From cf49573c6110b9a3f537eed73439116339c69dfb Mon Sep 17 00:00:00 2001
From: Valentin Samir <valentin.samir@crans.org>
Date: Sat, 23 May 2015 21:12:42 +0200
Subject: [PATCH] Only SSO upon validated tickets

---
 cas_server/models.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cas_server/models.py b/cas_server/models.py
index 18693bb..225b1a8 100644
--- a/cas_server/models.py
+++ b/cas_server/models.py
@@ -41,13 +41,13 @@ class User(models.Model):
     def logout(self, request):
         async_list = []
         session = FuturesSession(executor=ThreadPoolExecutor(max_workers=10))
-        for ticket in ServiceTicket.objects.filter(user=self):
+        for ticket in ServiceTicket.objects.filter(user=self, validate=True):
             async_list.append(ticket.logout(request, session))
             ticket.delete()
-        for ticket in ProxyTicket.objects.filter(user=self):
+        for ticket in ProxyTicket.objects.filter(user=self, validate=True):
             async_list.append(ticket.logout(request, session))
             ticket.delete()
-        for ticket in ProxyGrantingTicket.objects.filter(user=self):
+        for ticket in ProxyGrantingTicket.objects.filter(user=self, validate=True):
             async_list.append(ticket.logout(request, session))
             ticket.delete()
         for future in async_list: