switch on proxy auth if PT ticket

django_cas/backends.py

@@ -96,6 +96,7 @@ def verify_proxy_ticket(ticket, service):
         if tree[0].tag.endswith('authenticationSuccess'):
             username = tree[0][0].text
             proxies = []
+            if len(tree[0]) > 1:
                 for element in tree[0][1]:
                     proxies.append(element.text)
             return {"username": username, "proxies": proxies}
@@ -112,13 +113,18 @@ if settings.CAS_VERSION not in _PROTOCOLS:
 
 _verify = _PROTOCOLS[settings.CAS_VERSION]
 
+SSO_PROXIED_PATHS = ['http://localhost:56000/portal']
 
 class CASBackend(object):
     """CAS authentication backend"""
 
     def authenticate(self, ticket, service):
         """Verifies CAS ticket and gets or creates User object"""
-
+        if ticket.startswith('PT'):
+            authdict = verify_proxy_ticket(ticket, service)
+            if authdict:
+                username = authdict.get('username','')
+        else:
             username = _verify(ticket, service)
         if not username:
             return None

django_cas/tests/cas_tests.py

@@ -253,9 +253,14 @@ class TestCAS(unittest.TestCase):
             return 'FAIL: PTURL=%s not found' % url
         page = pt.read()
         if page.find('cas:serviceResponse') > -1:
+            try:
                 pt_ticket = self.find_in_dom(page,['cas:proxySuccess',
                                                    'cas:proxyTicket'])
                 return pt_ticket
+            except:
+                print url
+                print page
+                return ''
         return None
 
 
@@ -268,6 +273,7 @@ class TestCAS(unittest.TestCase):
         except:
             return 'FAIL: PTURL=%s not found' % url
         page = login.read()
+        print url
         if page.find('cas:authenticationSuccess') > -1:
             proxy = self.find_in_dom(page,['cas:proxies',
                                                'cas:proxy'])