Comments (4)
Hi @Jiloc, as stated on the webpage linked:
This documentation describes how to delegate and submit authentication requests to a remote REST endpoint. It has nothing to do with the native CAS REST API ...
So this has nothing to do with the CAS Server itself. I mean, the functionality can be created on its own project. Like I'm using REMOTE_USER to authenticate users, so the users are already authenticated when they reach the CAS Server code. I know this is not delegation, but you can easily write a backend that will do what you want.
Hope this helps!
from django-mama-cas.
Hi @manelclos,
Thank you for the suggestion! I actually did it by overriding mama_cas_views.LoginView in my own project. Anyway I still think that it would be very useful feature to introduce in this project.
from django-mama-cas.
@Jiloc are the changes online or can you share them?
from django-mama-cas.
They are not online, but I will share it here. Anyway I find my adaptation too custom to be used as is.
class LoginRestView(mama_cas_views.LoginView):
def get_form_kwargs(self):
"""
Django >= 1.11 supports a request sent to the authenticator
so we grab that here and pass it along to the form so it can be
handed off to the authenticators.
"""
kwargs = super(LoginRestView, self).get_form_kwargs()
if 'HTTP_AUTHORIZATION' in self.request.META:
authmeth, auth = self.request.META['HTTP_AUTHORIZATION'].split(' ', 1)
if authmeth.lower() == 'basic':
auth = base64.b64decode(auth).decode('utf-8')
username, password = auth.split(':', 1)
kwargs['data'] = {
'username': username,
'password': password
}
return kwargs
def post(self, request, *args, **kwargs):
return super(LoginRestView, self).post(request, *args, **kwargs)
@method_decorator(ensure_csrf_cookie)
def get(self, request, *args, **kwargs):
"""
(2.1) As a credential requestor, /login accepts three optional
parameters:
1. ``service``: the identifier of the application the client is
accessing. We assume this identifier to be a URL.
2. ``renew``: requires a client to present credentials
regardless of any existing single sign-on session.
3. ``gateway``: causes the client to not be prompted for
credentials. If a single sign-on session exists the user
will be logged in and forwarded to the specified service.
Otherwise, the user remains logged out and is forwarded to
the specified service.
"""
form = self.get_form()
if form.is_valid():
return self.form_valid(form)
service = request.GET.get('service')
renew = to_bool(request.GET.get('renew'))
gateway = to_bool(request.GET.get('gateway'))
if renew:
logger.debug("Renew request received by credential requestor")
elif gateway and service:
logger.debug("Gateway request received by credential requestor")
if is_authenticated(request.user):
st = ServiceTicket.objects.create_ticket(
service=service, user=request.user)
if self.warn_user():
return redirect('cas_warn', params={
'service': service, 'ticket': st.ticket})
return redirect(service, params={'ticket': st.ticket})
else:
return redirect(service)
elif is_authenticated(request.user):
if service:
logger.debug(
"Service ticket request received by credential requestor")
st = ServiceTicket.objects.create_ticket(
service=service, user=request.user)
if self.warn_user():
return redirect('cas_warn', params={
'service': service, 'ticket': st.ticket})
return redirect(service, params={'ticket': st.ticket})
else:
return HttpResponse(
json.dumps({'message': 'Ok'}),
content_type="application/json")
res = HttpResponse(status=401)
res['WWW-Authenticate'] = 'Basic'
return res
from django-mama-cas.
Related Issues (20)
- /cas/validate returns no
- Signup and password reset? HOT 2
- ImportError: cannot import name 'python_2_unicode_compatible' HOT 1
- build pip package please HOT 4
- django 3.1.5 - cannot import name 'python_2_unicode_compatible' HOT 2
- django-mama-cas and python-social-auth HOT 2
- Allow service backends to have access to the current request or user
- Allow services to decide if a request should be warned (`warn_user`)
- Django 4.2 support HOT 1
- How does djang_mama_cas solve the problem of implementing single sign out
- Custom Username CAS
- Single logout should raise on request failure HOT 1
- Single logout breaks with multiple sessions HOT 2
- Why is this code in models. py not executed when logout? HOT 3
- About the βexpireβ of ST Model HOT 1
- Question: Adding Two-Factor Auth HOT 1
- Still active? HOT 9
- Do MAMA_CAS_USER_ATTRIBUTES and MAMA_CAS_PROFILE_ATTRIBUTES work? HOT 4
- Sign on without ticket generation HOT 10
- Single Sign Out sometime can't work normally with error "Connection reset by peer" HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-mama-cas.