cas_server.views module¶
views for the app
-
class
cas_server.views.
LogoutView
(**kwargs)[source]¶ Bases:
django.views.generic.base.View
,cas_server.views.LogoutMixin
destroy CAS session (logout) view
-
request
= None¶ current
django.http.HttpRequest
object
-
service
= None¶ service GET parameter
-
url
= None¶ url GET paramet
-
ajax
= None¶ True
if the HTTP_X_AJAX http header is sent andsettings.CAS_ENABLE_AJAX_AUTH
isTrue
,False
otherwise.
-
init_get
(request)[source]¶ Initialize the
LogoutView
attributes on GET requestParameters: request (django.http.HttpRequest) – The current request object
-
get
(request, *args, **kwargs)[source]¶ methode called on GET request on this view
Parameters: request (django.http.HttpRequest) – The current request object
-
-
class
cas_server.views.
FederateAuth
(**kwargs)[source]¶ Bases:
django.views.generic.base.View
view to authenticated user agains a backend CAS then CAS_FEDERATE is True
-
dispatch
(*args, **kwargs)[source]¶ dispatch different http request to the methods of the same name
Parameters: request (django.http.HttpRequest) – The current request object
-
static
get_cas_client
(request, provider)[source]¶ return a CAS client object matching provider
Parameters: - request (django.http.HttpRequest) – The current request object
- provider (cas_server.models.FederatedIendityProvider) – the user identity provider
Returns: The user CAS client object
Return type:
-
post
(request, provider=None)[source]¶ method called on POST request
Parameters: - request (django.http.HttpRequest) – The current request object
- provider (unicode) – Optional parameter. The user provider suffix.
-
get
(request, provider=None)[source]¶ method called on GET request
Parameters: - request (django.http.HttpRequest) – The current request object
- provider (unicode) – Optional parameter. The user provider suffix.
-
-
class
cas_server.views.
LoginView
(**kwargs)[source]¶ Bases:
django.views.generic.base.View
,cas_server.views.LogoutMixin
credential requestor / acceptor
-
user
= None¶ The current
models.User
object
-
form
= None¶ The form to display to the user
-
request
= None¶ current
django.http.HttpRequest
object
-
service
= None¶ service GET/POST parameter
-
renew
= None¶ True
if renew GET/POST parameter is present and not “False”
-
warn
= None¶ the warn GET/POST parameter
-
gateway
= None¶ the gateway GET/POST parameter
-
method
= None¶ the method GET/POST parameter
-
ajax
= None¶ True
if the HTTP_X_AJAX http header is sent andsettings.CAS_ENABLE_AJAX_AUTH
isTrue
,False
otherwise.
-
renewed
= False¶ True
if the user has just authenticated
-
warned
= False¶ True
if renew GET/POST parameter is present and not “False”
-
username
= None¶ The
FederateAuth
transmited username (only used ifsettings.CAS_FEDERATE
isTrue
)
-
ticket
= None¶ The
FederateAuth
transmited ticket (only used ifsettings.CAS_FEDERATE
isTrue
)
-
INVALID_LOGIN_TICKET
= 1¶
-
USER_LOGIN_OK
= 2¶
-
USER_LOGIN_FAILURE
= 3¶
-
USER_ALREADY_LOGGED
= 4¶
-
USER_AUTHENTICATED
= 5¶
-
USER_NOT_AUTHENTICATED
= 6¶
-
init_post
(request)[source]¶ Initialize POST received parameters
Parameters: request (django.http.HttpRequest) – The current request object
-
check_lt
()[source]¶ Check is the POSTed LoginTicket is valid, if yes invalide it
Returns: True
if the LoginTicket is valid,False
otherwiseReturn type: bool
-
post
(request, *args, **kwargs)[source]¶ methode called on POST request on this view
Parameters: request (django.http.HttpRequest) – The current request object
-
process_post
()[source]¶ Analyse the POST request:
- check that the LoginTicket is valid
- check that the user sumited credentials are valid
Returns: INVALID_LOGIN_TICKET
if the POSTed LoginTicket is not validUSER_ALREADY_LOGGED
