do not check targetService - that is totally wrong.
authorSebastian Annies <sebastian.annies@googlemail.com>
Mon, 17 Oct 2011 17:11:56 +0000 (19:11 +0200)
committerSebastian Annies <sebastian.annies@googlemail.com>
Mon, 17 Oct 2011 17:12:49 +0000 (19:12 +0200)
cas_provider/views.py

index 2f0386f..5b66681 100644 (file)
@@ -101,18 +101,13 @@ def logout(request, template_name='cas/logout.html',
 
 def proxy(request):
     targetService = request.GET['targetService']
 
 def proxy(request):
     targetService = request.GET['targetService']
-    pgtiou = request.GET['pgt']
+    pgt_id = request.GET['pgt']
 
     try:
 
     try:
-        proxyGrantingTicket = ProxyGrantingTicket.objects.get(pgtiou=pgtiou)
+        proxyGrantingTicket = ProxyGrantingTicket.objects.get(ticket=pgt_id)
     except ProxyGrantingTicket.DoesNotExist:
         return _cas2_error_response(INVALID_TICKET)
 
     except ProxyGrantingTicket.DoesNotExist:
         return _cas2_error_response(INVALID_TICKET)
 
-    if not proxyGrantingTicket.targetService == targetService:
-        return _cas2_error_response(INVALID_SERVICE,
-            "The PGT was issued for %(original)s but the PT was requested for %(but)s" % dict(
-                original=proxyGrantingTicket.targetService, but=targetService))
-
     pt = ProxyTicket.objects.create(proxyGrantingTicket=proxyGrantingTicket,
         user=proxyGrantingTicket.serviceTicket.user,
         service=targetService)
     pt = ProxyTicket.objects.create(proxyGrantingTicket=proxyGrantingTicket,
         user=proxyGrantingTicket.serviceTicket.user,
         service=targetService)