cas_server.auth module

Some authentication classes for the CAS

class cas_server.auth.AuthUser(username)[source]

Bases: object

Authentication base class

Parameters: username (unicode) – A username, stored in the username class attribute.

username = None: username used to instanciate the current object

test_password(password)[source]

Tests password against the user-supplied password.

Raises: NotImplementedError – always. The method need to be implemented by subclasses

attributs()[source]

The user attributes.

raises NotImplementedError: always. The method need to be implemented by subclasses

class cas_server.auth.DummyAuthUser(username)[source]

Bases: cas_server.auth.AuthUser

A Dummy authentication class. Authentication always fails

Parameters: username (unicode) – A username, stored in the username class attribute. There is no valid value for this attribute here.

test_password(password)[source]

Tests password against the user-supplied password.

Parameters: password (unicode) – a clear text password as submited by the user.
Returns: always False
Return type: bool

attributs()[source]

The user attributes.

Returns: en empty dict.
Return type: dict

class cas_server.auth.TestAuthUser(username)[source]

Bases: cas_server.auth.AuthUser

A test authentication class only working for one unique user.

Parameters: username (unicode) – A username, stored in the username class attribute. The uniq valid value is settings.CAS_TEST_USER.

test_password(password)[source]

Tests password against the user-supplied password.

Parameters: password (unicode) – a clear text password as submited by the user.
Returns: True if username is valid and password is equal to settings.CAS_TEST_PASSWORD, False otherwise.
Return type: bool

attributs()[source]

The user attributes.

Returns: the settings.CAS_TEST_ATTRIBUTES dict if username is valid, an empty dict otherwise.
Return type: dict

class cas_server.auth.DBAuthUser(username)[source]

Bases: cas_server.auth.AuthUser

base class for databate based auth classes

user = None: DB user attributes as a dict if the username is found in the database.

attributs()[source]

The user attributes.

Returns: a dict with the user attributes. Attributes may be unicode() or list of unicode(). If the user do not exists, the returned dict is empty.
Return type: dict

class cas_server.auth.MysqlAuthUser(username)[source]

Bases: cas_server.auth.DBAuthUser

DEPRECATED, use SqlAuthUser instead.

A mysql authentication class: authenticate user against a mysql database

Parameters: username (unicode) – A username, stored in the username class attribute. Valid value are fetched from the MySQL database set with settings.CAS_SQL_* settings parameters using the query settings.CAS_SQL_USER_QUERY.

test_password(password)[source]

Tests password against the user-supplied password.

Parameters: password (unicode) – a clear text password as submited by the user.
Returns: True if username is valid and password is correct, False otherwise.
Return type: bool

class cas_server.auth.SqlAuthUser(username)[source]

Bases: cas_server.auth.DBAuthUser

A SQL authentication class: authenticate user against a SQL database. The SQL database must be configures in settings.py as settings.DATABASES['cas_server'].

Parameters: username (unicode) – A username, stored in the username class attribute. Valid value are fetched from the MySQL database set with settings.CAS_SQL_* settings parameters using the query settings.CAS_SQL_USER_QUERY.

test_password(password)[source]

Tests password against the user-supplied password.

Parameters: password (unicode) – a clear text password as submited by the user.
Returns: True if username is valid and password is correct, False otherwise.
Return type: bool

class cas_server.auth.LdapAuthUser(username)[source]

Bases: cas_server.auth.DBAuthUser

A ldap authentication class: authenticate user against a ldap database

Parameters: username (unicode) – A username, stored in the username class attribute. Valid value are fetched from the ldap database set with settings.CAS_LDAP_* settings parameters.

classmethod get_conn()[source]: Return a connection object to the ldap database

test_password(password)[source]

Tests password against the user-supplied password.

Parameters: password (unicode) – a clear text password as submited by the user.
Returns: True if username is valid and password is correct, False otherwise.
Return type: bool

attributs()[source]

The user attributes.

Returns: a dict with the user attributes. Attributes may be unicode() or list of unicode(). If the user do not exists, the returned dict is empty.
Return type: dict

class cas_server.auth.DjangoAuthUser(username)[source]

Bases: cas_server.auth.AuthUser

A django auth class: authenticate user against django internal users

Parameters: username (unicode) – A username, stored in the username class attribute. Valid value are usernames of django internal users.

user = None: a django user object if the username is found. The user model is retreived using django.contrib.auth.get_user_model().

test_password(password)[source]

Tests password against the user-supplied password.

Parameters: password (unicode) – a clear text password as submited by the user.
Returns: True if user is valid and password is correct, False otherwise.
Return type: bool

attributs()[source]

The user attributes, defined as the fields on the user object.

Returns: a dict with the user object fields. Attributes may be If the user do not exists, the returned dict is empty.
Return type: dict

class cas_server.auth.CASFederateAuth(username)[source]

Bases: cas_server.auth.AuthUser

Authentication class used then CAS_FEDERATE is True

Parameters: username (unicode) – A username, stored in the username class attribute. Valid value are usernames of FederatedUser object. FederatedUser object are created on CAS backends successful ticket validation.

user = None: a :class`FederatedUser<cas_server.models.FederatedUser>` object if username is found.

test_password(ticket)[source]

Tests password against the user-supplied password.

Parameters: password (unicode) – The CAS tickets just used to validate the user authentication against its CAS backend.
Returns: True if user is valid and password is a ticket validated less than settings.CAS_TICKET_VALIDITY secondes and has not being previously used for authenticated this FederatedUser. False otherwise.
Return type: bool

attributs()[source]

The user attributes, as returned by the CAS backend.

Returns: FederatedUser.attributs. If the user do not exists, the returned dict is empty.
Return type: dict