mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-12-18 11:44:19 -05:00
Parse both user and attributes from CAS response
This commit is contained in:
parent
782f7fb489
commit
7845f62c22
@ -125,14 +125,7 @@ class LoginRestServlet(ClientV1RestServlet):
|
|||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def do_cas_login(self, cas_response_body):
|
def do_cas_login(self, cas_response_body):
|
||||||
root = ET.fromstring(cas_response_body)
|
(user, attributes) = self.parse_cas_response(cas_response_body)
|
||||||
if not root.tag.endswith("serviceResponse"):
|
|
||||||
raise LoginError(401, "Invalid CAS response", errcode=Codes.UNAUTHORIZED)
|
|
||||||
if not root[0].tag.endswith("authenticationSuccess"):
|
|
||||||
raise LoginError(401, "Unsuccessful CAS response", errcode=Codes.UNAUTHORIZED)
|
|
||||||
for child in root[0]:
|
|
||||||
if child.tag.endswith("user"):
|
|
||||||
user = child.text
|
|
||||||
user_id = UserID.create(user, self.hs.hostname).to_string()
|
user_id = UserID.create(user, self.hs.hostname).to_string()
|
||||||
auth_handler = self.handlers.auth_handler
|
auth_handler = self.handlers.auth_handler
|
||||||
user_exists = yield auth_handler.does_user_exist(user_id)
|
user_exists = yield auth_handler.does_user_exist(user_id)
|
||||||
@ -159,7 +152,26 @@ class LoginRestServlet(ClientV1RestServlet):
|
|||||||
|
|
||||||
defer.returnValue((200, result))
|
defer.returnValue((200, result))
|
||||||
|
|
||||||
|
def parse_cas_response(self, cas_response_body):
|
||||||
|
root = ET.fromstring(cas_response_body)
|
||||||
|
if not root.tag.endswith("serviceResponse"):
|
||||||
raise LoginError(401, "Invalid CAS response", errcode=Codes.UNAUTHORIZED)
|
raise LoginError(401, "Invalid CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
if not root[0].tag.endswith("authenticationSuccess"):
|
||||||
|
raise LoginError(401, "Unsuccessful CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
for child in root[0]:
|
||||||
|
if child.tag.endswith("user"):
|
||||||
|
user = child.text
|
||||||
|
if child.tag.endswith("attributes"):
|
||||||
|
attributes = {}
|
||||||
|
for attribute in child:
|
||||||
|
if "}" in attribute.tag:
|
||||||
|
attributes[attribute.tag.split("}")[1]] = attribute.text
|
||||||
|
else:
|
||||||
|
attributes[attribute.tag] = attribute.text
|
||||||
|
if user is None or attributes is None:
|
||||||
|
raise LoginError(401, "Invalid CAS response", errcode=Codes.UNAUTHORIZED)
|
||||||
|
|
||||||
|
return (user, attributes)
|
||||||
|
|
||||||
|
|
||||||
class LoginFallbackRestServlet(ClientV1RestServlet):
|
class LoginFallbackRestServlet(ClientV1RestServlet):
|
||||||
|
Loading…
Reference in New Issue
Block a user