install': {'method': 'pip', 'option_str': None, 'dict_extra_env': None}}, + 'DJANGO_CAS_NG': {'setup': 'django-cas-ng', 'url': 'https://github.com/IRI-Research/django-cas-ng/archive/customize-cas-client.tar.gz', 'install': {'method': 'pip', 'option_str': None, 'dict_extra_env': None}}, 'DJANGO_URL_SHORTENER': {'setup': 'django-url-shortener', 'url': 'https://github.com/IRI-Research/django-url-shortener/archive/0.1.1.tar.gz', 'local': 'django-url-shortener-0.1.1.tar.gz', 'install': {'method': 'pip', 'option_str': None, 'dict_extra_env': None}}, } diff -r d23705b04d7b -r 0de175cdcb7f server/virtualenv/res/src/django-cas-ng-3.4.2.tar.gz Binary file server/virtualenv/res/src/django-cas-ng-3.4.2.tar.gz has changed