if the user is already logged and do no request reauthentication.USER_LOGIN_FAILURE
if the user is not logged or request for reauthentication and his credentials are not validUSER_LOGIN_OK
if the user is not logged or request for reauthentication and his credentials are valid
Return type: int
-
init_get
(request)[source]¶ Initialize GET received parameters
Parameters: request (django.http.HttpRequest) – The current request object
-
get
(request, *args, **kwargs)[source]¶ methode called on GET request on this view
Parameters: request (django.http.HttpRequest) – The current request object
-
process_get
()[source]¶ Analyse the GET request
Returns: USER_NOT_AUTHENTICATED
if the user is not authenticated or is requesting for authentication renewalUSER_AUTHENTICATED
if the user is authenticated and is not requesting for authentication renewal
Return type: int
-
init_form
(values=None)[source]¶ Initialization of the good form depending of POST and GET parameters
Parameters: values (django.http.QueryDict) – A POST or GET QueryDict
-
service_login
()[source]¶ Perform login agains a service
Returns: - The rendering of the
settings.CAS_WARN_TEMPLATE
if the user asked to be warned before ticket emission and has not yep been warned. - The redirection to the service URL with a ticket GET parameter
- The redirection to the service URL without a ticket if ticket generation failed
and the
gateway
attribute is set - The rendering of the
settings.CAS_LOGGED_TEMPLATE
template with some error messages if the ticket generation failed (e.g: user not allowed).
Return type: django.http.HttpResponse - The rendering of the
-
authenticated
()[source]¶ Processing authenticated users
Returns: - The returned value of
service_login()
ifservice
is defined - The rendering of
settings.CAS_LOGGED_TEMPLATE
otherwise
Return type: django.http.HttpResponse - The returned value of
-
not_authenticated
()[source]¶ Processing non authenticated users
Returns: - The rendering of
settings.CAS_LOGIN_TEMPLATE
with various messages depending of GET/POST parameters - The redirection to
FederateAuth
ifsettings.CAS_FEDERATE
isTrue
and the “remember my identity provider” cookie is found
Return type: django.http.HttpResponse - The rendering of
-
common
()[source]¶ Common part execute uppon GET and POST request
Returns: - The returned value of
authenticated()
if the user is authenticated and not requesting for authentication or if the authentication has just been renewed - The returned value of
not_authenticated()
otherwise
Return type: django.http.HttpResponse - The returned value of
-
-
class
cas_server.views.
Auth
(**kwargs)[source]¶ Bases:
django.views.generic.base.View
A simple view to validate username/password/service tuple
-
dispatch
(*args, **kwargs)[source]¶ dispatch requests based on method GET, POST, ...
Parameters: request (django.http.HttpRequest) – The current request object
-
static
post
(request)[source]¶ methode called on POST request on this view
Parameters: request (django.http.HttpRequest) – The current request object Returns: HttpResponse(u"yes\n")
if the POSTed tuple (username, password, service) if valid (i.e. (username, password) is valid dans username is allowed on service).HttpResponse(u"no\n…")
otherwise, with possibly an error message on the second line.Return type: django.http.HttpResponse
-
-
class
cas_server.views.
Validate
(**kwargs)[source]¶ Bases:
django.views.generic.base.View
service ticket validation
-
static
get
(request)[source]¶ methode called on GET request on this view
Parameters: request (django.http.HttpRequest) – The current request object Returns: HttpResponse("yes\nusername")
if submited (service, ticket) is valid- else
HttpResponse("no\n")
Return type: django.http.HttpResponse
-
static
-
exception
cas_server.views.
