Commit 855d426d by Sebastian Annies

replace direct addressing of XML element xml[2][3][1] with path expression for robustness

parent 440e94e2
......@@ -16,6 +16,10 @@ _DEFAULTS = {
'CAS_VERSION': '2',
}
CAS_URI = 'http://www.yale.edu/tp/cas'
NSMAP = {'cas': CAS_URI}
CAS = '{%s}' % CAS_URI
for key, value in _DEFAULTS.iteritems():
try:
getattr(settings, key)
......
......@@ -6,9 +6,12 @@ from urlparse import urljoin
from django.conf import settings
from django.core.exceptions import ObjectDoesNotExist
from django_cas.models import User, Tgt, PgtIOU
from django_cas import CAS, NSMAP
__all__ = ['CASBackend']
def _verify_cas1(ticket, service):
"""Verifies CAS 1.0 authentication ticket.
......@@ -53,10 +56,12 @@ def _verify_cas2(ticket, service):
tree = ElementTree.fromstring(response)
page.close()
if tree[0].tag.endswith('authenticationSuccess'):
username = tree[0][0].text
if len(tree[0]) >= 2 and tree[0][1].tag.endswith('proxyGrantingTicket'):
pgtIou = PgtIOU.objects.get(pgtIou = tree[0][1].text)
if tree.find(CAS + 'authenticationSuccess', namespaces=NSMAP):
username = tree.find(CAS + 'authenticationSuccess/' + CAS + 'user', namespaces=NSMAP).text
pgtIouId = tree.find(CAS + 'authenticationSuccess/' + CAS + 'proxyGrantingTicket', namespaces=NSMAP).text
if pgtIouId:
pgtIou = PgtIOU.objects.get(pgtIou = pgtIouId)
try:
tgt = Tgt.objects.get(username = username)
tgt.tgt = pgtIou.tgt
......
......@@ -8,10 +8,12 @@ from django_cas.exceptions import CasTicketException, CasConfigException
# Ed Crewe - add in signals to delete old tickets
from django.db.models.signals import post_save
from datetime import datetime
from django_cas import CAS, NSMAP
class Tgt(models.Model):
username = models.CharField(max_length = 255, unique = True)
tgt = models.CharField(max_length = 255)
created = models.DateTimeField(auto_now = True)
def get_proxy_ticket_for(self, service):
"""Verifies CAS 2.0+ XML-based authentication ticket.
......@@ -36,8 +38,8 @@ class Tgt(models.Model):
try:
response = page.read()
tree = ElementTree.fromstring(response)
if tree[0].tag.endswith('proxySuccess'):
return tree[0][0].text
if tree.find(CAS + 'proxySuccess', namespaces=NSMAP):
return tree.find(CAS + 'proxySuccess/' + CAS + 'proxyTicket' , namespaces=NSMAP).text
else:
raise CasTicketException("Failed to get proxy ticket")
finally:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment