X-Git-Url: https://git.mdrn.pl/django-cas-provider.git/blobdiff_plain/cc61c5969227c2d49544997ebbf074541029400b..8c0324bfebcfa820c2f8d0955430cddedaa23e8a:/cas_provider/views.py?ds=sidebyside diff --git a/cas_provider/views.py b/cas_provider/views.py index 6fc19f6..0483a32 100644 --- a/cas_provider/views.py +++ b/cas_provider/views.py @@ -1,17 +1,15 @@ from django.http import HttpResponse, HttpResponseForbidden, HttpResponseRedirect -from django.shortcuts import get_object_or_404, render_to_response, get_list_or_404 -from django.core.urlresolvers import reverse -from django.core.exceptions import SuspiciousOperation +from django.shortcuts import render_to_response from django.template import RequestContext from django.contrib.auth.models import User from django.contrib.auth import authenticate from django.contrib.auth import login as auth_login, logout as auth_logout -from forms import LoginForm -from models import ServiceTicket, LoginTicket -from utils import create_service_ticket +from cas_provider.forms import LoginForm +from cas_provider.models import ServiceTicket, LoginTicket, auth_success_response +from cas_provider.utils import create_service_ticket -__all__ = ['login', 'validate', 'logout'] +__all__ = ['login', 'validate', 'service_validate', 'logout'] def login(request, template_name='cas/login.html', success_redirect='/accounts/'): service = request.GET.get('service', None) @@ -61,11 +59,32 @@ def validate(request): ticket = ServiceTicket.objects.get(ticket=ticket_string) username = ticket.user.username ticket.delete() - return HttpResponse("yes\n\r%s\n\r" % username) + return HttpResponse("yes\n%s\n" % username) except: pass - return HttpResponse("no\n\r\n\r") + return HttpResponse("no\n\n") + +def service_validate(request): + service = request.GET.get('service', None) + ticket_string = request.GET.get('ticket', None) + if service is None or ticket_string is None: + return HttpResponse(''' + + Not all required parameters were sent. + + ''', mimetype='text/xml') + try: + ticket = ServiceTicket.objects.get(ticket=ticket_string) + ticket.delete() + return HttpResponse(auth_success_response(ticket.user), mimetype='text/xml') + except ServiceTicket.DoesNotExist: + return HttpResponse(''' + + The provided ticket is invalid. + + ''', mimetype='text/xml') + def logout(request, template_name='cas/logout.html'): url = request.GET.get('url', None) auth_logout(request)