From 64e2271d9df1365314fd3543173c248bcd215e2f Mon Sep 17 00:00:00 2001
From: zuber <marek@stepniowski.com>
Date: Mon, 5 Oct 2009 13:25:37 +0200
Subject: [PATCH] Added basic CAS 2.0 protocol support (only validation for
 now).

---
 cas_provider/urls.py  |  7 ++++---
 cas_provider/views.py | 28 +++++++++++++++++++++++++++-
 2 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/cas_provider/urls.py b/cas_provider/urls.py
index 8edc91a..4fad62c 100644
--- a/cas_provider/urls.py
+++ b/cas_provider/urls.py
@@ -3,7 +3,8 @@ from django.conf.urls.defaults import *
 from views import *
 
 urlpatterns = patterns('',
-    url(r'^login/', login),
-    url(r'^validate/', validate),
-    url(r'^logout/', logout),
+    url(r'^login/$', login),
+    url(r'^validate/$', validate),
+    url(r'^serviceValidate/$', service_validate),
+    url(r'^logout/$', logout),
 )
\ No newline at end of file
diff --git a/cas_provider/views.py b/cas_provider/views.py
index 27c7f7a..02456fe 100644
--- a/cas_provider/views.py
+++ b/cas_provider/views.py
@@ -9,7 +9,7 @@ from forms import LoginForm
 from models import ServiceTicket, LoginTicket
 from utils import create_service_ticket
 
-__all__ = ['login', 'validate', 'logout']
+__all__ = ['login', 'validate', 'service_validate', 'logout']
 
 def login(request, template_name='cas/login.html', success_redirect='/accounts/'):
     service = request.GET.get('service', None)
@@ -63,7 +63,33 @@ def validate(request):
         except:
             pass
     return HttpResponse("no\n\r\n\r")
+
+def service_validate(request):
+    service = request.GET.get('service', None)
+    ticket_string = request.GET.get('ticket', None)
+    if service is None or ticket_string is None:
+        return HttpResponse('''<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
+            <cas:authenticationFailure code="INVALID_REQUEST">
+                Not all required parameters were sent.
+            </cas:authenticationFailure>
+        </cas:serviceResponse>''', mimetype='text/xml')
     
+    try:
+        ticket = ServiceTicket.objects.get(ticket=ticket_string)
+        username = ticket.user.username
+        ticket.delete()
+        return HttpResponse('''<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
+            <cas:authenticationSuccess>
+                <cas:user>%(username)s</cas:user>
+            </cas:authenticationSuccess>
+        </cas:serviceResponse>''' % {'username': username}, mimetype='text/xml')
+    except ServiceTicket.DoesNotExist:
+        return HttpResponse(''''<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
+            <cas:authenticationFailure code="INVALID_TICKET">
+                The provided ticket is invalid.
+            </cas:authenticationFailure>
+        </cas:serviceResponse>''', mimetype='text/xml')
+
 def logout(request, template_name='cas/logout.html'):
     url = request.GET.get('url', None)
     auth_logout(request)
-- 
2.20.1