kumi/django-cas-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Code factorisation in views.py

Browse source
This commit is contained in:
Valentin Samir 2016-08-06 11:09:15 +02:00
parent d46428520f
commit aaadca15b7
1 changed files with 78 additions and 92 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

134
cas_server/views.py
View file

@ -45,6 +45,7 @@ logger = logging.getLogger(__name__)
class LogoutMixin(object): class LogoutMixin(object):
"""destroy CAS session utils""" """destroy CAS session utils"""
def logout(self, all_session=False): def logout(self, all_session=False):
""" """
effectively destroy a CAS session effectively destroy a CAS session
@ -63,28 +64,25 @@ class LogoutMixin(object):
logger.info("Logging out user %s from all of they sessions." % username) logger.info("Logging out user %s from all of they sessions." % username)
else: else:
logger.info("Logging out user %s." % username) logger.info("Logging out user %s." % username)
# logout the user from the current session users = []
# try to get the user from the current session
try: try:
user = models.User.objects.get( users.append(
models.User.objects.get(
username=username, username=username,
session_key=self.request.session.session_key session_key=self.request.session.session_key
) )
# flush the session )
self.request.session.flush()
# send SLO requests
user.logout(self.request)
# delete the user
user.delete()
# increment the destroyed session counter
session_nb += 1
except models.User.DoesNotExist: except models.User.DoesNotExist:
# if user not found in database, flush the session anyway # if user not found in database, flush the session anyway
self.request.session.flush() self.request.session.flush()
# If all_session is set logout user from alternative sessions # If all_session is set, search all of the user sessions
if all_session: if all_session:
# Iterate over all user sessions users.extend(models.User.objects.filter(username=username))
for user in models.User.objects.filter(username=username):
# Iterate over all user sessions that have to be logged out
for user in users:
# get the user session # get the user session
session = SessionStore(session_key=user.session_key) session = SessionStore(session_key=user.session_key)
# flush the session # flush the session
@ -100,6 +98,19 @@ class LogoutMixin(object):
return session_nb return session_nb
class CsrfExemptView(View):
"""base class for csrf exempt class views"""
@method_decorator(csrf_exempt) # csrf is disabled for allowing SLO requests reception
def dispatch(self, request, *args, **kwargs):
"""
dispatch different http request to the methods of the same name
:param django.http.HttpRequest request: The current request object
"""
return super(CsrfExemptView, self).dispatch(request, *args, **kwargs)
class LogoutView(View, LogoutMixin): class LogoutView(View, LogoutMixin):
"""destroy CAS session (logout) view""" """destroy CAS session (logout) view"""
@ -210,17 +221,12 @@ class LogoutView(View, LogoutMixin):
) )
class FederateAuth(View): class FederateAuth(CsrfExemptView):
"""view to authenticated user agains a backend CAS then CAS_FEDERATE is True"""
@method_decorator(csrf_exempt) # csrf is disabled for allowing SLO requests reception
def dispatch(self, request, *args, **kwargs):
""" """
dispatch different http request to the methods of the same name view to authenticated user agains a backend CAS then CAS_FEDERATE is True
:param django.http.HttpRequest request: The current request object csrf is disabled for allowing SLO requests reception.
""" """
return super(FederateAuth, self).dispatch(request, *args, **kwargs)
def get_cas_client(self, request, provider, renew=False): def get_cas_client(self, request, provider, renew=False):
""" """
@ -923,18 +929,13 @@ class LoginView(View, LogoutMixin):
return self.not_authenticated() return self.not_authenticated()
class Auth(View): class Auth(CsrfExemptView):
"""A simple view to validate username/password/service tuple"""
# csrf is disable as it is intended to be used by programs. Security is assured by a shared
# secret between the programs dans django-cas-server.
@method_decorator(csrf_exempt)
def dispatch(self, request, *args, **kwargs):
""" """
dispatch requests based on method GET, POST, ... A simple view to validate username/password/service tuple
:param django.http.HttpRequest request: The current request object csrf is disable as it is intended to be used by programs. Security is assured by a shared
secret between the programs dans django-cas-server.
""" """
return super(Auth, self).dispatch(request, *args, **kwargs)
@staticmethod @staticmethod
def post(request): def post(request):
@ -1041,8 +1042,9 @@ class Validate(View):
@python_2_unicode_compatible @python_2_unicode_compatible
class ValidateError(Exception): class ValidationBaseError(Exception):
"""handle service validation error""" """Base class for both saml and cas validation error"""
#: The error code #: The error code
code = None code = None
#: The error message #: The error message
@ -1064,12 +1066,23 @@ class ValidateError(Exception):
:return: the rendered ``cas_server/serviceValidateError.xml`` template :return: the rendered ``cas_server/serviceValidateError.xml`` template
:rtype: django.http.HttpResponse :rtype: django.http.HttpResponse
""" """
return render( return render(request, self.template, self.contex(), content_type="text/xml; charset=utf-8")
request,
"cas_server/serviceValidateError.xml",
{'code': self.code, 'msg': self.msg}, class ValidateError(ValidationBaseError):
content_type="text/xml; charset=utf-8" """handle service validation error"""
)
#: template to be render for the error
template = "cas_server/serviceValidateError.xml"
def context(self):
"""
content to use to render :attr:`template`
:return: A dictionary to contextualize :attr:`template`
:rtype: dict
"""
return {'code': self.code, 'msg': self.msg}
class ValidateService(View): class ValidateService(View):
@ -1333,59 +1346,32 @@ class Proxy(View):
) )
@python_2_unicode_compatible class SamlValidateError(ValidationBaseError):
class SamlValidateError(Exception):
"""handle saml validation error""" """handle saml validation error"""
#: The error code
code = None
#: The error message
msg = None
def __init__(self, code, msg=""): #: template to be render for the error
self.code = code template = "cas_server/samlValidateError.xml"
self.msg = msg
super(SamlValidateError, self).__init__(code)
def __str__(self): def context(self):
return u"%s" % self.msg
def render(self, request):
""" """
render the error template for the exception :return: A dictionary to contextualize :attr:`template`
:rtype: dict
:param django.http.HttpRequest request: The current request object:
:return: the rendered ``cas_server/samlValidateError.xml`` template
:rtype: django.http.HttpResponse
""" """
return render( return {
request,
"cas_server/samlValidateError.xml",
{
'code': self.code, 'code': self.code,
'msg': self.msg, 'msg': self.msg,
'IssueInstant': timezone.now().isoformat(), 'IssueInstant': timezone.now().isoformat(),
'ResponseID': utils.gen_saml_id() 'ResponseID': utils.gen_saml_id()
}, }
content_type="text/xml; charset=utf-8"
)
class SamlValidate(View): class SamlValidate(CsrfExemptView):
"""SAML ticket validation""" """SAML ticket validation"""
request = None request = None
target = None target = None
ticket = None ticket = None
root = None root = None
@method_decorator(csrf_exempt)
def dispatch(self, request, *args, **kwargs):
"""
dispatch requests based on method GET, POST, ...
:param django.http.HttpRequest request: The current request object
"""
return super(SamlValidate, self).dispatch(request, *args, **kwargs)
def post(self, request): def post(self, request):
""" """
methode called on POST request on this view methode called on POST request on this view