cas_server.auth module¶

Some authentication classes for the CAS

class cas_server.auth.AuthUser(username)[source]¶

Bases: object

Authentication base class

Parameters:	username (unicode) – A username, stored in the `username` class attribute.

username = None¶: username used to instanciate the current object

test_password(password)[source]¶

Tests password against the user-supplied password.

Raises:	NotImplementedError – always. The method need to be implemented by subclasses

attributs()[source]¶

The user attributes.

raises NotImplementedError: always. The method need to be implemented by subclasses

class cas_server.auth.DummyAuthUser(username)[source]¶

Bases: cas_server.auth.AuthUser

A Dummy authentication class. Authentication always fails

Parameters:	username (unicode) – A username, stored in the `username` class attribute. There is no valid value for this attribute here.

test_password(password)[source]¶

Tests password against the user-supplied password.

Parameters:	password (unicode) – a clear text password as submited by the user.
Returns:	always `False`
Return type:	bool

attributs()[source]¶

The user attributes.

Returns:	en empty `dict`.
Return type:	dict

class cas_server.auth.TestAuthUser(username)[source]¶

Bases: cas_server.auth.AuthUser

A test authentication class only working for one unique user.

Parameters:	username (unicode) – A username, stored in the `username` class attribute. The uniq valid value is `settings.CAS_TEST_USER`.

test_password(password)[source]¶

Tests password against the user-supplied password.

Parameters:	password (unicode) – a clear text password as submited by the user.
Returns:	`True` if `username` is valid and `password` is equal to `settings.CAS_TEST_PASSWORD`, `False` otherwise.
Return type:	bool

attributs()[source]¶

The user attributes.

Returns:	the `settings.CAS_TEST_ATTRIBUTES` `dict` if `username` is valid, an empty `dict` otherwise.
Return type:	dict

class cas_server.auth.DBAuthUser(username)[source]¶

Bases: cas_server.auth.AuthUser

base class for databate based auth classes

user = None¶: DB user attributes as a dict if the username is found in the database.

attributs()[source]¶

The user attributes.

Returns:	a `dict` with the user attributes. Attributes may be `unicode()` or `list` of `unicode()`. If the user do not exists, the returned `dict` is empty.
Return type:	dict

class cas_server.auth.MysqlAuthUser(username)[source]¶

Bases: cas_server.auth.DBAuthUser

DEPRECATED, use SqlAuthUser instead.

A mysql authentication class: authenticate user against a mysql database

Parameters:	username (unicode) – A username, stored in the `username` class attribute. Valid value are fetched from the MySQL database set with `settings.CAS_SQL_*` settings parameters using the query `settings.CAS_SQL_USER_QUERY`.

test_password(password)[source]¶

Tests password against the user-supplied password.

Parameters:	password (unicode) – a clear text password as submited by the user.
Returns:	`True` if `username` is valid and `password` is correct, `False` otherwise.
Return type:	bool

class cas_server.auth.SqlAuthUser(username)[source]¶

Bases: cas_server.auth.DBAuthUser

A SQL authentication class: authenticate user against a SQL database. The SQL database must be configures in settings.py as settings.DATABASES['cas_server'].

Parameters:	username (unicode) – A username, stored in the `username` class attribute. Valid value are fetched from the MySQL database set with `settings.CAS_SQL_*` settings parameters using the query `settings.CAS_SQL_USER_QUERY`.

test_password(password)[source]¶

Tests password against the user-supplied password.

Parameters:	password (unicode) – a clear text password as submited by the user.
Returns:	`True` if `username` is valid and `password` is correct, `False` otherwise.
Return type:	bool

class cas_server.auth.LdapAuthUser(username)[source]¶

Bases: cas_server.auth.DBAuthUser

A ldap authentication class: authenticate user against a ldap database

Parameters:	username (unicode) – A username, stored in the `username` class attribute. Valid value are fetched from the ldap database set with `settings.CAS_LDAP_*` settings parameters.

classmethod get_conn()[source]¶: Return a connection object to the ldap database

test_password(password)[source]¶

Tests password against the user-supplied password.

Parameters:	password (unicode) – a clear text password as submited by the user.
Returns:	`True` if `username` is valid and `password` is correct, `False` otherwise.
Return type:	bool

attributs()[source]¶

The user attributes.

Returns:	a `dict` with the user attributes. Attributes may be `unicode()` or `list` of `unicode()`. If the user do not exists, the returned `dict` is empty.
Return type:	dict
Raises:	NotImplementedError – if the password check method in CAS_LDAP_PASSWORD_CHECK do not allow to fetch the attributes without the user credentials.

class cas_server.auth.DjangoAuthUser(username)[source]¶

Bases: cas_server.auth.AuthUser

A django auth class: authenticate user against django internal users

Parameters:	username (unicode) – A username, stored in the `username` class attribute. Valid value are usernames of django internal users.

user = None¶: a django user object if the username is found. The user model is retreived using django.contrib.auth.get_user_model().

test_password(password)[source]¶

Tests password against the user-supplied password.

Parameters:	password (unicode) – a clear text password as submited by the user.
Returns:	`True` if `user` is valid and `password` is correct, `False` otherwise.
Return type:	bool

attributs()[source]¶

The user attributes, defined as the fields on the user object.

Returns:	a `dict` with the `user` object fields. Attributes may be If the user do not exists, the returned `dict` is empty.
Return type:	dict

class cas_server.auth.CASFederateAuth(username)[source]¶

Bases: cas_server.auth.AuthUser

Authentication class used then CAS_FEDERATE is True

Parameters:	username (unicode) – A username, stored in the `username` class attribute. Valid value are usernames of `FederatedUser` object. `FederatedUser` object are created on CAS backends successful ticket validation.

user = None¶: a :class`FederatedUser<cas_server.models.FederatedUser>` object if username is found.

test_password(ticket)[source]¶

Tests password against the user-supplied password.

Parameters:	password (unicode) – The CAS tickets just used to validate the user authentication against its CAS backend.
Returns:	`True` if `user` is valid and `password` is a ticket validated less than `settings.CAS_TICKET_VALIDITY` secondes and has not being previously used for authenticated this `FederatedUser`. `False` otherwise.
Return type:	bool

attributs()[source]¶

The user attributes, as returned by the CAS backend.

Returns:	`FederatedUser.attributs`. If the user do not exists, the returned `dict` is empty.
Return type:	dict