Commit aae3a018 authored by Valentin Samir's avatar Valentin Samir

Factorize froms.py

parent 2298b94f
...@@ -19,7 +19,11 @@ import cas_server.models as models ...@@ -19,7 +19,11 @@ import cas_server.models as models
class BootsrapForm(forms.Form): class BootsrapForm(forms.Form):
"""Form base class to use boostrap then rendering the form fields""" """
Bases: :class:`django.forms.Form`
Form base class to use boostrap then rendering the form fields
"""
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
super(BootsrapForm, self).__init__(*args, **kwargs) super(BootsrapForm, self).__init__(*args, **kwargs)
for (name, field) in self.fields.items(): for (name, field) in self.fields.items():
...@@ -39,29 +43,36 @@ class BootsrapForm(forms.Form): ...@@ -39,29 +43,36 @@ class BootsrapForm(forms.Form):
field.widget.attrs.update(attrs) field.widget.attrs.update(attrs)
class WarnForm(BootsrapForm): class BaseLogin(BootsrapForm):
""" """
Bases: :class:`django.forms.Form` Bases: :class:`BootsrapForm`
Form used on warn page before emiting a ticket Base form with all field possibly hidden on the login pages
""" """
#: The service url for which the user want a ticket #: The service url for which the user want a ticket
service = forms.CharField(widget=forms.HiddenInput(), required=False) service = forms.CharField(widget=forms.HiddenInput(), required=False)
#: A valid LoginTicket to prevent POST replay
lt = forms.CharField(widget=forms.HiddenInput(), required=False)
#: Is the service asking the authentication renewal ? #: Is the service asking the authentication renewal ?
renew = forms.BooleanField(widget=forms.HiddenInput(), required=False) renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)
#: Url to redirect to if the authentication fail (user not authenticated or bad service) #: Url to redirect to if the authentication fail (user not authenticated or bad service)
gateway = forms.CharField(widget=forms.HiddenInput(), required=False) gateway = forms.CharField(widget=forms.HiddenInput(), required=False)
method = forms.CharField(widget=forms.HiddenInput(), required=False) method = forms.CharField(widget=forms.HiddenInput(), required=False)
class WarnForm(BaseLogin):
"""
Bases: :class:`BaseLogin`
Form used on warn page before emiting a ticket
"""
#: ``True`` if the user has been warned of the ticket emission #: ``True`` if the user has been warned of the ticket emission
warned = forms.BooleanField(widget=forms.HiddenInput(), required=False) warned = forms.BooleanField(widget=forms.HiddenInput(), required=False)
#: A valid LoginTicket to prevent POST replay
lt = forms.CharField(widget=forms.HiddenInput(), required=False)
class FederateSelect(BootsrapForm): class FederateSelect(BaseLogin):
""" """
Bases: :class:`django.forms.Form` Bases: :class:`BaseLogin`
Form used on the login page when ``settings.CAS_FEDERATE`` is ``True`` Form used on the login page when ``settings.CAS_FEDERATE`` is ``True``
allowing the user to choose an identity provider. allowing the user to choose an identity provider.
...@@ -76,9 +87,6 @@ class FederateSelect(BootsrapForm): ...@@ -76,9 +87,6 @@ class FederateSelect(BootsrapForm):
to_field_name="suffix", to_field_name="suffix",
label=_('Identity provider'), label=_('Identity provider'),
) )
#: The service url for which the user want a ticket
service = forms.CharField(label=_('service'), widget=forms.HiddenInput(), required=False)
method = forms.CharField(widget=forms.HiddenInput(), required=False)
#: A checkbox to remember the user choices of :attr:`provider<FederateSelect.provider>` #: A checkbox to remember the user choices of :attr:`provider<FederateSelect.provider>`
remember = forms.BooleanField(label=_('Remember the identity provider'), required=False) remember = forms.BooleanField(label=_('Remember the identity provider'), required=False)
#: A checkbox to ask to be warn before emiting a ticket for another service #: A checkbox to ask to be warn before emiting a ticket for another service
...@@ -86,35 +94,23 @@ class FederateSelect(BootsrapForm): ...@@ -86,35 +94,23 @@ class FederateSelect(BootsrapForm):
label=_('Warn me before logging me into other sites.'), label=_('Warn me before logging me into other sites.'),
required=False required=False
) )
#: Is the service asking the authentication renewal ?
renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)
class UserCredential(BootsrapForm): class UserCredential(BaseLogin):
""" """
Bases: :class:`django.forms.Form` Bases: :class:`BaseLogin`
Form used on the login page to retrive user credentials Form used on the login page to retrive user credentials
""" """
#: The user username #: The user username
username = forms.CharField(label=_('username')) username = forms.CharField(label=_('username'))
#: The service url for which the user want a ticket
service = forms.CharField(label=_('service'), widget=forms.HiddenInput(), required=False)
#: The user password #: The user password
password = forms.CharField(label=_('password'), widget=forms.PasswordInput) password = forms.CharField(label=_('password'), widget=forms.PasswordInput)
#: A valid LoginTicket to prevent POST replay
lt = forms.CharField(widget=forms.HiddenInput(), required=False)
method = forms.CharField(widget=forms.HiddenInput(), required=False)
#: A checkbox to ask to be warn before emiting a ticket for another service #: A checkbox to ask to be warn before emiting a ticket for another service
warn = forms.BooleanField( warn = forms.BooleanField(
label=_('Warn me before logging me into other sites.'), label=_('Warn me before logging me into other sites.'),
required=False required=False
) )
#: Is the service asking the authentication renewal ?
renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)
def __init__(self, *args, **kwargs):
super(UserCredential, self).__init__(*args, **kwargs)
def clean(self): def clean(self):
""" """
...@@ -138,7 +134,7 @@ class UserCredential(BootsrapForm): ...@@ -138,7 +134,7 @@ class UserCredential(BootsrapForm):
class FederateUserCredential(UserCredential): class FederateUserCredential(UserCredential):
""" """
Bases: :class:`UserCredential` Bases: :class:`BaseLogin`, :class:`UserCredential`
Form used on a auto submited page for linking the views Form used on a auto submited page for linking the views
:class:`FederateAuth<cas_server.views.FederateAuth>` and :class:`FederateAuth<cas_server.views.FederateAuth>` and
...@@ -156,21 +152,13 @@ class FederateUserCredential(UserCredential): ...@@ -156,21 +152,13 @@ class FederateUserCredential(UserCredential):
This stub authentication form, allow to implement the federated mode with very few This stub authentication form, allow to implement the federated mode with very few
modificatons to the :class:`LoginView<cas_server.views.LoginView>` view. modificatons to the :class:`LoginView<cas_server.views.LoginView>` view.
""" """
#: the user username with the ``@`` component
username = forms.CharField(widget=forms.HiddenInput()) def __init__(self, *args, **kwargs):
#: The service url for which the user want a ticket super(FederateUserCredential, self).__init__(*args, **kwargs)
service = forms.CharField(widget=forms.HiddenInput(), required=False) # All fields are hidden and auto filled by the /login view logic
#: The ``ticket`` used to authenticate the user against a provider for name, field in self.fields.items():
password = forms.CharField(widget=forms.HiddenInput()) field.widget = forms.HiddenInput()
#: alias of :attr:`password` self[name].display = False
ticket = forms.CharField(widget=forms.HiddenInput())
#: A valid LoginTicket to prevent POST replay
lt = forms.CharField(widget=forms.HiddenInput(), required=False)
method = forms.CharField(widget=forms.HiddenInput(), required=False)
#: Has the user asked to be warn before emiting a ticket for another service
warn = forms.BooleanField(widget=forms.HiddenInput(), required=False)
#: Is the service asking the authentication renewal ?
renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)
def clean(self): def clean(self):
""" """
......
...@@ -88,16 +88,10 @@ class FederateAuthLoginLogoutTestCase( ...@@ -88,16 +88,10 @@ class FederateAuthLoginLogoutTestCase(
response = client.post('/federate', params) response = client.post('/federate', params)
# we are redirected to the provider CAS client url # we are redirected to the provider CAS client url
self.assertEqual(response.status_code, 302) self.assertEqual(response.status_code, 302)
if remember: self.assertEqual(response["Location"], '%s/federate/%s' % (
self.assertEqual(response["Location"], '%s/federate/%s?remember=on' % ( 'http://testserver' if django.VERSION < (1, 9) else "",
'http://testserver' if django.VERSION < (1, 9) else "", provider.suffix
provider.suffix ))
))
else:
self.assertEqual(response["Location"], '%s/federate/%s' % (
'http://testserver' if django.VERSION < (1, 9) else "",
provider.suffix
))
# let's follow the redirect # let's follow the redirect
response = client.get('/federate/%s' % provider.suffix) response = client.get('/federate/%s' % provider.suffix)
# we are redirected to the provider CAS for authentication # we are redirected to the provider CAS for authentication
......
...@@ -264,8 +264,10 @@ class FederateAuth(View): ...@@ -264,8 +264,10 @@ class FederateAuth(View):
if form.is_valid(): if form.is_valid():
params = utils.copy_params( params = utils.copy_params(
request.POST, request.POST,
ignore={"provider", "csrfmiddlewaretoken", "ticket"} ignore={"provider", "csrfmiddlewaretoken", "ticket", "lt", "remember"}
) )
if params.get("renew") == "False":
del params["renew"]
url = utils.reverse_params( url = utils.reverse_params(
"cas_server:federateAuth", "cas_server:federateAuth",
kwargs=dict(provider=form.cleaned_data["provider"].suffix), kwargs=dict(provider=form.cleaned_data["provider"].suffix),
...@@ -425,7 +427,8 @@ class LoginView(View, LogoutMixin): ...@@ -425,7 +427,8 @@ class LoginView(View, LogoutMixin):
self.warn = request.POST.get('warn') self.warn = request.POST.get('warn')
if settings.CAS_FEDERATE: if settings.CAS_FEDERATE:
self.username = request.POST.get('username') self.username = request.POST.get('username')
self.ticket = request.POST.get('ticket') # in federated mode, the valdated indentity provider CAS ticket is used as password
self.ticket = request.POST.get('password')
def gen_lt(self): def gen_lt(self):
"""Generate a new LoginTicket and add it to the list of valid LT for the user""" """Generate a new LoginTicket and add it to the list of valid LT for the user"""
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment