From 7eced6890bfab480cc1de40df03a540d5f7863b2 Mon Sep 17 00:00:00 2001 From: Alex Kamedov Date: Sun, 24 Apr 2011 18:52:53 +0600 Subject: [PATCH 1/1] add tests for service validate URL (CAS v.2) --- cas_provider/locale/ru/LC_MESSAGES/django.mo | Bin 1469 -> 1469 bytes cas_provider/locale/ru/LC_MESSAGES/django.po | 2 +- cas_provider/tests.py | 32 +++++++++++++- cas_provider/urls.py | 2 +- cas_provider/views.py | 43 +++++++++++++------ 5 files changed, 64 insertions(+), 15 deletions(-) diff --git a/cas_provider/locale/ru/LC_MESSAGES/django.mo b/cas_provider/locale/ru/LC_MESSAGES/django.mo index 1091e950144740f02e6dbe02b744f7674212bb7b..c02ed63b92f7e33b83e6427d5a76d2420a76c3c8 100644 GIT binary patch delta 17 YcmdnXy_b7KArp&*m8s$8QYH^(05ie`1poj5 delta 17 YcmdnXy_b7KArp(4m8t3GQYH^(05ix12LJ#7 diff --git a/cas_provider/locale/ru/LC_MESSAGES/django.po b/cas_provider/locale/ru/LC_MESSAGES/django.po index a72c935..42a8506 100644 --- a/cas_provider/locale/ru/LC_MESSAGES/django.po +++ b/cas_provider/locale/ru/LC_MESSAGES/django.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2011-04-24 16:55+0600\n" +"POT-Creation-Date: 2011-04-24 18:51+0600\n" "PO-Revision-Date: 2011-04-07 12:01+0600\n" "Last-Translator: Volf \n" "Language-Team: delux\n" diff --git a/cas_provider/tests.py b/cas_provider/tests.py index 58b8ded..5129d66 100644 --- a/cas_provider/tests.py +++ b/cas_provider/tests.py @@ -1,4 +1,6 @@ from cas_provider.models import ServiceTicket +from cas_provider.views import _cas2_sucess_response, _cas2_error_response, \ + INVALID_TICKET from django.contrib.auth.models import User from django.core.urlresolvers import reverse from django.test import TestCase @@ -50,6 +52,15 @@ class ViewsTest(TestCase): def test_nonactive_user_login(self): self._fail_login('nonactive', '123') + def test_cas2_success_validate(self): + response = self._login_user('root', '123') + self._validate_cas2(response, True) + + def test_cas2_fail_validate(self): + for user, pwd in (('root', '321'), ('notroot', '123'), ('nonactive', '123')): + response = self._login_user(user, pwd) + self._validate_cas2(response, False) + def _fail_login(self, username, password): response = self._login_user(username, password) @@ -95,10 +106,29 @@ class ViewsTest(TestCase): self.assertEqual(response.content, u'no\r\n\r\n') + def _validate_cas2(self, response, is_correct=True): + if is_correct: + self.assertEqual(response.status_code, 302) + self.assertTrue(response.has_header('location')) + location = urlparse(response['location']) + ticket = location.query.split('=')[1] + + response = self.client.get(reverse('cas_service_validate'), {'ticket': ticket, 'service': self.service}, follow=False) + self.assertEqual(response.status_code, 200) + self.assertEqual(response.content, _cas2_sucess_response(self.username).content) + else: + self.assertEqual(response.status_code, 200) + self.assertEqual(len(response.context['form'].errors), 1) + + response = self.client.get(reverse('cas_service_validate'), {'ticket': 'ST-12312312312312312312312', 'service': self.service}, follow=False) + self.assertEqual(response.status_code, 200) + self.assertEqual(response.content, _cas2_error_response(INVALID_TICKET).content) + + class ModelsTestCase(TestCase): fixtures = ['cas_users.json', ] - + def setUp(self): self.user = User.objects.get(username='root') diff --git a/cas_provider/urls.py b/cas_provider/urls.py index 70e3fae..16a6744 100644 --- a/cas_provider/urls.py +++ b/cas_provider/urls.py @@ -1,4 +1,4 @@ -from django.conf.urls.defaults import * +from django.conf.urls.defaults import patterns, url urlpatterns = patterns('cas_provider.views', diff --git a/cas_provider/views.py b/cas_provider/views.py index 452c071..eca61ba 100644 --- a/cas_provider/views.py +++ b/cas_provider/views.py @@ -11,6 +11,17 @@ from models import ServiceTicket, LoginTicket __all__ = ['login', 'validate', 'logout', 'service_validate'] +INVALID_TICKET = 1 +INVALID_SERVICE = 2 +INVALID_REQUEST = 3 + +ERROR_MESSAGES = ( + (INVALID_TICKET, u'The provided ticket is invalid.'), + (INVALID_SERVICE, u'Service is invalid'), + (INVALID_REQUEST, u'Not all required parameters were sent.'), +) + + def login(request, template_name='cas/login.html', \ success_redirect=settings.LOGIN_REDIRECT_URL): service = request.GET.get('service', None) @@ -59,7 +70,8 @@ def validate(request): def logout(request, template_name='cas/logout.html'): url = request.GET.get('url', None) auth_logout(request) - return render_to_response(template_name, {'url': url}, context_instance=RequestContext(request)) + return render_to_response(template_name, {'url': url}, \ + context_instance=RequestContext(request)) def service_validate(request): @@ -67,29 +79,36 @@ def service_validate(request): service = request.GET.get('service', None) ticket_string = request.GET.get('ticket', None) if service is None or ticket_string is None: - return _cas2_error_response(u'INVALID_REQUEST', u'Not all required parameters were sent.') + return _cas2_error_response(INVALID_REQUEST) try: ticket = ServiceTicket.objects.get(ticket=ticket_string) except ServiceTicket.DoesNotExist: - return _cas2_error_response(u'INVALID_TICKET', u'The provided ticket is invalid.') + return _cas2_error_response(INVALID_TICKET) if settings.CAS_CHECK_SERVICE and ticket.service != service: ticket.delete() - return _cas2_error_response('INVALID_SERVICE', u'Service is invalid') + return _cas2_error_response(INVALID_SERVICE) username = ticket.user.username ticket.delete() + return _cas2_sucess_response(username) + + +def _cas2_error_response(code): + return HttpResponse(u'''' + + %(message)s + + ''' % { + 'code': code, + 'message': dict(ERROR_MESSAGES).get(code) + }, mimetype='text/xml') + + +def _cas2_sucess_response(username): return HttpResponse(u''' %(username)s ''' % {'username': username}, mimetype='text/xml') - - -def _cas2_error_response(code, message): - return HttpResponse(u'''' - - %s - - ''', mimetype='text/xml') -- 2.20.1