Compare commits
2 Commits
main
...
wip/django
Author | SHA1 | Date |
---|---|---|
Benjamin Dauvergne | d3cfe24039 | |
Benjamin Dauvergne | b939339a6b |
|
@ -38,7 +38,7 @@ class A2KerberosBackend(KerberosBackend):
|
|||
return
|
||||
if not app_settings.DJANGO_BACKEND:
|
||||
return
|
||||
return super(A2KerberosBackend, self).authenticate(principal=principal)
|
||||
return super(A2KerberosBackend, self).authenticate(request, principal=principal)
|
||||
|
||||
def get_saml2_authn_context(self):
|
||||
import lasso
|
||||
|
|
|
@ -18,11 +18,10 @@ class A2NegotiateView(NegotiateView):
|
|||
self.authentication_successful = True
|
||||
utils.login(request, user, 'kerberos')
|
||||
|
||||
def principal_valid(self, request, *args, **kwargs):
|
||||
response = super(A2NegotiateView, self).principal_valid(request, *args, **kwargs)
|
||||
if self.authentication_successful:
|
||||
# set cookie so that automatic login will be tried next time
|
||||
response.set_cookie('a2_kerberos_ok', '1', max_age=86400 * 365)
|
||||
def success(self, request, *args, **kwargs):
|
||||
response = super().success(request, *args, **kwargs)
|
||||
# set cookie so that automatic login will be tried next time
|
||||
response.set_cookie('a2_kerberos_ok', '1', max_age=86400 * 365)
|
||||
return response
|
||||
|
||||
|
||||
|
|
|
@ -14,6 +14,8 @@
|
|||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import mock
|
||||
|
||||
import pytest
|
||||
|
||||
from authentic2.custom_user.models import User
|
||||
|
@ -21,53 +23,37 @@ from authentic2.custom_user.models import User
|
|||
|
||||
@pytest.fixture(autouse=True)
|
||||
def kerberos(monkeypatch):
|
||||
import django_kerberos.views
|
||||
import gssapi.exceptions
|
||||
|
||||
class MockKerberos(object):
|
||||
server_init_result = 1
|
||||
server_step_result = 1
|
||||
server_response_result = 'x'
|
||||
class MockKerberos:
|
||||
principal = 'user@REALM'
|
||||
|
||||
def set(self, **kwargs):
|
||||
self.__dict__ = kwargs
|
||||
exceptions = gssapi.exceptions
|
||||
Credentials = mock.Mock()
|
||||
server_ctx = mock.Mock()
|
||||
server_ctx.step.return_value = b'outtoken'
|
||||
server_ctx.complete = True
|
||||
server_ctx.initiator_name = principal
|
||||
|
||||
def authGSSServerInit(self, service):
|
||||
return self.server_init_result, {}
|
||||
|
||||
def authGSSServerStep(self, context, authstr):
|
||||
return self.server_step_result
|
||||
|
||||
def authGSSServerResponse(self, context):
|
||||
return self.server_response_result
|
||||
|
||||
def authGSSServerUserName(self, context):
|
||||
return self.principal
|
||||
|
||||
def authGSSServerClean(self, context):
|
||||
pass
|
||||
|
||||
class KrbError(Exception):
|
||||
pass
|
||||
monkeypatch.setattr('django_kerberos.views.kerberos', MockKerberos())
|
||||
return django_kerberos.views.kerberos
|
||||
SecurityContext = mock.Mock(return_value=server_ctx)
|
||||
monkeypatch.setattr('django_kerberos.views.gssapi', MockKerberos)
|
||||
return MockKerberos
|
||||
|
||||
|
||||
def test_default(settings, app, db):
|
||||
def test_default(settings, app, db, kerberos):
|
||||
settings.A2_AUTH_KERBEROS_DJANGO_BACKEND = True
|
||||
|
||||
assert User.objects.count() == 0
|
||||
user = User.objects.create(username=kerberos.principal)
|
||||
assert 'a2_kerberos_ok' not in app.cookies
|
||||
response = app.get('/login/')
|
||||
assert 'login-kerberos' in response.text
|
||||
assert 'autologin' not in response.text
|
||||
response = response.forms['kerberos-form'].submit(name='login-kerberos')
|
||||
assert response.location == '/accounts/kerberos/login/'
|
||||
response = response.follow(headers={'Authorization': 'Negotiate y'})
|
||||
response = response.follow(headers={'Authorization': 'Negotiate yyyy'})
|
||||
assert app.cookies['a2_kerberos_ok'] == '1'
|
||||
assert app.session['_auth_user_id'] == str(user.id)
|
||||
assert response.location == '/'
|
||||
assert User.objects.count() == 1
|
||||
assert User.objects.get(username='user@realm')
|
||||
|
||||
# logout
|
||||
app.session.flush()
|
||||
|
|
2
tox.ini
2
tox.ini
|
@ -45,6 +45,7 @@ deps =
|
|||
psycopg2-binary
|
||||
oldldap: python-ldap<3
|
||||
ldaptools
|
||||
https://git.entrouvert.org/django-kerberos.git/snapshot/django-kerberos-wip/10211-gssapi.tar.gz
|
||||
|
||||
# pytest requirements
|
||||
pytest
|
||||
|
@ -53,6 +54,7 @@ deps =
|
|||
pytest-random
|
||||
django-webtest
|
||||
pyquery
|
||||
mock
|
||||
|
||||
commands =
|
||||
py2: ./getlasso.sh
|
||||
|
|
Loading…
Reference in New Issue