Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
django-cas-server
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Valentin Samir
django-cas-server
Commits
cec0cadb
Commit
cec0cadb
authored
Jul 20, 2016
by
Valentin Samir
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add some docs using sphinx autodoc
parent
28dd67cb
Changes
20
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
20 changed files
with
1222 additions
and
233 deletions
+1222
-233
.gitignore
.gitignore
+1
-0
Makefile
Makefile
+2
-3
cas_server/__init__.py
cas_server/__init__.py
+1
-0
cas_server/admin.py
cas_server/admin.py
+105
-36
cas_server/apps.py
cas_server/apps.py
+7
-1
cas_server/auth.py
cas_server/auth.py
+140
-24
cas_server/federate.py
cas_server/federate.py
+48
-10
cas_server/forms.py
cas_server/forms.py
+79
-6
cas_server/models.py
cas_server/models.py
+272
-44
cas_server/utils.py
cas_server/utils.py
+236
-47
cas_server/views.py
cas_server/views.py
+1
-4
docs/Makefile
docs/Makefile
+1
-0
docs/_ext/djangodocs.py
docs/_ext/djangodocs.py
+321
-0
docs/conf.py
docs/conf.py
+7
-5
docs/django_sphinx.py
docs/django_sphinx.py
+0
-41
docs/package/cas_server.admin.rst
docs/package/cas_server.admin.rst
+1
-1
docs/package/cas_server.apps.rst
docs/package/cas_server.apps.rst
+0
-1
docs/package/cas_server.forms.rst
docs/package/cas_server.forms.rst
+0
-2
docs/package/cas_server.models.rst
docs/package/cas_server.models.rst
+0
-1
docs/package/cas_server.urls.rst
docs/package/cas_server.urls.rst
+0
-7
No files found.
.gitignore
View file @
cec0cadb
...
...
@@ -11,6 +11,7 @@ db.sqlite3
manage.py
coverage.xml
docs/_build/
docs/django.inv
.tox
test_venv
...
...
Makefile
View file @
cec0cadb
...
...
@@ -25,8 +25,7 @@ clean_coverage:
clean_tild_backup
:
find ./
-name
'*~'
-delete
clean_docs
:
rm
-rf
docs/_build/
rm
-rf
docs/package/
rm
-rf
docs/_build/ docs/django.inv
clean_eggs
:
rm
-rf
.eggs/
...
...
@@ -74,4 +73,4 @@ docs/package: test_venv/bin/sphinx-build
test_venv/bin/sphinx-apidoc
-f
-e
cas_server
-o
docs/package/ cas_server/migrations/ cas_server/management/ cas_server/tests/
#cas_server/cas.py
docs
:
docs/package test_venv/bin/sphinx-build
cd
docs
;
export
PATH
=
$(
realpath
test_venv/bin/
)
:
$$
PATH
;
make coverage html
bash
-c
"source test_venv/bin/activate; cd docs; make html"
cas_server/__init__.py
View file @
cec0cadb
...
...
@@ -9,4 +9,5 @@
#
# (c) 2015-2016 Valentin Samir
"""A django CAS server application"""
#: path the the application configuration class
default_app_config
=
'cas_server.apps.CasAppConfig'
cas_server/admin.py
View file @
cec0cadb
...
...
@@ -15,86 +15,155 @@ from .models import Username, ReplaceAttributName, ReplaceAttributValue, FilterA
from
.models
import
FederatedIendityProvider
from
.forms
import
TicketForm
TICKETS_READONLY_FIELDS
=
(
'validate'
,
'service'
,
'service_pattern'
,
'creation'
,
'renew'
,
'single_log_out'
,
'value'
)
TICKETS_FIELDS
=
(
'validate'
,
'service'
,
'service_pattern'
,
'creation'
,
'renew'
,
'single_log_out'
)
class
BaseInlines
(
admin
.
TabularInline
):
"""
Bases: :class:`django.contrib.admin.TabularInline`
class
ServiceTicketInline
(
admin
.
TabularInline
):
"""`ServiceTicket` in admin interface"""
model
=
ServiceTicket
Base class for inlines in the admin interface.
