Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Chris Williams
committed
Mar 19, 2009
0 parents
commit feebe4f
Showing
14 changed files
with
214 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
Copyright (c) 2009, Chris Williams | ||
All rights reserved. | ||
|
||
Redistribution and use in source and binary forms, with or without | ||
modification, are permitted provided that the following conditions are | ||
met: | ||
|
||
* Redistributions of source code must retain the above copyright | ||
notice, this list of conditions and the following disclaimer. | ||
* Redistributions in binary form must reproduce the above | ||
copyright notice, this list of conditions and the following | ||
disclaimer in the documentation and/or other materials provided | ||
with the distribution. | ||
* Neither the name of the author nor the names of other | ||
contributors may be used to endorse or promote products derived | ||
from this software without specific prior written permission. | ||
|
||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | ||
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | ||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | ||
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | ||
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | ||
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | ||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
=================== | ||
django-cas-provider | ||
=================== | ||
|
||
--------------------------------- | ||
Chris Williams <chris@nitron.org> | ||
--------------------------------- | ||
|
||
OVERVIEW | ||
========= | ||
|
||
django-cas-provider is a provider for the `Central Authentication | ||
Service <http://jasig.org/cas>`_. It supports CAS version 1.0. It allows | ||
remote services to authenticate users for the purposes of | ||
`Single Sign-On (SSO) <http://en.wikipedia.org/wiki/Single_Sign_On>`_. For | ||
example, a user logs into a CAS server (provided by django-cas-provider) and | ||
can then access other services (such as email, calendar, etc) without | ||
re-entering her password for each service. For more details, see the | ||
`CAS wiki <http://www.ja-sig.org/wiki/display/CAS/Home>`_. | ||
|
||
INSTALLATION | ||
============= | ||
|
||
To install, run the following command from this directory: | ||
|
||
``python setup.py install`` | ||
|
||
Or, put cas_provider somewhere on your Python path. | ||
|
||
USAGE | ||
====== | ||
|
||
#. Add ``'cas_provider'`` to your ``INSTALLED_APPS`` tuple in *settings.py*. | ||
#. In *settings.py*, set ``LOGIN_URL`` to ``'/cas/login/'`` and ``LOGOUT_URL`` to ``'/cas/logout/'`` | ||
#. In *urls.py*, put the following line: ``(r'^cas/', include('cas_provider.urls')),`` | ||
#. Create login/logout templates (or modify the samples) | ||
|
||
LIMITATIONS | ||
=========== | ||
|
||
#. ``'renew'`` and ``'gateway'`` are not yet implemented (See CAS 1.0 spec). | ||
#. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
from django.conf import settings | ||
|
||
__all__ = [] | ||
|
||
_DEFAULTS = { | ||
'CAS_SERVICE': 'http://127.0.0.1/cas/login/', | ||
'CAS_BASE': 'http://127.0.0.2/cas/', | ||
'CAS_NEXT_DEFAULT': '/', | ||
'CAS_COMPLETELY_LOGOUT': True, | ||
} | ||
|
||
for key, value in _DEFAULTS.iteritems(): | ||
try: | ||
getattr(settings, key) | ||
except AttributeError: | ||
setattr(settings, key, value) | ||
except ImportError: | ||
pass |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
from urllib import urlencode, urlopen | ||
from urlparse import urljoin | ||
|
||
from django.conf import settings | ||
|
||
from django.contrib.auth.models import User | ||
|
||
__all__ = ['CASBackend'] | ||
|
||
service = settings.CAS_SERVICE | ||
cas_base = settings.CAS_BASE | ||
cas_login = cas_base + 'login/' | ||
cas_validate = cas_base + 'validate/' | ||
cas_logout = cas_base + 'logout/' | ||
cas_next_default = settings.CAS_NEXT_DEFAULT | ||
cas_profile = settings.CAS_PROFILE | ||
