From: Sebastian Annies <sebastian.annies@googlemail.com>
Date: Mon, 17 Oct 2011 17:11:56 +0000 (+0200)
Subject: do not check targetService  - that is totally wrong.
X-Git-Tag: 22.4~32^2~3
X-Git-Url: https://git.mdrn.pl/django-cas-provider.git/commitdiff_plain/b86edc315aac724929168b38bdfde65dfd63b6f6?ds=sidebyside

do not check targetService  - that is totally wrong.
---

diff --git a/cas_provider/views.py b/cas_provider/views.py
index 2f0386f..5b66681 100644
--- a/cas_provider/views.py
+++ b/cas_provider/views.py
@@ -101,18 +101,13 @@ def logout(request, template_name='cas/logout.html',
 
 def proxy(request):
     targetService = request.GET['targetService']
-    pgtiou = request.GET['pgt']
+    pgt_id = request.GET['pgt']
 
     try:
-        proxyGrantingTicket = ProxyGrantingTicket.objects.get(pgtiou=pgtiou)
+        proxyGrantingTicket = ProxyGrantingTicket.objects.get(ticket=pgt_id)
     except ProxyGrantingTicket.DoesNotExist:
         return _cas2_error_response(INVALID_TICKET)
 
-    if not proxyGrantingTicket.targetService == targetService:
-        return _cas2_error_response(INVALID_SERVICE,
-            "The PGT was issued for %(original)s but the PT was requested for %(but)s" % dict(
-                original=proxyGrantingTicket.targetService, but=targetService))
-
     pt = ProxyTicket.objects.create(proxyGrantingTicket=proxyGrantingTicket,
         user=proxyGrantingTicket.serviceTicket.user,
         service=targetService)