cas_server.auth module

Some authentication classes for the CAS

class cas_server.auth.AuthUser(username)[source]

Bases: object

Authentication base class

Parameters:username (unicode) – A username, stored in the username class attribute.
username = None

username used to instanciate the current object

test_password(password)[source]

Tests password agains the user password.

Raises:NotImplementedError – always. The method need to be implemented by subclasses
attributs()[source]

The user attributes.

raises NotImplementedError: always. The method need to be implemented by subclasses

class cas_server.auth.DummyAuthUser(username)[source]

Bases: cas_server.auth.AuthUser

A Dummy authentication class. Authentication always fails

Parameters:username (unicode) – A username, stored in the username class attribute. There is no valid value for this attribute here.
test_password(password)[source]

Tests password agains the user password.

Parameters:password (unicode) – a clear text password as submited by the user.
Returns:always False
Return type:bool
attributs()[source]

The user attributes.

Returns:en empty dict.
Return type:dict
class cas_server.auth.TestAuthUser(username)[source]

Bases: cas_server.auth.AuthUser

A test authentication class only working for one unique user.

Parameters:username (unicode) – A username, stored in the username class attribute. The uniq valid value is settings.CAS_TEST_USER.
test_password(password)[source]

Tests password agains the user password.

Parameters:password (unicode) – a clear text password as submited by the user.
Returns:True if username is valid and password is equal to settings.CAS_TEST_PASSWORD, False otherwise.
Return type:bool
attributs()[source]

The user attributes.

Returns:the settings.CAS_TEST_ATTRIBUTES dict if username is valid, an empty dict otherwise.
Return type:dict
class cas_server.auth.DBAuthUser(username)[source]

Bases: cas_server.auth.AuthUser

base class for databate based auth classes

user = None

DB user attributes as a dict if the username is found in the database.

attributs()[source]

The user attributes.

Returns:a dict with the user attributes. Attributes may be unicode() or list of unicode(). If the user do not exists, the returned dict is empty.
Return type:dict
class cas_server.auth.MysqlAuthUser(username)[source]

Bases: cas_server.auth.DBAuthUser

DEPRECATED, use SqlAuthUser instead.

A mysql authentication class: authenticate user agains a mysql database

Parameters:username (unicode) – A username, stored in the username class attribute. Valid value are fetched from the MySQL database set with settings.CAS_SQL_* settings parameters using the query settings.CAS_SQL_USER_QUERY.
test_password(password)[source]

Tests password agains the user password.

Parameters:password (unicode) – a clear text password as submited by the user.
Returns:True if username is valid and password is correct, False otherwise.
Return type:bool
class cas_server.auth.SqlAuthUser(username)[source]

Bases: cas_server.auth.DBAuthUser

A SQL authentication class: authenticate user agains a SQL database. The SQL database must be configures in settings.py as settings.DATABASES['cas_server'].

Parameters:username (unicode) – A username, stored in the username class attribute. Valid value are fetched from the MySQL database set with settings.CAS_SQL_* settings parameters using the query settings.CAS_SQL_USER_QUERY.
test_password(password)[source]

Tests password agains the user password.

Parameters:password (unicode) – a clear text password as submited by the user.
Returns:True if username is valid and password is correct, False otherwise.
Return type:bool
class cas_server.auth.LdapAuthUser(username)[source]

Bases: cas_server.auth.DBAuthUser

A ldap authentication class: authenticate user against a ldap database

Parameters:username (unicode) – A username, stored in the username class attribute. Valid value are fetched from the ldap database set with settings.CAS_LDAP_* settings parameters.
classmethod get_conn()[source]

Return a connection object to the ldap database

test_password(password)[source]

Tests password agains the user password.

Parameters:password (unicode) – a clear text password as submited by the user.
Returns:True if username is valid and password is correct, False otherwise.
Return type:bool
class cas_server.auth.DjangoAuthUser(username)[source]

Bases: cas_server.auth.AuthUser

A django auth class: authenticate user against django internal users

Parameters:username (unicode) – A username, stored in the username class attribute. Valid value are usernames of django internal users.
user = None

a django user object if the username is found. The user model is retreived using django.contrib.auth.get_user_model().

test_password(password)[source]

Tests password agains the user password.

Parameters:password (unicode) – a clear text password as submited by the user.
Returns:True if user is valid and password is correct, False otherwise.
Return type:bool
attributs()[source]

The user attributes, defined as the fields on the user object.

Returns:a dict with the user object fields. Attributes may be If the user do not exists, the returned dict is empty.
Return type:dict
class cas_server.auth.CASFederateAuth(username)[source]

Bases: cas_server.auth.AuthUser

Authentication class used then CAS_FEDERATE is True

Parameters:username (unicode) – A username, stored in the username class attribute. Valid value are usernames of FederatedUser object. FederatedUser object are created on CAS backends successful ticket validation.
user = None

a :class`FederatedUser<cas_server.models.FederatedUser>` object if username is found.

test_password(ticket)[source]

Tests password agains the user password.

Parameters:password (unicode) – The CAS tickets just used to validate the user authentication against its CAS backend.
Returns:True if user is valid and password is a ticket validated less than settings.CAS_TICKET_VALIDITY secondes and has not being previously used for authenticated this FederatedUser. False otherwise.
Return type:bool
attributs()[source]

The user attributes, as returned by the CAS backend.

Returns:FederatedUser.attributs. If the user do not exists, the returned dict is empty.
Return type:dict