Skip to content

D
django-cas
Commit 7fa47f44 by Ed Crewe
Options

wrap up as a test case

parent 135ac60b
Showing with 70 additions and 42 deletions
django_cas/tests/cas_tests.py
......@@ -7,12 +7,14 @@
# python proxy_test.py username password
# You will need to edit the constants below to match your setup ...
import unittest
import sys
import getpass
import urllib2
import urllib
from urlparse import urljoin
import cookielib
from xml.dom import minidom
# Add in a separate test_config file if you wish of the following format
try:
......@@ -31,40 +33,69 @@ except:
'submit' : 'Login' # login submit button
}
def get_auth():
class TestCAS(unittest.TestCase):
""" A class for testing a CAS setup both for standard and proxy authentication """
opener = None
auth = {}
def setUp(self):
cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
urllib2.install_opener(opener)
self.opener = opener
self.get_auth()
def test_cas(self):
""" Test ordinary and proxy CAS login
NB cant put these into separate tests since tickets
are required to be passed between tests
"""
print 'Test ordinary CAS login'
print '-----------------------'
self.ticket = self.login()
self.get_restricted()
print 'Test proxy CAS login'
print '--------------------'
iou = self.get_proxy()
if iou:
print 'Got IOU:%s' % iou
else:
print 'Proxy CAS login failed, no IOU'
def get_auth(self):
""" Get authentication by passing to this script on the command line """
if len(sys.argv) > 1:
AUTH['username'] = sys.argv[1]
self.auth['username'] = sys.argv[1]
else:
AUTH['username'] = getpass.getuser()
AUTH['password'] = getpass.getpass('CAS Password for user %s:' % AUTH['username'])
return AUTH
self.auth['username'] = getpass.getuser()
self.auth['password'] = getpass.getpass('CAS Password for user %s:' % AUTH['username'])
return
def get_token(opener, url, token=TOKEN):
def get_token(self, url, token=TOKEN):
""" Get CSRF token """
r = opener.open(url)
r = self.opener.open(url)
page = r.read()
starts = ['<input type="hidden" name="%s"' % token,
'value="']
return find_in_page(page, starts, '"')
return self.find_in_page(page, starts, '"')
def get_ticket(page, app_url):
def get_ticket(self, page, app_url):
""" Get CSRF token """
starts = [app_url,'?ticket=']
return find_in_page(page, starts, '"')
return self.find_in_page(page, starts, '"')
def find_in_dom(page, nesting=['body','form']):
""" Use dom to get values from page """
from xml.dom import minidom
def find_in_dom(self, page, nesting=['body','form']):
""" Use dom to get values from XML or page """
dom = minidom.parseString(page)
for level in nesting:
try:
dom = dom.getElementsByTagname(level)[0]
dom = dom.getElementsByTagName(level)[0]
except:
break
return dom.getAttribute('data')
return dom.childNodes[0].nodeValue
def find_in_page(page, starts, stop):
def find_in_page(self, page, starts, stop):
""" Replace this with find_in_dom ?
Although without knowing the CAS login page this
is probably more generic.
......@@ -75,33 +106,33 @@ def find_in_page(page, starts, stop):
found = page[start:end]
return found
def login(opener, auth):
def login(self):
""" Login to CAS server """
url = '%s/login?service=%s' % (CAS_SERVER_URL, APP_URL)
ticket = ''
token = get_token(opener, url)
token = self.get_token(url)
if token:
auth[TOKEN] = token
self.auth[TOKEN] = token
else:
print 'FAILED CSRF Token could not be found on page'
return ticket
auth['service'] = APP_URL
data = urllib.urlencode(auth)
sso_resp = opener.open(url, data)
self.auth['service'] = APP_URL
data = urllib.urlencode(self.auth)
sso_resp = self.opener.open(url, data)
sso_page = sso_resp.read()
found = sso_page.find(CAS_SUCCESS) > -1
sso_resp.close()
if found:
ticket = get_ticket(sso_page, APP_URL)
ticket = self.get_ticket(sso_page, APP_URL)
print 'PASS CAS logged in to %s' % url
else:
print 'FAILED CAS login to %s' % url
return ticket
def get_restricted(opener):
def get_restricted(self):
""" Access a restricted URL and see if its accessible """
url = APP_URL + APP_RESTRICTED
app_resp = opener.open(url)
app_resp = self.opener.open(url)
ok = app_resp.code == 200
app_resp.close()
if ok:
......@@ -110,22 +141,19 @@ def get_restricted(opener):
print 'FAILED to log in to restricted app at %s' % url
return
def get_proxy(opener, ticket):
def get_proxy(self):
""" Use login ticket to get proxy """
url_args = (CAS_SERVER_URL, ticket, APP_URL, PROXY_URL)
url_args = (CAS_SERVER_URL, self.ticket, APP_URL, PROXY_URL)
iou_url = '%s/serviceValidate?ticket=%s&service=%s&pgtUrl=%s' % url_args
iou = opener.open(iou_url)
print iou.read()
cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
urllib2.install_opener(opener)
auth = get_auth()
print 'Test ordinary CAS login'
print '-----------------------'
ticket = login(opener, auth)
get_restricted(opener)
print ''
print 'Test proxy CAS login'
print '--------------------'
get_proxy(opener, ticket)
iou = self.opener.open(iou_url)
page = iou.read()
if page.find('cas:authenticationSuccess') > -1:
iou_ticket = self.find_in_dom(page,['cas:serviceResponse',
'cas:authenticationSuccess',
'cas:proxyGrantingTicket'])
return iou_ticket
print page
return None
if __name__ == '__main__':
unittest.main()
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment