Factorize froms.py

aae3a018 · Valentin Samir · 2298b94f · aae3a018 · aae3a018 · aae3a018
Commit aae3a018 authored Jul 31, 2016 by Valentin Samir
Hide whitespace changes
Inline Side-by-side

Showing with 39 additions and 54 deletions

cas_server/forms.py cas_server/forms.py +30 -42

cas_server/tests/test_federate.py cas_server/tests/test_federate.py +4 -10

cas_server/views.py cas_server/views.py +5 -2

No files found.
--- a/cas_server/forms.py
+++ b/cas_server/forms.py
@@ -19,7 +19,11 @@ import cas_server.models as models


 class BootsrapForm(forms.Form):
-    """Form base class to use boostrap then rendering the form fields"""
+    """
+        Bases: :class:`django.forms.Form`
+
+        Form base class to use boostrap then rendering the form fields
+    """
    def __init__(self, *args, **kwargs):
        super(BootsrapForm, self).__init__(*args, **kwargs)
        for (name, field) in self.fields.items():
@@ -39,29 +43,36 @@ class BootsrapForm(forms.Form):
                field.widget.attrs.update(attrs)


-class WarnForm(BootsrapForm):
+class BaseLogin(BootsrapForm):
    """
-        Bases: :class:`django.forms.Form`
+        Bases: :class:`BootsrapForm`

-        Form used on warn page before emiting a ticket
+        Base form with all field possibly hidden on the login pages
    """
-
    #: The service url for which the user want a ticket
    service = forms.CharField(widget=forms.HiddenInput(), required=False)
+    #: A valid LoginTicket to prevent POST replay
+    lt = forms.CharField(widget=forms.HiddenInput(), required=False)
    #: Is the service asking the authentication renewal ?
    renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)
    #: Url to redirect to if the authentication fail (user not authenticated or bad service)
    gateway = forms.CharField(widget=forms.HiddenInput(), required=False)
    method = forms.CharField(widget=forms.HiddenInput(), required=False)
+
+
+class WarnForm(BaseLogin):
+    """
+        Bases: :class:`BaseLogin`
+
+        Form used on warn page before emiting a ticket
+    """
    #: ``True`` if the user has been warned of the ticket emission
    warned = forms.BooleanField(widget=forms.HiddenInput(), required=False)
-    #: A valid LoginTicket to prevent POST replay
-    lt = forms.CharField(widget=forms.HiddenInput(), required=False)


-class FederateSelect(BootsrapForm):
+class FederateSelect(BaseLogin):
    """
-        Bases: :class:`django.forms.Form`
+        Bases: :class:`BaseLogin`

        Form used on the login page when ``settings.CAS_FEDERATE`` is ``True``
        allowing the user to choose an identity provider.
@@ -76,9 +87,6 @@ class FederateSelect(BootsrapForm):
        to_field_name="suffix",
        label=_('Identity provider'),
    )
-    #: The service url for which the user want a ticket
-    service = forms.CharField(label=_('service'), widget=forms.HiddenInput(), required=False)
-    method = forms.CharField(widget=forms.HiddenInput(), required=False)
    #: A checkbox to remember the user choices of :attr:`provider<FederateSelect.provider>`
    remember = forms.BooleanField(label=_('Remember the identity provider'), required=False)
    #: A checkbox to ask to be warn before emiting a ticket for another service
@@ -86,35 +94,23 @@ class FederateSelect(BootsrapForm):
        label=_('Warn me before logging me into other sites.'),
        required=False
    )
-    #: Is the service asking the authentication renewal ?
-    renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)


-class UserCredential(BootsrapForm):
+class UserCredential(BaseLogin):
    """
-         Bases: :class:`django.forms.Form`
+         Bases: :class:`BaseLogin`

         Form used on the login page to retrive user credentials
     """
    #: The user username
    username = forms.CharField(label=_('username'))
-    #: The service url for which the user want a ticket
-    service = forms.CharField(label=_('service'), widget=forms.HiddenInput(), required=False)
    #: The user password
    password = forms.CharField(label=_('password'), widget=forms.PasswordInput)
-    #: A valid LoginTicket to prevent POST replay
-    lt = forms.CharField(widget=forms.HiddenInput(), required=False)
-    method = forms.CharField(widget=forms.HiddenInput(), required=False)
    #: A checkbox to ask to be warn before emiting a ticket for another service
    warn = forms.BooleanField(
        label=_('Warn me before logging me into other sites.'),
        required=False
    )
-    #: Is the service asking the authentication renewal ?
-    renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)
-
-    def __init__(self, *args, **kwargs):
-        super(UserCredential, self).__init__(*args, **kwargs)

    def clean(self):
        """
@@ -138,7 +134,7 @@ class UserCredential(BootsrapForm):

 class FederateUserCredential(UserCredential):
    """
-        Bases: :class:`UserCredential`
+        Bases: :class:`BaseLogin`, :class:`UserCredential`

        Form used on a auto submited page for linking the views
        :class:`FederateAuth<cas_server.views.FederateAuth>` and
@@ -156,21 +152,13 @@ class FederateUserCredential(UserCredential):
        This stub authentication form, allow to implement the federated mode with very few
        modificatons to the :class:`LoginView<cas_server.views.LoginView>` view.
    """
-    #: the user username with the ``@`` component
-    username = forms.CharField(widget=forms.HiddenInput())
-    #: The service url for which the user want a ticket
-    service = forms.CharField(widget=forms.HiddenInput(), required=False)
-    #: The ``ticket`` used to authenticate the user against a provider
-    password = forms.CharField(widget=forms.HiddenInput())
-    #: alias of :attr:`password`
-    ticket = forms.CharField(widget=forms.HiddenInput())
-    #: A valid LoginTicket to prevent POST replay
-    lt = forms.CharField(widget=forms.HiddenInput(), required=False)
-    method = forms.CharField(widget=forms.HiddenInput(), required=False)
-    #: Has the user asked to be warn before emiting a ticket for another service
-    warn = forms.BooleanField(widget=forms.HiddenInput(), required=False)
-    #: Is the service asking the authentication renewal ?
-    renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)
+
+    def __init__(self, *args, **kwargs):
+        super(FederateUserCredential, self).__init__(*args, **kwargs)
+        # All fields are hidden and auto filled by the /login view logic
+        for name, field in self.fields.items():
+            field.widget = forms.HiddenInput()
+            self[name].display = False

    def clean(self):
        """

--- a/cas_server/tests/test_federate.py
+++ b/cas_server/tests/test_federate.py
@@ -88,16 +88,10 @@ class FederateAuthLoginLogoutTestCase(
            response = client.post('/federate', params)
            # we are redirected to the provider CAS client url
            self.assertEqual(response.status_code, 302)
-            if remember:
-                self.assertEqual(response["Location"], '%s/federate/%s?remember=on' % (
-                    'http://testserver' if django.VERSION < (1, 9) else "",
-                    provider.suffix
-                ))
-            else:
-                self.assertEqual(response["Location"], '%s/federate/%s' % (
-                    'http://testserver' if django.VERSION < (1, 9) else "",
-                    provider.suffix
-                ))
+            self.assertEqual(response["Location"], '%s/federate/%s' % (
+                'http://testserver' if django.VERSION < (1, 9) else "",
+                provider.suffix
+            ))
            # let's follow the redirect
            response = client.get('/federate/%s' % provider.suffix)
            # we are redirected to the provider CAS for authentication

--- a/cas_server/views.py
+++ b/cas_server/views.py
@@ -264,8 +264,10 @@ class FederateAuth(View):
            if form.is_valid():
                params = utils.copy_params(
                    request.POST,
-                    ignore={"provider", "csrfmiddlewaretoken", "ticket"}
+                    ignore={"provider", "csrfmiddlewaretoken", "ticket", "lt", "remember"}
                )
+                if params.get("renew") == "False":
+                    del params["renew"]
                url = utils.reverse_params(
                    "cas_server:federateAuth",
                    kwargs=dict(provider=form.cleaned_data["provider"].suffix),
@@ -425,7 +427,8 @@ class LoginView(View, LogoutMixin):
        self.warn = request.POST.get('warn')
        if settings.CAS_FEDERATE:
            self.username = request.POST.get('username')
-            self.ticket = request.POST.get('ticket')
+            # in federated mode, the valdated indentity provider CAS ticket is used as password
+            self.ticket = request.POST.get('password')

    def gen_lt(self):
        """Generate a new LoginTicket and add it to the list of valid LT for the user"""