"""
#: This controls the number of extra forms the formset will display in addition to
#: the initial forms.
extra
=
0
class
UserAdminInlines
(
BaseInlines
):
"""
Bases: :class:`BaseInlines`
Base class for inlines in :class:`UserAdmin` interface
"""
#: The form :class:`TicketForm<cas_server.forms.TicketForm>` used to display tickets.
form
=
TicketForm
readonly_fields
=
TICKETS_READONLY_FIELDS
fields
=
TICKETS_FIELDS
#: Fields to display on a object that are read only (not editable).
readonly_fields
=
(
'validate'
,
'service'
,
'service_pattern'
,
'creation'
,
'renew'
,
'single_log_out'
,
'value'
)
#: Fields to display on a object.
fields
=
(
'validate'
,
'service'
,
'service_pattern'
,
'creation'
,
'renew'
,
'single_log_out'
)
class
ServiceTicketInline
(
UserAdminInlines
):
"""
Bases: :class:`UserAdminInlines`
class
ProxyTicketInline
(
admin
.
TabularInline
):
"""`ProxyTicket` in admin interface"""
:class:`ServiceTicket<cas_server.models.ServiceTicket>` in admin interface
"""
#: The model which the inline is using.
model
=
ServiceTicket
class
ProxyTicketInline
(
UserAdminInlines
):
"""
Bases: :class:`UserAdminInlines`
:class:`ProxyTicket<cas_server.models.ProxyTicket>` in admin interface
"""
#: The model which the inline is using.
model
=
ProxyTicket
extra
=
0
form
=
TicketForm
readonly_fields
=
TICKETS_READONLY_FIELDS
fields
=
TICKETS_FIELDS
class
ProxyGrantingInline
(
admin
.
TabularInline
):
"""`ProxyGrantingTicket` in admin interface"""
class
ProxyGrantingInline
(
UserAdminInlines
):
"""
Bases: :class:`UserAdminInlines`
:class:`ProxyGrantingTicket<cas_server.models.ProxyGrantingTicket>` in admin interface
"""
#: The model which the inline is using.
model
=
ProxyGrantingTicket
extra
=
0
form
=
TicketForm
readonly_fields
=
TICKETS_READONLY_FIELDS
fields
=
TICKETS_FIELDS
[
1
:]
class
UserAdmin
(
admin
.
ModelAdmin
):
"""`User` in admin interface"""
"""
Bases: :class:`django.contrib.admin.ModelAdmin`
:class:`User<cas_server.models.User>` in admin interface
"""
#: See :class:`ServiceTicketInline`, :class:`ProxyTicketInline`, :class:`ProxyGrantingInline`
#: objects below the :class:`UserAdmin` fields.
inlines
=
(
ServiceTicketInline
,
ProxyTicketInline
,
ProxyGrantingInline
)
#: Fields to display on a object that are read only (not editable).
readonly_fields
=
(
'username'
,
'date'
,
"session_key"
)
#: Fields to display on a object.
fields
=
(
'username'
,
'date'
,
"session_key"
)
#: Fields to display on the list of class:`UserAdmin` objects.
list_display
=
(
'username'
,
'date'
,
"session_key"
)
class
UsernamesInline
(
admin
.
TabularInline
):
"""`Username` in admin interface"""
class
UsernamesInline
(
BaseInlines
):
"""
Bases: :class:`BaseInlines`
:class:`Username<cas_server.models.Username>` in admin interface
"""
#: The model which the inline is using.
model
=
Username
extra
=
0
class
ReplaceAttributNameInline
(
admin
.
TabularInline
):
"""`ReplaceAttributName` in admin interface"""
class
ReplaceAttributNameInline
(
BaseInlines
):
"""
Bases: :class:`BaseInlines`
:class:`ReplaceAttributName<cas_server.models.ReplaceAttributName>` in admin interface
"""
#: The model which the inline is using.
model
=
ReplaceAttributName
extra
=
0
class
ReplaceAttributValueInline
(
admin
.
TabularInline
):
"""`ReplaceAttributValue` in admin interface"""
class
ReplaceAttributValueInline
(
BaseInlines
):
"""
Bases: :class:`BaseInlines`
:class:`ReplaceAttributValue<cas_server.models.ReplaceAttributValue>` in admin interface
"""
#: The model which the inline is using.
model
=
ReplaceAttributValue
extra
=
0
class
FilterAttributValueInline
(
admin
.
TabularInline
):
"""`FilterAttributValue` in admin interface"""
class
FilterAttributValueInline
(
BaseInlines
):
"""
Bases: :class:`BaseInlines`
:class:`FilterAttributValue<cas_server.models.FilterAttributValue>` in admin interface
"""
#: The model which the inline is using.
model
=
FilterAttributValue
extra
=
0
class
ServicePatternAdmin
(
admin
.
