Merge branch 'dev' into federate

2016-06-28 15:29:45 +02:00 · 2016-06-28 15:29:45 +02:00 · a4d70d3046
parent 434dcf6e4e 16fb7b5021
commit a4d70d3046
3 changed files with 27 additions and 2 deletions
--- a/cas_server/forms.py
+++ b/cas_server/forms.py
@ -41,6 +41,7 @@ class FederateSelect(forms.Form):
    method = forms.CharField(widget=forms.HiddenInput(), required=False)
    remember = forms.BooleanField(label=_('Remember the identity provider'), required=False)
    warn = forms.BooleanField(label=_('warn'), required=False)
+    renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)


 class UserCredential(forms.Form):
@ -51,6 +52,7 @@ class UserCredential(forms.Form):
    lt = forms.CharField(widget=forms.HiddenInput(), required=False)
    method = forms.CharField(widget=forms.HiddenInput(), required=False)
    warn = forms.BooleanField(label=_('warn'), required=False)
+    renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)

    def __init__(self, *args, **kwargs):
        super(UserCredential, self).__init__(*args, **kwargs)
@ -74,6 +76,7 @@ class FederateUserCredential(UserCredential):
    lt = forms.CharField(widget=forms.HiddenInput(), required=False)
    method = forms.CharField(widget=forms.HiddenInput(), required=False)
    warn = forms.BooleanField(widget=forms.HiddenInput(), required=False)
+    renew = forms.BooleanField(widget=forms.HiddenInput(), required=False)

    def clean(self):
        cleaned_data = super(FederateUserCredential, self).clean()
--- a/cas_server/tests.py
+++ b/cas_server/tests.py
@ -447,6 +447,27 @@ class LoginTestCase(TestCase):
        self.assertEqual(response.status_code, 302)
        self.assertEqual(response["Location"], service)

+    def test_renew(self):
+        service = "https://www.example.com"
+        client = get_auth_client()
+        response = client.get("/login", {'service': service, 'renew': 'on'})
+        self.assertEqual(response.status_code, 200)
+        self.assertTrue(
+            (
+                b"Authentication renewal required by "
+                b"service example (https://www.example.com)"
+            ) in response.content
+        )
+        params = copy_form(response.context["form"])
+        params["username"] = settings.CAS_TEST_USER
+        params["password"] = settings.CAS_TEST_PASSWORD
+        self.assertEqual(params["renew"], True)
+        response = client.post("/login", params)
+        self.assertEqual(response.status_code, 302)
+        ticket_value = response['Location'].split('ticket=')[-1]
+        ticket = models.ServiceTicket.objects.get(value=ticket_value)
+        self.assertEqual(ticket.renew, True)
+

 class LogoutTestCase(TestCase):

--- a/cas_server/views.py
+++ b/cas_server/views.py
@ -432,7 +432,8 @@ class LoginView(View, LogoutMixin):
            'service': self.service,
            'method': self.method,
            'warn': self.warn or self.request.session.get("warn"),
-            'lt': self.request.session['lt'][-1]
+            'lt': self.request.session['lt'][-1],
+            'renew': self.renew
        }
        if settings.CAS_FEDERATE:
            if self.username and self.ticket:
@ -489,7 +490,7 @@ class LoginView(View, LogoutMixin):
                redirect_url = self.user.get_service_url(
                    self.service,
                    service_pattern,
-                    renew=self.renew
+                    renew=self.renewed
                )
                if not self.ajax:
                    return HttpResponseRedirect(redirect_url)