diff --git a/cas_server/locale/en/LC_MESSAGES/django.po b/cas_server/locale/en/LC_MESSAGES/django.po index 9a30362..bd302ab 100644 --- a/cas_server/locale/en/LC_MESSAGES/django.po +++ b/cas_server/locale/en/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: cas_server\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-05-28 02:10+0200\n" +"POT-Creation-Date: 2015-05-28 15:24+0200\n" "PO-Revision-Date: 2015-05-23 19:03+0100\n" "Last-Translator: Valentin Samir \n" "Language-Team: django \n" @@ -33,117 +33,123 @@ msgstr " Warn me before logging me into other sites." msgid "Bad user" msgstr "The credentials you provided cannot be determined to be authentic." -#: models.py:89 +#: models.py:58 #, fuzzy, python-format #| msgid "Error during service logout %s" -msgid "Error during service logout %r" +msgid "Error during service logout %s" msgstr "Error during service logout %s" -#: models.py:147 +#: models.py:117 msgid "position" msgstr "" -#: models.py:154 models.py:239 +#: models.py:124 models.py:213 msgid "name" msgstr "" -#: models.py:155 +#: models.py:125 #, fuzzy #| msgid "Connect to the service" msgid "A name for the service" msgstr "Connect to the service" -#: models.py:160 models.py:266 models.py:283 +#: models.py:130 models.py:240 models.py:257 msgid "pattern" msgstr "" -#: models.py:166 +#: models.py:136 msgid "user field" msgstr "" -#: models.py:167 +#: models.py:137 msgid "Name of the attribut to transmit as username, empty = login" msgstr "" -#: models.py:171 +#: models.py:141 msgid "restrict username" msgstr "" -#: models.py:172 +#: models.py:142 msgid "Limit username allowed to connect to the list provided bellow" msgstr "" -#: models.py:176 +#: models.py:146 msgid "proxy" msgstr "" -#: models.py:177 -msgid "" -"A ProxyGrantingTicket can be delivered to the service in order to " -"authenticate for the user on a backend service" +#: models.py:147 +msgid "Proxy tickets can be delivered to the service" msgstr "" -#: models.py:182 +#: models.py:151 +msgid "proxy callback" +msgstr "" + +#: models.py:152 +msgid "can be used as a proxy callback to deliver PGT" +msgstr "" + +#: models.py:156 msgid "single log out" msgstr "" -#: models.py:183 +#: models.py:157 #, fuzzy #| msgid "Connect to the service" msgid "Enable SLO for the service" msgstr "Connect to the service" -#: models.py:225 +#: models.py:199 msgid "username" msgstr "" -#: models.py:226 +#: models.py:200 #, fuzzy #| msgid "Connect to the service" msgid "username allowed to connect to the service" msgstr "Connect to the service" -#: models.py:240 +#: models.py:214 #, fuzzy #| msgid "The attribut %(field)s is needed to use that service" msgid "name of an attribut to send to the service" msgstr "The attribut %(field)s is needed to use that service" -#: models.py:245 models.py:289 +#: models.py:219 models.py:263 msgid "replace" msgstr "" -#: models.py:246 +#: models.py:220 msgid "" "name under which the attribut will be showto the service. empty = default " "name of the attribut" msgstr "" -#: models.py:261 models.py:278 +#: models.py:235 models.py:252 msgid "attribut" msgstr "" -#: models.py:262 +#: models.py:236 msgid "Name of the attribut which must verify pattern" msgstr "" -#: models.py:267 +#: models.py:241 msgid "a regular expression" msgstr "" -#: models.py:279 +#: models.py:253 msgid "Name of the attribut for which the value must be replace" msgstr "" -#: models.py:284 +#: models.py:258 msgid "An regular expression maching whats need to be replaced" msgstr "" -#: models.py:290 +#: models.py:264 msgid "replace expression, groups are capture by \\1, \\2 …" msgstr "" -#: models.py:337 +#: models.py:313 #, python-format msgid "" "Error during service logout %(service)s:\n" diff --git a/cas_server/locale/fr/LC_MESSAGES/django.mo b/cas_server/locale/fr/LC_MESSAGES/django.mo index a9f29a6..9402047 100644 Binary files