ModelAdmin
):
"""`ServicePattern` in admin interface"""
"""
Bases: :class:`django.contrib.admin.ModelAdmin`
:class:`ServicePattern<cas_server.models.ServicePattern>` in admin interface
"""
#: See :class:`UsernamesInline`, :class:`ReplaceAttributNameInline`,
#: :class:`ReplaceAttributValueInline`, :class:`FilterAttributValueInline` objects below
#: the :class:`ServicePatternAdmin` fields.
inlines
=
(
UsernamesInline
,
ReplaceAttributNameInline
,
ReplaceAttributValueInline
,
FilterAttributValueInline
)
#: Fields to display on the list of class:`ServicePatternAdmin` objects.
list_display
=
(
'pos'
,
'name'
,
'pattern'
,
'proxy'
,
'single_log_out'
,
'proxy_callback'
,
'restrict_users'
)
class
FederatedIendityProviderAdmin
(
admin
.
ModelAdmin
):
"""`FederatedIendityProvider` in admin interface"""
"""
Bases: :class:`django.contrib.admin.ModelAdmin`
:class:`FederatedIendityProvider<cas_server.models.FederatedIendityProvider>` in admin
interface
"""
#: Fields to display on a object.
fields
=
(
'pos'
,
'suffix'
,
'server_url'
,
'cas_protocol_version'
,
'verbose_name'
,
'display'
)
#: Fields to display on the list of class:`FederatedIendityProviderAdmin` objects.
list_display
=
(
'verbose_name'
,
'suffix'
,
'display'
)
...
...
cas_server/apps.py
View file @
cec0cadb
...
...
@@ -14,6 +14,12 @@ from django.apps import AppConfig
class
CasAppConfig
(
AppConfig
):
"""django CAS application config class"""
"""
Bases: :class:`django.apps.AppConfig`
django CAS application config class
"""
#: Full Python path to the application. It must be unique across a Django project.
name
=
'cas_server'
#: Human-readable name for the application.
verbose_name
=
_
(
'Central Authentication Service'
)
cas_server/auth.py
View file @
cec0cadb
...
...
@@ -26,55 +26,112 @@ from .models import FederatedUser
class
AuthUser
(
object
):
"""Authentication base class"""
"""
Authentication base class
:param unicode username: A username, stored in the :attr:`username` class attribute.
"""
#: username used to instanciate the current object
username
=
None
def
__init__
(
self
,
username
):
self
.
username
=
username
def
test_password
(
self
,
password
):
"""test `password` agains the user"""
"""
Tests ``password`` agains the user password.
:raises NotImplementedError: always. The method need to be implemented by subclasses
"""
raise
NotImplementedError
()
def
attributs
(
self
):
"""return a dict of user attributes"""
"""
The user attributes.
raises NotImplementedError: always. The method need to be implemented by subclasses
"""
raise
NotImplementedError
()
class
DummyAuthUser
(
AuthUser
):
# pragma: no cover
"""A Dummy authentication class"""
"""
A Dummy authentication class. Authentication always fails
def
__init__
(
self
,
username
):
super
(
DummyAuthUser
,
self
).
__init__
(
username
)
:param unicode username: A username, stored in the :attr:`username<AuthUser.username>`
class attribute. There is no valid value for this attribute here.
"""
def
test_password
(
self
,
password
):
"""test `password` agains the user"""
"""
Tests ``password`` agains the user password.
:param unicode password: a clear text password as submited by the user.
:return: always ``False``
:rtype: bool
"""
return
False
def
attributs
(
self
):
"""return a dict of user attributes"""
"""
The user attributes.
:return: en empty :class:`dict`.
:rtype: dict
"""
return
{}
class
TestAuthUser
(
AuthUser
):
"""
A test authentication class with one user test having
alose test as password and some attributes"""
"""
A test authentication class only working for one unique user.
def
__init__
(
self
,
username
):
super
(
TestAuthUser
,
self
).
__init__
(
username
)
:param unicode username: A username, stored in the :attr:`username<AuthUser.username>`
class attribute. The uniq valid value is ``settings.CAS_TEST_USER``.
"""
def
test_password
(
self
,
password
):
"""test `password` agains the user"""
"""
Tests ``password`` agains the user password.
:param unicode password: a clear text password as submited by the user.
:return: ``True`` if :attr:`username<AuthUser.username>` is valid and
``password`` is equal to ``settings.CAS_TEST_PASSWORD``, ``False`` otherwise.
