monkey-patch django_cas to scrub usernames returned from CAS server.

git-svn-id: svn://svn.open-ils.org/ILS-Contrib/servres/trunk@1220 6d9bc8c9-1ec2-4278-b937-99fde70a366f

diff --git a/conifer/integration/cas.py b/conifer/integration/cas.py
index b937c93..bdd0ddc 100644 (file)
--- a/conifer/integration/cas.py
+++ b/conifer/integration/cas.py
@@ -12,10 +12,31 @@
 # conifer/syrup/models.py.
 
 
-import django_cas.backends
+from django_cas import backends
+
+# First, we monkey-patch the django_cas verifier.
+#
+# Okay, monkey-patching is lame. But I have a problem with the way django_cas
+# fails to clean usernames. At Windsor, if you log in as '_FAWCETT_', where
+# '_' is a space, django_cas will create a new User object for
+# username='_FAWCETT_', even if a user 'fawcett' exists. Bad!
+#
+# Now, I'm not certain that all CAS-using campus would like to have their
+# usernames lower-cased, though I'm guessing it won't hurt. But I'm absolutely
+# sure that spaces should be stripped, always. I'll propose a patch to
+# django_cas; but in the meantime, let's reach into django_cas and fix it.
+
+if hasattr(backends, '_verify'):
+    _orig_verify = backends._verify
+    def _newverify(*args, **kwargs):
+        username = _orig_verify(*args, **kwargs)
+        if username:
+            username = username.lower().strip()
+        return username
+    backends._verify = _newverify
 
 
-class CASBackend(django_cas.backends.CASBackend):
+class CASBackend(backends.CASBackend):
 
     def authenticate(self, ticket, service):
         """Authenticates CAS ticket and retrieves user data"""