Fix SAML POST error in python 3

CHANGES

@@ -1,3 +1,8 @@
+1.0.1
+==================
+
+* Fixed a CAS post error in python 3
+
 1.0.0 (2017-04-07)
 ==================
 

djangowind/auth.py

@@ -3,6 +3,7 @@
 from django.conf import settings
 from django.contrib.auth.models import User, Group
 from django.core.exceptions import ImproperlyConfigured
+from django.utils.encoding import smart_bytes
 from warnings import warn
 from django_statsd.clients import statsd
 from xml.dom.minidom import parseString
@@ -102,18 +103,18 @@ def validate_cas2_ticket(ticketid, url):
 
 
 def get_saml_assertion(ticket):
-    return (
-        """<?xml version="1.0" encoding="UTF-8"?>"""
-        """<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://"""
-        """schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV"""
-        """:Header/><SOAP-ENV:Body><samlp:Request xmlns:"""
-        """samlp="urn:oasis:names:tc:SAML:1.0:protocol"  """
-        """MajorVersion="1" MinorVersion="1" """
-        """RequestID="_192.168.16.51.1024506224022" """
-        """IssueInstant="2002-06-19T17:03:44.022Z">"""
-        """<samlp:AssertionArtifact>""" + ticket
-        + """</samlp:AssertionArtifact></samlp:Request>"""
-        """</SOAP-ENV:Body></SOAP-ENV:Envelope>""")
+    return smart_bytes(
+        '<?xml version="1.0" encoding="UTF-8"?>'
+        '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://'
+        'schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV'
+        ':Header/><SOAP-ENV:Body><samlp:Request xmlns:'
+        'samlp="urn:oasis:names:tc:SAML:1.0:protocol"  '
+        'MajorVersion="1" MinorVersion="1" '
+        'RequestID="_192.168.16.51.1024506224022" '
+        'IssueInstant="2002-06-19T17:03:44.022Z">'
+        '<samlp:AssertionArtifact>' + ticket +
+        '</samlp:AssertionArtifact></samlp:Request>'
+        '</SOAP-ENV:Body></SOAP-ENV:Envelope>')
 
 
 SAML_1_0_NS = 'urn:oasis:names:tc:SAML:1.0:'
@@ -141,7 +142,7 @@ def validate_saml_ticket(ticketid, url):
         'connection': 'keep-alive',
         'content-type': 'text/xml'}
     params = {'TARGET': url}
-    uri = cas_base + "cas/samlValidate" + '?' + urlencode(params)
+    uri = '{}cas/samlValidate?{}'.format(cas_base, urlencode(params))
     request = Request(uri, '', headers)
     data = get_saml_assertion(ticketid)
     request.data = data

djangowind/tests/test_auth.py

@@ -1,5 +1,25 @@
 from __future__ import unicode_literals
 
+try:
+    from urllib.error import URLError
+except ImportError:
+    from urllib2 import URLError
+
+try:
+    from urllib.request import Request
+except ImportError:
+    from urllib2 import Request
+
+try:
+    from urllib.request import urlopen
+except ImportError:
+    from urllib2 import urlopen
+
+try:
+    from urllib.parse import urlencode
+except ImportError:
+    from urllib import urlencode
+
 try:
     from http.client import HTTPResponse
 except ImportError:
@@ -12,6 +32,7 @@
 
 from django.test import TestCase
 from djangowind.auth import (
+    get_saml_assertion,
     validate_cas2_ticket, BaseAuthBackend,
     CAS2AuthBackend, validate_saml_ticket, SAMLAuthBackend,
     AffilGroupMapper, StaffMapper, SuperuserMapper,
@@ -312,6 +333,36 @@ def tr_affils():
     return open_affils("tr_affils.txt")
 
 
+class GetSAMLAssertionTest(TestCase):
+    def test_can_post_data(self):
+        cas_base = 'https://example.com'
+        url = 'https://example.com/abc'
+        headers = {
+            'soapaction': 'http://www.oasis-open.org/committees/security',
+            'cache-control': 'no-cache',
+            'pragma': 'no-cache',
+            'accept': 'text/xml',
+            'connection': 'keep-alive',
+            'content-type': 'text/xml'
+        }
+        params = {'TARGET': url}
+        uri = '{}cas/samlValidate?{}'.format(cas_base, urlencode(params))
+        request = Request(uri, '', headers)
+        request.data = get_saml_assertion('ticket')
+        try:
+            urlopen(request)
+        except URLError:
+            # As long as this isn't a TypeError, and the url request
+            # was actually made, then we can assert that
+            # get_saml_assertion() is good. This is to prevent an
+            # issue introduced since Python 3:
+            #
+            #  POST data should be bytes or an iterable of bytes. It
+            #  cannot be of type str.
+            #
+            pass
+
+
 @patch('djangowind.auth.urlopen')
 class ValidateSAMLTicketTest(TestCase):
     def setUp(self):