:rtype: bool
"""
return
self
.
username
==
settings
.
CAS_TEST_USER
and
password
==
settings
.
CAS_TEST_PASSWORD
def
attributs
(
self
):
"""return a dict of user attributes"""
return
settings
.
CAS_TEST_ATTRIBUTES
"""
The user attributes.
:return: the ``settings.CAS_TEST_ATTRIBUTES`` :class:`dict` if
:attr:`username<AuthUser.username>` is valid, an empty :class:`dict` otherwise.
:rtype: dict
"""
if
self
.
username
==
settings
.
CAS_TEST_USER
:
return
settings
.
CAS_TEST_ATTRIBUTES
else
:
return
{}
class
MysqlAuthUser
(
AuthUser
):
# pragma: no cover
"""A mysql auth class: authentication user agains a mysql database"""
"""
A mysql authentication class: authentication user agains a mysql database
:param unicode username: A username, stored in the :attr:`username<AuthUser.username>`
class attribute. Valid value are fetched from the MySQL database set with
``settings.CAS_SQL_*`` settings parameters using the query
``settings.CAS_SQL_USER_QUERY``.
"""
#: Mysql user attributes as a :class:`dict` if the username is found in the database.
user
=
None
def
__init__
(
self
,
username
):
# see the connect function at
# http://mysql-python.sourceforge.net/MySQLdb.html#functions-and-attributes
# for possible mysql config parameters.
mysql_config
=
{
"user"
:
settings
.
CAS_SQL_USERNAME
,
"passwd"
:
settings
.
CAS_SQL_PASSWORD
,
...
...
@@ -94,7 +151,14 @@ class MysqlAuthUser(AuthUser): # pragma: no cover
super
(
MysqlAuthUser
,
self
).
__init__
(
username
)
def
test_password
(
self
,
password
):
"""test `password` agains the user"""
"""
Tests ``password`` agains the user password.
:param unicode password: a clear text password as submited by the user.
:return: ``True`` if :attr:`username<AuthUser.username>` is valid and ``password`` is
correct, ``False`` otherwise.
:rtype: bool
"""
if
self
.
user
:
return
check_password
(
settings
.
CAS_SQL_PASSWORD_CHECK
,
...
...
@@ -106,7 +170,14 @@ class MysqlAuthUser(AuthUser): # pragma: no cover
return
False
def
attributs
(
self
):
"""return a dict of user attributes"""
"""
The user attributes.
:return: a :class:`dict` with the user attributes. Attributes may be :func:`unicode`
or :class:`list` of :func:`unicode`. If the user do not exists, the returned
:class:`dict` is empty.
:rtype: dict
"""
if
self
.
user
:
return
self
.
user
else
:
...
...
@@ -114,7 +185,14 @@ class MysqlAuthUser(AuthUser): # pragma: no cover
class
DjangoAuthUser
(
AuthUser
):
# pragma: no cover
"""A django auth class: authenticate user agains django internal users"""
"""
A django auth class: authenticate user agains django internal users
:param unicode username: A username, stored in the :attr:`username<AuthUser.username>`
class attribute. Valid value are usernames of django internal users.
"""
#: a django user object if the username is found. The user model is retreived
#: using :func:`django.contrib.auth.get_user_model`.
user
=
None
def
__init__
(
self
,
username
):
...
...
@@ -126,14 +204,27 @@ class DjangoAuthUser(AuthUser): # pragma: no cover
super
(
DjangoAuthUser
,
self
).
__init__
(
username
)
def
test_password
(
self
,
password
):
"""test `password` agains the user"""
"""
Tests ``password`` agains the user password.
:param unicode password: a clear text password as submited by the user.
:return: ``True`` if :attr:`user` is valid and ``password`` is
correct, ``False`` otherwise.
:rtype: bool
"""
if
self
.
user
:
return
self
.
user
.
check_password
(
password
)
else
:
return
False
def
attributs
(
self
):
"""return a dict of user attributes"""
"""
The user attributes, defined as the fields on the :attr:`user` object.
:return: a :class:`dict` with the :attr:`user` object fields. Attributes may be
If the user do not exists, the returned :class:`dict` is empty.
:rtype: dict
"""
if
self
.
user
:
attr
=
{}
for
field
in
self
.
user
.
_meta
.
fields
:
...
...
