From: Alex Kamedov Date: Sun, 24 Apr 2011 16:38:23 +0000 (+0600) Subject: check service in service ticket validation X-Git-Tag: 22.4~32^2~19^2~2 X-Git-Url: https://git.mdrn.pl/django-cas-provider.git/commitdiff_plain/7c5c426f894736e93a31c32ed8b95600488d2919?ds=inline;hp=-c check service in service ticket validation --- 7c5c426f894736e93a31c32ed8b95600488d2919 diff --git a/README.rst b/README.rst index bc2874d..1efabfe 100644 --- a/README.rst +++ b/README.rst @@ -40,7 +40,6 @@ SETTINGS ========= CAS_TICKET_EXPIRATION - minutes to tickets expiration (default is 5 minutes) -CAS_CHECK_SERVICE - check if ticket service is equal with service GET argument PROTOCOL DOCUMENTATION ===================== diff --git a/cas_provider/__init__.py b/cas_provider/__init__.py index 91b3b2c..2ce1450 100644 --- a/cas_provider/__init__.py +++ b/cas_provider/__init__.py @@ -4,7 +4,6 @@ __all__ = [] _DEFAULTS = { 'CAS_TICKET_EXPIRATION': 5, # In minutes - 'CAS_CHECK_SERVICE': False, } for key, value in _DEFAULTS.iteritems(): diff --git a/cas_provider/views.py b/cas_provider/views.py index 32ed6e9..9472686 100644 --- a/cas_provider/views.py +++ b/cas_provider/views.py @@ -70,6 +70,7 @@ def validate(request): # TODO: check user SSO session try: ticket = ServiceTicket.objects.get(ticket=ticket_string) + assert ticket.service == service username = ticket.user.username ticket.delete() return HttpResponse("yes\n%s\n" % username) @@ -97,7 +98,7 @@ def service_validate(request): except ServiceTicket.DoesNotExist: return _cas2_error_response(INVALID_TICKET) - if settings.CAS_CHECK_SERVICE and ticket.service != service: + if ticket.service != service: ticket.delete() return _cas2_error_response(INVALID_SERVICE)