Fixed bug where ticket validation fails if no pgt was requested

9801cb06 · Sebastian Annies · 855d426d · 9801cb06 · 9801cb06 · 9801cb06
Commit 9801cb06 authored Oct 25, 2011 by Sebastian Annies
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 5 deletions

django_cas/backends.py
+5 -4

django_cas/tests.py
+22 -0

setup.py
+1 -1

No files found.
--- a/django_cas/backends.py
+++ b/django_cas/backends.py
 """CAS authentication backend"""
-from urllib import urlencode, urlopen
+import urllib
 from urlparse import urljoin
 from django.conf import settings
@@ -49,16 +49,17 @@ def _verify_cas2(ticket, service):
        params = {'ticket': ticket, 'service': service}
    url = (urljoin(settings.CAS_SERVER_URL, 'proxyValidate') + '?' +
-           urlencode(params))
+           urllib.urlencode(params))
-    page = urlopen(url)
+    page = urllib.urlopen(url)
    response = page.read()
    tree = ElementTree.fromstring(response)
    page.close()
    if tree.find(CAS + 'authenticationSuccess', namespaces=NSMAP):
        username = tree.find(CAS + 'authenticationSuccess/' + CAS + 'user', namespaces=NSMAP).text
-        pgtIouId = tree.find(CAS + 'authenticationSuccess/' + CAS + 'proxyGrantingTicket', namespaces=NSMAP).text
+        pgtIouIdElement = tree.find(CAS + 'authenticationSuccess/' + CAS + 'proxyGrantingTicket', namespaces=NSMAP);
+        pgtIouId = pgtIouIdElement.text if pgtIouIdElement else None
        if pgtIouId:
            pgtIou = PgtIOU.objects.get(pgtIou = pgtIouId)

--- a/django_cas/tests.py
+++ b/django_cas/tests.py
+from StringIO import StringIO
+from unittest.case import TestCase
+import urllib
+from django.conf import settings
+from django_cas.backends import _verify_cas2
+__author__ = 'sannies'
+def dummyUrlOpenNoProxyGrantingTicket(url):
+    return StringIO('<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas"><cas:authenticationSuccess><cas:user>sannies</cas:user><cas:attributes><cas:attraStyle>Jasig</cas:attraStyle><cas:merchant>sannies</cas:merchant><cas:userServerUrl>http://localhost:8080/user-authorization-adapter/</cas:userServerUrl><cas:firstname></cas:firstname><cas:lastname></cas:lastname><cas:is_superuser>True</cas:is_superuser><cas:is_staff>True</cas:is_staff><cas:ROLES>ROLE_SUPERUSER</cas:ROLES><cas:ROLES>ROLE_STAFF</cas:ROLES><cas:ROLES>ROLE_USER</cas:ROLES><cas:ROLES>ROLE_MERCHANT</cas:ROLES><cas:playReadyLicenseAcquisitionUiUrl>http://www.drmtoday.com/</cas:playReadyLicenseAcquisitionUiUrl><cas:email>Sebastian.Annies@castlabs.com</cas:email></cas:attributes></cas:authenticationSuccess></cas:serviceResponse>')
+class backendTest(TestCase):
+    def test_verify_cas2(self):
+        urllib.urlopen = dummyUrlOpenNoProxyGrantingTicket
+        settings.CAS_PROXY_CALLBACK = None
+        user = _verify_cas2('ST-jkadfhjksdhjkfh', 'http://dummy')
+        self.assertEqual('sannies', user)
\ No newline at end of file
--- a/setup.py
+++ b/setup.py
@@ -36,5 +36,5 @@ to the admin interface.
    name='django_cas',
    packages=['django_cas'],
    url='https://github.com/castlabs/django-cas',
-    version='2.1.0',
+    version='2.1.1',
 )