From b72ed6e4f3843fe4da1f5ec81fdd9c1c87263dbc Mon Sep 17 00:00:00 2001 From: gfawcett Date: Wed, 2 Feb 2011 02:34:03 +0000 Subject: [PATCH] monkey-patch django_cas to scrub usernames returned from CAS server. git-svn-id: svn://svn.open-ils.org/ILS-Contrib/servres/trunk@1220 6d9bc8c9-1ec2-4278-b937-99fde70a366f --- conifer/integration/cas.py | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/conifer/integration/cas.py b/conifer/integration/cas.py index b937c93..bdd0ddc 100644 --- a/conifer/integration/cas.py +++ b/conifer/integration/cas.py @@ -12,10 +12,31 @@ # conifer/syrup/models.py. -import django_cas.backends +from django_cas import backends + +# First, we monkey-patch the django_cas verifier. +# +# Okay, monkey-patching is lame. But I have a problem with the way django_cas +# fails to clean usernames. At Windsor, if you log in as '_FAWCETT_', where +# '_' is a space, django_cas will create a new User object for +# username='_FAWCETT_', even if a user 'fawcett' exists. Bad! +# +# Now, I'm not certain that all CAS-using campus would like to have their +# usernames lower-cased, though I'm guessing it won't hurt. But I'm absolutely +# sure that spaces should be stripped, always. I'll propose a patch to +# django_cas; but in the meantime, let's reach into django_cas and fix it. + +if hasattr(backends, '_verify'): + _orig_verify = backends._verify + def _newverify(*args, **kwargs): + username = _orig_verify(*args, **kwargs) + if username: + username = username.lower().strip() + return username + backends._verify = _newverify -class CASBackend(django_cas.backends.CASBackend): +class CASBackend(backends.CASBackend): def authenticate(self, ticket, service): """Authenticates CAS ticket and retrieves user data""" -- 2.11.0