a/cas_server/locale/fr/LC_MESSAGES/django.mo and b/cas_server/locale/fr/LC_MESSAGES/django.mo differ diff --git a/cas_server/locale/fr/LC_MESSAGES/django.po b/cas_server/locale/fr/LC_MESSAGES/django.po index 140c162..45520da 100644 --- a/cas_server/locale/fr/LC_MESSAGES/django.po +++ b/cas_server/locale/fr/LC_MESSAGES/django.po @@ -7,8 +7,8 @@ msgid "" msgstr "" "Project-Id-Version: cas_server\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-05-28 02:10+0200\n" -"PO-Revision-Date: 2015-05-28 02:15+0100\n" +"POT-Creation-Date: 2015-05-28 15:24+0200\n" +"PO-Revision-Date: 2015-05-28 15:25+0100\n" "Last-Translator: Valentin Samir \n" "Language-Team: django \n" "Language: fr\n" @@ -34,115 +34,119 @@ msgstr "Prévenez-moi avant d'accéder à d'autres services." msgid "Bad user" msgstr "Les informations transmises n'ont pas permis de vous authentifier." -#: models.py:89 +#: models.py:58 #, python-format -msgid "Error during service logout %r" -msgstr "Une erreur est survenue durant la déconnexion du service %r" +msgid "Error during service logout %s" +msgstr "Une erreur est survenue durant la déconnexion du service %s" -#: models.py:147 +#: models.py:117 msgid "position" msgstr "position" -#: models.py:154 models.py:239 +#: models.py:124 models.py:213 msgid "name" msgstr "nom" -#: models.py:155 +#: models.py:125 msgid "A name for the service" msgstr "Un nom pour le service" -#: models.py:160 models.py:266 models.py:283 +#: models.py:130 models.py:240 models.py:257 msgid "pattern" msgstr "motif" -#: models.py:166 +#: models.py:136 msgid "user field" msgstr "champ utilisateur" -#: models.py:167 +#: models.py:137 msgid "Name of the attribut to transmit as username, empty = login" msgstr "" "Nom de l'attribut devant être transmis comme nom d'utilisateur au service. " "vide = nom de connection" -#: models.py:171 +#: models.py:141 msgid "restrict username" msgstr "limiter les noms d'utilisateurs" -#: models.py:172 +#: models.py:142 msgid "Limit username allowed to connect to the list provided bellow" msgstr "" "Limiter les noms d'utilisateurs autorisé à se connecter à la liste fournie " "ci-dessous" -#: models.py:176 +#: models.py:146 msgid "proxy" msgstr "proxy" -#: models.py:177 -msgid "" -"A ProxyGrantingTicket can be delivered to the service in order to " -"authenticate for the user on a backend service" -msgstr "" -"Un ProxyGrantingTicket peut être délivré au service pour lui permettre de " -"s'authentifier en temps l'utilisateur à un autre service" +#: models.py:147 +msgid "Proxy tickets can be delivered to the service" +msgstr "des proxy tickets peuvent être délivrés au service" -#: models.py:182 +#: models.py:151 +msgid "proxy callback" +msgstr "" + +#: models.py:152 +msgid "can be used as a proxy callback to deliver PGT" +msgstr "peut être utilisé comme un callback pour recevoir un PGT" + +#: models.py:156 msgid "single log out" msgstr "" -#: models.py:183 +#: models.py:157 msgid "Enable SLO for the service" msgstr "Active le SLO pour le service" -#: models.py:225 +#: models.py:199 msgid "username" msgstr "nom d'utilisateur" -#: models.py:226 +#: models.py:200 msgid "username allowed to connect to the service" msgstr "noms d'utilisateurs autorisé à se connecter au service" -#: models.py:240 +#: models.py:214 msgid "name of an attribut to send to the service" msgstr "nom d'un attribut a envoyer au service" -#: models.py:245 models.py:289 +#: models.py:219 models.py:263 msgid "replace" msgstr "remplacement" -#: models.py:246 +#: models.py:220 msgid "" "name under which the attribut will be showto the service. empty = default " "name of the attribut" msgstr "" "nom sous lequel l'attribut sera rendu visible au service. vide = inchangé" -#: models.py:261 models.py:278 +#: models.py:235 models.py:252 msgid "attribut" msgstr "attribut" -#: models.py:262 +#: models.py:236 msgid "Name of the attribut which must