ValidateError
(code, msg='')[source]¶ Bases:
exceptions.Exception
handle service validation error
-
code
= None¶ The error code
-
msg
= None¶ The error message
-
render
(request)[source]¶ render the error template for the exception
Parameters: request (django.http.HttpRequest) – The current request object: Returns: the rendered cas_server/serviceValidateError.xml
templateReturn type: django.http.HttpResponse
-
-
class
cas_server.views.
ValidateService
(**kwargs)[source]¶ Bases:
django.views.generic.base.View
service ticket validation [CAS 2.0] and [CAS 3.0]
-
request
= None¶ Current
django.http.HttpRequest
object
-
service
= None¶ The service GET parameter
-
ticket
= None¶ the ticket GET parameter
-
pgt_url
= None¶ the pgtUrl GET parameter
-
renew
= None¶ the renew GET parameter
-
allow_proxy_ticket
= False¶ specify if ProxyTicket are allowed by the view. Hence we user the same view for
/serviceValidate
and/proxyValidate
juste changing the parameter.
-
get
(request)[source]¶ methode called on GET request on this view
Parameters: request (django.http.HttpRequest) – The current request object: Returns: The rendering of cas_server/serviceValidate.xml
if no errors is raised, the rendering orcas_server/serviceValidateError.xml
otherwise.Return type: django.http.HttpResponse
-
process_ticket
()[source]¶ fetch the ticket against the database and check its validity
Raises: ValidateError – if the ticket is not found or not valid, potentially for that service Returns: A couple (ticket, proxies list) Return type: tuple
-
process_pgturl
(params)[source]¶ Handle PGT request
Parameters: params (dict) – A template context dict Raises: ValidateError – if pgtUrl is invalid or if TLS validation of the pgtUrl fails Returns: The rendering of cas_server/serviceValidate.xml
, usingparams
Return type: django.http.HttpResponse
-
-
class
cas_server.views.
Proxy
(**kwargs)[source]¶ Bases:
django.views.generic.base.View
proxy ticket service
-
request
= None¶ Current
django.http.HttpRequest
object
-
pgt
= None¶ A ProxyGrantingTicket from the pgt GET parameter
-
target_service
= None¶ the targetService GET parameter
-
get
(request)[source]¶ methode called on GET request on this view
Parameters: request (django.http.HttpRequest) – The current request object: Returns: The returned value of process_proxy()
if no error is raised, else the rendering ofcas_server/serviceValidateError.xml
.Return type: django.http.HttpResponse
-
process_proxy
()[source]¶ handle PT request
Raises: ValidateError – if the PGT is not found, or the target service not allowed or the user not allowed on the tardet service. Returns: The rendering of cas_server/proxy.xml
Return type: django.http.HttpResponse
-
-
exception
cas_server.views.
SamlValidateError
(code, msg='')[source]¶ Bases:
exceptions.Exception
handle saml validation error
-
code
= None¶ The error code
-
msg
= None¶ The error message
-
render
(request)[source]¶ render the error template for the exception
Parameters: request (django.http.HttpRequest) – The current request object: Returns: the rendered cas_server/samlValidateError.xml
templateReturn type: django.http.HttpResponse
-
-
class
cas_server.views.
SamlValidate
(**kwargs)[source]¶ Bases:
django.views.generic.base.View
SAML ticket validation
-
request
= None¶
-
target
= None¶
-
ticket
= None¶
-
root
= None¶
-
dispatch
(*args, **kwargs)[source]¶ dispatch requests based on method GET, POST, ...
Parameters: request (django.http.HttpRequest) – The current request object
-
post
(request)[source]¶ methode called on POST request on this view
Parameters: request (django.http.HttpRequest) – The current request object Returns: the rendering of cas_server/samlValidate.xml
if no error is raised, else the rendering ofcas_server/samlValidateError.xml
.Return type: django.http.HttpResponse
-
process_ticket
()[source]¶ validate ticket from SAML XML body
Raises: SamlValidateError: if the ticket is not found or not valid, or if we fail to parse the posted XML. Returns: a ticket object Return type: models.Ticket
-