@@ -144,7 +235,16 @@ class DjangoAuthUser(AuthUser): # pragma: no cover
class
CASFederateAuth
(
AuthUser
):
"""Authentication class used then CAS_FEDERATE is True"""
"""
Authentication class used then CAS_FEDERATE is True
:param unicode username: A username, stored in the :attr:`username<AuthUser.username>`
class attribute. Valid value are usernames of
:class:`FederatedUser<cas_server.models.FederatedUser>` object.
:class:`FederatedUser<cas_server.models.FederatedUser>` object are created on CAS
backends successful ticket validation.
"""
#: a :class`FederatedUser<cas_server.models.FederatedUser>` object if ``username`` is found.
user
=
None
def
__init__
(
self
,
username
):
...
...
@@ -157,7 +257,17 @@ class CASFederateAuth(AuthUser):
super
(
CASFederateAuth
,
self
).
__init__
(
username
)
def
test_password
(
self
,
ticket
):
"""test `password` agains the user"""
"""
Tests ``password`` agains the user password.
:param unicode password: The CAS tickets just used to validate the user authentication
against its CAS backend.
:return: ``True`` if :attr:`user` is valid and ``password`` is
a ticket validated less than ``settings.CAS_TICKET_VALIDITY`` secondes and has not
being previously used for authenticated this
:class:`FederatedUser<cas_server.models.FederatedUser>`. ``False`` otherwise.
:rtype: bool
"""
if
not
self
.
user
or
not
self
.
user
.
ticket
:
return
False
else
:
...
...
@@ -168,7 +278,13 @@ class CASFederateAuth(AuthUser):
)
def
attributs
(
self
):
"""return a dict of user attributes"""
"""
The user attributes, as returned by the CAS backend.
:return: :obj:`FederatedUser.attributs<cas_server.models.FederatedUser.attributs>`.
If the user do not exists, the returned :class:`dict` is empty.
:rtype: dict
"""
if
not
self
.
user
:
# pragma: no cover (should not happen)
return
{}
else
:
...
...
cas_server/federate.py
View file @
cec0cadb
...
...
@@ -10,25 +10,32 @@
#
# (c) 2016 Valentin Samir
"""federated mode helper classes"""
from
.default_settings
import
settings
from
.default_settings
import
SessionStore
from
django.db
import
IntegrityError
from
.cas
import
CASClient
from
.models
import
FederatedUser
,
FederateSLO
,
User
import
logging
from
importlib
import
import_module
from
six.moves
import
urllib
SessionStore
=
import_module
(
settings
.
SESSION_ENGINE
).
SessionStore
#: logger facility
logger
=
logging
.
getLogger
(
__name__
)
class
CASFederateValidateUser
(
object
):
"""Class CAS client used to authenticate the user again a CAS provider"""
"""
Class CAS client used to authenticate the user again a CAS provider
:param cas_server.models.FederatedIendityProvider provider: The provider to use for
authenticate the user.
:param unicode service_url: The service url to transmit to the ``provider``.
"""
#: the provider returned username
username
=
None
#: the provider returned attributes
attributs
=
{}
#: the CAS client instance
client
=
None
def
__init__
(
self
,
provider
,
service_url
):
...
...
@@ -41,15 +48,31 @@ class CASFederateValidateUser(object):
)
def
get_login_url
(
self
):
"""return the CAS provider login url"""
"""
:return: the CAS provider login url
:rtype: unicode
"""
return
self
.
client
.
get_login_url
()
def
get_logout_url
(
self
,
redirect_url
=
None
):
"""return the CAS provider logout url"""
"""
:param redirect_url: The url to redirect to after logout from the provider, if provided.
:type redirect_url: :obj:`unicode` or :obj:`NoneType<types.NoneType>`
:return: the CAS provider logout url
:rtype: unicode
"""
return
self
.
client
.
get_logout_url
(
redirect_url
)
def
verify_ticket
(
self
,
ticket
):
"""test `ticket` agains the CAS provider, if valid, create the local federated user"""
"""
test ``ticket`` agains the CAS provider, if valid, create a
:class:`FederatedUser<cas_server.models.FederatedUser>` matching provider returned
username and attributes.
:param unicode ticket: The ticket to validate against the provider CAS
:return: ``True`` if the validation succeed, else ``False``.
:rtype: bool
"""
try
:
username
,
attributs
=
self
.
client
.
verify_ticket
(
ticket
)[:
2
]
except
urllib
.
error
.
URLError
:
...
...
@@ -73,7 +96,15 @@ class CASFederateValidateUser(object):
@
staticmethod
def
register_slo
(
username
,
session_key
,
ticket
):
"""association a ticket with a (username, session) for processing later SLO request"""
"""
association a ``ticket`` with a (``username``, ``session_key``) for processing later SLO
request by creating a :class:`cas_server.models.FederateSLO` object.
:param unicode username: A logged user username, with the ``@`` component.
:param unicode session_key: A logged user session_key matching ``username``.
:param unicode ticket: A ticket used to authentication ``username`` for the session
``session_key``.
"""
try
:
FederateSLO
.
objects
.
create
(
username
=
username
,
...
...
@@ -84,7 +115,14 @@ class CASFederateValidateUser(object):
pass
def
clean_sessions
(
self
,
logout_request
):
"""process a SLO request"""
"""
process a SLO request: Search for ticket values in ``logout_request``. For each
ticket value matching a :class:`cas_server.models.FederateSLO`, disconnect the
corresponding user.
:param unicode logout_request: An XML document contening one or more Single Log Out
requests.
"""
try
:
slos
=
self
.
client
.
get_saml_slos
(
logout_request
)
or
[]
except
NameError
:
# pragma: no cover (should not happen)
...
...
cas_server/forms.py
View file @
cec0cadb
...
...
@@ -19,20 +19,33 @@ import cas_server.models as models
class
WarnForm
(
forms
.
Form
):
"""Form used on warn page before emiting a ticket"""
"""
Bases: :class:`django.forms.Form`
Form used on warn page before emiting a ticket
"""
#: The service url for which the user want a ticket
service
=
forms
.
CharField
(
widget
=
forms
.
HiddenInput
(),
required
=
False
)
#: Is the service asking the authentication renewal ?
renew
=
forms
.
BooleanField
(
widget
=
forms
.
HiddenInput
(),
required
=
False
)
#: Url to redirect to if the authentication fail (user not authenticated or bad service)
gateway
=
forms
.
CharField
(
widget
=
forms
.
HiddenInput
(),
required
=
False
)
method
=
forms
.
CharField
(
widget
=
forms
.
HiddenInput
(),
required
=
False
)
#: ``True`` if the user has been warned of the ticket emission
warned
=
forms
.
BooleanField
(
widget
=
forms
.
HiddenInput
(),
required
=
False
)
#: A valid LoginTicket to prevent POST replay
lt
=
forms
.
CharField
(
widget
=
forms
.
HiddenInput
(),
required
=
False
)
class
FederateSelect
(
forms
.
Form
):
"""
Form used on the login page when CAS_FEDERATE is True
allowing the user to choose a identity provider.
Bases: :class:`django.forms.Form`
Form used on the login page when ``settings.CAS_FEDERATE`` is ``True``
allowing the user to choose an identity provider.
"""
#: The providers the user can choose to be used as authentication backend
provider
=
forms
.
ModelChoiceField
(
queryset
=
models
.
FederatedIendityProvider
.
objects
.
filter
(
display
=
True
).
order_by
(
"pos"
,
...
...
@@ -42,27 +55,49 @@ class FederateSelect(forms.Form):
to_field_name
=
"suffix"
,
label
=
_
(
'Identity provider'
),
)
#: The service url for which the user want a ticket
service
=
forms
.
CharField
(
label
=
_
(
'service'
),
widget
=
forms
.
HiddenInput
(),
required
=
False
)
method
=
forms
.
CharField
(
widget
=
forms
.
HiddenInput
(),
required
=
False
)
#: A checkbox to remember the user choices of :attr:`provider<FederateSelect.provider>`
remember
=
forms
.
BooleanField
(
label
=
_
(
'Remember the identity provider'
),
required
=
False
)
#: A checkbox to ask to be warn before emiting a ticket for another service
warn
=
forms
.
BooleanField
(
label
=
_
(
'warn'
),
required
=
False
)
#: Is the service asking the authentication renewal ?
renew
=
forms
.
BooleanField
(
widget
=
forms
.
HiddenInput
(),
required
=
False
)
class
UserCredential
(
forms
.
Form
):
"""Form used on the login page to retrive user credentials"""
"""
Bases: :class:`django.forms.Form`
Form used on the login page to retrive user credentials
"""
#: The user username
username
=
forms
.
CharField
(
label
=
_
(
'login'
))
#: The service url for which the user want a ticket
service
=
forms
.
CharField
(
label
=
_
(
'service'
),
widget
=
forms