verify pattern" msgstr "Nom de l'attribut devant vérifier un motif" -#: models.py:267 +#: models.py:241 msgid "a regular expression" msgstr "une expression régulière" -#: models.py:279 +#: models.py:253 msgid "Name of the attribut for which the value must be replace" msgstr "nom de l'attribue pour lequel la valeur doit être remplacé" -#: models.py:284 +#: models.py:258 msgid "An regular expression maching whats need to be replaced" msgstr "une expression régulière reconnaissant ce qui doit être remplacé" -#: models.py:290 +#: models.py:264 msgid "replace expression, groups are capture by \\1, \\2 …" msgstr "expression de remplacement, les groupe sont capturé par \\1, \\2" -#: models.py:337 +#: models.py:313 #, python-format msgid "" "Error during service logout %(service)s:\n" @@ -222,6 +226,13 @@ msgstr "" "Vous vous êtes déconnecté(e) du Service Central d'Authentification.
Pour " "des raisons de sécurité, veuillez fermer votre navigateur." +#~ msgid "" +#~ "A ProxyGrantingTicket can be delivered to the service in order to " +#~ "authenticate for the user on a backend service" +#~ msgstr "" +#~ "Un ProxyGrantingTicket peut être délivré au service pour lui permettre de " +#~ "s'authentifier en temps l'utilisateur à un autre service" + #~ msgid "" #~ "Une demande d'authentification a été émise pour le service %(name)s " #~ "(%(url)s)" diff --git a/cas_server/migrations/0016_auto_20150528_1326.py b/cas_server/migrations/0016_auto_20150528_1326.py new file mode 100644 index 0000000..2e250fb --- /dev/null +++ b/cas_server/migrations/0016_auto_20150528_1326.py @@ -0,0 +1,26 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals + +from django.db import models, migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('cas_server', '0015_auto_20150528_1202'), + ] + + operations = [ + migrations.AddField( + model_name='servicepattern', + name='proxy_callback', + field=models.BooleanField(default=False, help_text='can be used as a proxy callback to deliver PGT', verbose_name='proxy callback'), + preserve_default=True, + ), + migrations.AlterField( + model_name='servicepattern', + name='proxy', + field=models.BooleanField(default=False, help_text='Proxy tickets can be delivered to the service', verbose_name='proxy'), + preserve_default=True, + ), + ] diff --git a/cas_server/models.py b/cas_server/models.py index 7ae4ab7..8c1b783 100644 --- a/cas_server/models.py +++ b/cas_server/models.py @@ -144,8 +144,12 @@ class ServicePattern(models.Model): proxy = models.BooleanField( default=False, verbose_name=_(u"proxy"), - help_text=_("A ProxyGrantingTicket can be delivered to the service " \ - "in order to authenticate for the user on a backend service") + help_text=_("Proxy tickets can be delivered to the service") + ) + proxy_callback = models.BooleanField( + default=False, + verbose_name=_(u"proxy callback"), + help_text=_("can be used as a proxy callback to deliver PGT") ) single_log_out = models.BooleanField( default=False, diff --git a/cas_server/views.py b/cas_server/views.py index ef3d785..d892ab2 100644 --- a/cas_server/views.py +++ b/cas_server/views.py @@ -291,7 +291,7 @@ def ps_validate(request, ticket_type=None): params['username'] = ticket.user.attributs.get(ticket.service_pattern.user_field) if pgt_url and pgt_url.startswith("https://"): pattern = models.ServicePattern.validate(pgt_url) - if pattern.proxy: + if pattern.proxy_callback: proxyid = utils.gen_pgtiou() pticket = models.ProxyGrantingTicket.objects.create( user=ticket.user, @@ -358,6 +358,12 @@ def proxy(request): try: # is the target service allowed pattern = models.ServicePattern.validate(target_service) + if not pattern.proxy: + return _validate_error( + request, + 'UNAUTHORIZED_SERVICE', + 'the service do not allow proxy ticket' + ) # is the proxy granting ticket valid ticket = models.ProxyGrantingTicket.objects.get( value=pgt,