cas_register = settings.CAS_REGISTER | ||
|
||
def _verify_cas1(ticket, service): | ||
"""Verifies CAS 1.0 authentication ticket. | ||
Returns username on success and None on failure. | ||
""" | ||
params = {'ticket': ticket, 'service': service} | ||
url = cas_validate + '?' + urlencode(params) | ||
page = urlopen(url) | ||
try: | ||
verified = page.readline().strip() | ||
if verified == 'yes': | ||
return page.readline().strip() | ||
else: | ||
return None | ||
finally: | ||
page.close() | ||
|
||
class CASBackend(object): | ||
"""CAS authentication backend""" | ||
|
||
def authenticate(self, ticket, service): | ||
"""Verifies CAS ticket and gets or creates User object""" | ||
|
||
username = _verify_cas1(ticket, service) | ||
if not username: | ||
return None | ||
try: | ||
user = User.objects.get(username=username) | ||
except User.DoesNotExist: | ||
# user will have an "unusable" password | ||
user = User.objects.create_user(username, '') | ||
user.save() | ||
return user | ||
|
||
def get_user(self, user_id): | ||
"""Retrieve the user's entry in the User model if it exists""" | ||
try: | ||
return User.objects.get(pk=user_id) | ||
except User.DoesNotExist: | ||
return None |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
from django import forms | ||
|
||
# place form definition here |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
from django.db import models | ||
|
||
# Create your models here. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
from django.conf.urls.defaults import * | ||
|
||
from views import * | ||
|
||
urlpatterns = patterns('', | ||
(r'^login/', login), | ||
(r'^logout/', logout), | ||
) |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
from django.http import HttpResponse, HttpResponseForbidden, HttpResponseRedirect | ||
from django.shortcuts import get_object_or_404, render_to_response, get_list_or_404 | ||
from django.contrib.auth.decorators import login_required | ||
from django.core.urlresolvers import reverse | ||
from django.core.exceptions import SuspiciousOperation | ||
from django.template import RequestContext | ||
from django.contrib.auth.models import User | ||
from django.contrib.auth import authenticate | ||
from django.contrib.auth import login as auth_login, logout as auth_logout | ||
from django.conf import settings | ||
|
||
__all__ = ['login', 'profile', 'register', 'logout',] | ||
|
||
service = settings.CAS_SERVICE | ||
cas_base = settings.CAS_BASE | ||
cas_login = cas_base + 'login/' | ||
cas_validate = cas_base + 'validate/' | ||
cas_logout = cas_base + 'logout/' | ||
cas_next_default = settings.CAS_NEXT_DEFAULT | ||
|
||
def login(request): | ||
ticket = request.GET.get('ticket', None) | ||
next = request.GET.get('next_page', cas_next_default) | ||
if ticket is None: | ||
return HttpResponseRedirect('%s?service=%s' % (cas_login, service)) | ||
user = authenticate(service=service, ticket=ticket) | ||
if user is not None: | ||
auth_login(request, user) | ||
name = user.first_name or user.username | ||
message ="Login succeeded. Welcome, %s." % name | ||
user.message_set.create(message=message) | ||
return HttpResponseRedirect(cas_next_default) | ||
else: | ||
return HttpResponseForbidden("Error authenticating with CAS") | ||
|
||
def logout(request, next_page=None): | ||
auth_logout(request) | ||
if settings.CAS_COMPLETELY_LOGOUT: | ||
return HttpResponseRedirect('%s?url=%s' % (cas_logout, 'http://127.0.0.1')) | ||
return HttpResponseRedirect('/') |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
|
||
from setuptools import setup, find_packages | ||
|
||
setup( | ||
name='django-cas-consumer', | ||
version='0.1dev', | ||
description='A "consumer" for the Central Authentication Service (http://jasig.org/cas)', | ||
author='Chris Williams', | ||
author_email='chris@nitron.org', | ||
url='http://nitron.org/', | ||
packages=find_packages(), | ||
zip_safe=False, | ||
install_requires=['setuptools'], | ||
) |