Commit a4ff5c3d authored by Valentin Samir's avatar Valentin Samir

Extended validity for PGT

parent 8fe17381
......@@ -33,7 +33,8 @@ setting_default('CAS_PT_LEN', settings.CAS_TICKET_LEN)
setting_default('CAS_PGT_LEN', settings.CAS_TICKET_LEN)
setting_default('CAS_PGTIOU_LEN', settings.CAS_TICKET_LEN)
setting_default('CAS_TICKET_VALIDITY', 300)
setting_default('CAS_TICKET_VALIDITY', 60)
setting_default('CAS_PGT_VALIDITY', 3600)
setting_default('CAS_TICKET_TIMEOUT', 24*3600)
setting_default('CAS_PROXY_CA_CERTIFICATE_PATH', True)
setting_default('CAS_REDIRECT_TO_LOGIN_AFTER_LOGOUT', False)
......
......@@ -292,6 +292,9 @@ class Ticket(models.Model):
renew = models.BooleanField(default=False)
single_log_out = models.BooleanField(default=False)
VALIDITY = settings.CAS_TICKET_VALIDITY
TIMEOUT = settings.CAS_TICKET_TIMEOUT
def __unicode__(self):
return u"Ticket(%s, %s)" % (self.user, self.service)
......@@ -304,19 +307,18 @@ class Ticket(models.Model):
Q(single_log_out=False)&Q(validate=True)
)|(
Q(validate=False)&\
Q(creation__lt=(timezone.now() - timedelta(seconds=settings.CAS_TICKET_VALIDITY)))
Q(creation__lt=(timezone.now() - timedelta(seconds=cls.VALIDITY)))
)
).delete()
# sending SLO to timed-out validated tickets
if settings.CAS_TICKET_TIMEOUT and \
settings.CAS_TICKET_TIMEOUT >= settings.CAS_TICKET_VALIDITY:
if cls.TIMEOUT and cls.TIMEOUT > 0:
async_list = []
session = FuturesSession(executor=ThreadPoolExecutor(max_workers=10))
queryset = cls.objects.filter(
single_log_out=True,
validate=True,
creation__lt=(timezone.now() - timedelta(seconds=settings.CAS_TICKET_TIMEOUT))
creation__lt=(timezone.now() - timedelta(seconds=cls.TIMEOUT))
)
for ticket in queryset:
async_list.append(ticket.logout(None, session))
......@@ -373,7 +375,10 @@ class ProxyTicket(Ticket):
class ProxyGrantingTicket(Ticket):
"""A Proxy Granting Ticket"""
PREFIX = settings.CAS_PROXY_GRANTING_TICKET_PREFIX
VALIDITY = settings.CAS_PGT_VALIDITY
value = models.CharField(max_length=255, default=utils.gen_pgt, unique=True)
def __unicode__(self):
return u"ProxyGrantingTicket(%s, %s, %s)" % (self.user, self.value, self.service)
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment