Django CAS 1.0/2.0/3.0 client authentication library, support Django 2.0, 2.1, 2.2, 3.0 and Python 3.5+

Related tags

Authenticationpythondjangocasssodjango-casdjangocas
Overview

django-cas-ng

https://travis-ci.org/django-cas-ng/django-cas-ng.svg?branch=master https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square

django-cas-ng is Django CAS (Central Authentication Service) 1.0/2.0/3.0 client library to support SSO (Single Sign On) and Single Logout (SLO).

It supports Django 2.0, 2.1, 2.2, 3.0 and Python 3.5+!

This project inherits from django-cas (which has not been updated since April 2013) at 2014. The ng stands for "next generation". Our fork will include bugfixes and new features contributed by the community.

Document

Checkout document at https://djangocas.dev/docs/latest/

Quick links:

Features

  • Supports CAS versions 1.0, 2.0 and 3.0
  • Support Single Logout (needs CAS server support)
  • Supports Token auth schemes
  • Can fetch Proxy Granting Ticket
  • Supports Django 2.0, 2.1, 2.2 and 3.0
  • Supports using a User custom model
  • Supports Python 3.5+
  • Supports typing hints in public API.

To support django 1.x and Python 2.x, please use 3.6.0.

Contributing

New contributors are always welcome! Check out Contribution to get involved.

Change Log

This project adheres to Semantic Versioning. Checkout all the Changelog.

Comments
  • Mysql utf8 database issue since 4.2.0

    Mysql utf8 database issue since 4.2.0

    Platform & Version Platform: Linux django-cas-ng: >= 4.2.0 Django: 3.2 Python: 3.8 CAS Server Software and version: 3

    Describe the bug The migration needed for django-cas-ng >= 4.2.0 fails on a utf8 mysql/mariadb database with error :

    1071, 'Specified key was too long; max key length is 3072 bytes'

    It works with a "smaller" collation, such as latin_sweedish_ci, but it is supposed to work on utf8 databases too, isn't it ?

    To Reproduce Steps to reproduce the behavior:

    1. use a utf8 mysql database
    2. update django-cas-ng >=4.2.0
    3. migrate
    4. see "1071, 'Specified key was too long; max key length is 3072 bytes'"

    Expected behavior migration succeeds on a utf8 database

    Screenshots

    Additional context mariadb server is debian stable

    Thanks

    bug help wanted wontfix 
    opened by pix106 19
  • SSL: CERTIFICATE_VERIFY_FAILED

    SSL: CERTIFICATE_VERIFY_FAILED

    I get a SSL: CERTIFICATE_VERIFY_FAILED error with the latest version when the CAS server uses a self-signed certificate. I didn't get this error with the previous version 3.5.5.

    I downgraded to 3.5.5 and it works for me, but I thought you might want to know...

    opened by michel-kraemer 12
  • Forbidden in 3.4

    Forbidden in 3.4

    I have a super simple django-cas-ng test project with nothing installed but Django 1.7 and django-cas-ng, with these settings:

    CAS_SERVER_URL = 'https://cas.oursite.edu/cas/login'
CAS_ADMIN_PREFIX = '/admin'
CAS_LOGOUT_COMPLETELY = True

    plus the login/logout URLs shown in the docs.

    With versions 3.1, 3.2 and 3.3, it works just fine. But when I upgrade to 3.4 or 3.4.1 I get:

    http://127.0.0.1:8000/accounts/login?next=%2F&ticket=ST-2138-43ZolaFcMAeLcZjAK-cas.oursite.edu

        Forbidden
    Login failed.

    (403 on the GET request as shown in runserver). Is there an additional setting or configuration I need to use when upgrading?

    opened by shacker 12
  • Add 3.5.10 -> 3.6.0 migration guide

    Add 3.5.10 -> 3.6.0 migration guide

    3.6.0 is a breaking change, and really should have been a major release. Let's add a short migration guide to the release notes. It should include both the change of imports (#189) and the need for the cas_ng_login name (#179).

    enhancement wontfix 
    opened by piotrb5e3 9
  • modified: django_cas_ng/views.py

    modified: django_cas_ng/views.py

    Hello, Thank you for this nice library. Here our tiny contribution. This worked as expected with our CAS 3.4 service.

    -Fix bug in _logout_url for correct redirection after logout

    -Alter the login fail, response with a customizable view

    opened by RaphRi 9
  • CAS_FORCE_SSL_SERVICE_URL = True don't work on LogoutView

    CAS_FORCE_SSL_SERVICE_URL = True don't work on LogoutView

    Platform & Version Platform: Windows or Linux or Mac... django-cas-ng: 4.1.1 Django: 2.2.11 Python: 3.7.4 CAS Server Software and version: 4

    Describe the bug Hello,

    I use the following options :

    • CAS_FORCE_SSL_SERVICE_URL = True
    • CAS_IGNORE_REFERER=True
    • LOGOUT_REDIRECT_URL = '/'+BASE_URL_PATH+'........./'

    On the Logout page, I am not redirected in HTTPS.

    In the source code of django-cas-ng, the GET and POST methods of the LogoutView class do not call the get_service_url method which checks if CAS_FORCE_SSL_SERVICE_URL = True and initializes protocol = 'https'.

    Thank.

    bug wontfix 
    opened by jojo-80 8
  • Google style SSO login

    Google style SSO login

    Well, first thing I couldn't come up with better title for issue so apologies. Now, to the situation I have django-mama-cas as my cas server, and I am using django-cas-ng on three other applications. I have followed instruction for django-cas-ng as specified on your github page. A simple scenario, my apps are A, B, C when I successfully login into A then switch to tab and request login page for B I should be logged into B automatically(If I am not wrong this is what SSO is meant to do). How using django-cas-ng and django-mama-cas I can achieve this?

    opened by rajeshyogeshwar 8
  • Django 1.10 upgrade forced by upgrade

    Django 1.10 upgrade forced by upgrade

    I was on version 3.4.2 with Django v1.9.x, and ran:

    pip install --upgrade django-cas-ng==3.5.2

    and found my Django version was forced up to 1.10. I was able to downgrade it manually, but that probably should not have happened automatically, right?

    opened by shacker 7
  • AnonymousUser after login

    AnonymousUser after login

    In my template:

        {% if not user.is_authenticated %}
        Login button links to CAS server
     {% endif %}

    Under v 3.4.2 this works perfectly.

    After upgrading to 3.5.2, the login button still displays after successful login. If I render {{user}} in the template, the user is AnonymousUser after login (same if I print(request.user) in the view). If this user now clicks the Login button a second time, CAS recognizes them as pre-authenticated and logs them in immediately.

    It seems like the actual django login() call is no longer being invoked.

    Downgrading for now.

    opened by shacker 7
  • Migrations is missing

    Migrations is missing

    Hi, this lib breaks my test suit, it reports:

    django.db.utils.ProgrammingError: relation "auth_user" does not exist"

    If i run python manage.py makemigrations django_cas_ng && python manage.py migrate it works again.

    pip freeze:

    boto==2.38.0
click==6.0
Django==1.8.7
django-cas-ng==3.5.3
django-debug-toolbar==1.3.0
django-filter==0.11.0
django-mama-cas==1.2.0
django-mptt==0.7.4
django-nose==1.4.2
django-reversion==1.9.3
django-rosetta==0.7.6
django-storages-redux==1.3
django-suit==0.2.15
django-wysiwyg-redactor==0.4.9
djangorestframework==3.3.1
djangorestframework-gis==0.9.6
ecdsa==0.13
Fabric==1.10.0
geopy==1.11.0
gitdb==0.6.4
GitPython==1.0.1
Jinja2==2.8
MarkupSafe==0.23
microsofttranslator==0.5
nose==1.3.7
paramiko==1.16.0
pipdeptree==0.4.3
polib==1.0.7
psycopg2==2.6.1
pycrypto==2.6.1
python-cas==1.1.0
python-dotenv==0.1.3
requests==2.8.1
six==1.10.0
smmap==0.9.0
sqlparse==0.1.18
Unipath==1.0
wheel==0.24.0
    opened by mikaelengstrom 7
  • New Release

    New Release

    Hey Everyone, So I noticed that in commit: ddd0ee2 the model changed the name of session to session_key. I think this will break anyones install that had the tables built previous to this commit. I think that we should ship migrations with the upcoming release and provide documentation on how to run them. I think I have a little bit of time to try and put this together if people think it is worth the effort.

    If we do not want to provide migrations, I think the name should be changed back to session to avoid having to edit the database by hand.

    opened by bgroff 7
  • CAS_APPLY_ATTRIBUTES_TO_USER does not appear to add any attributes to user

    CAS_APPLY_ATTRIBUTES_TO_USER does not appear to add any attributes to user

    Platform & Version Platform: Linux django-cas-ng: 4.3.0 Django: 4.1 Python: 3.10 CAS Server Software and version: 3.0

    Describe the bug My CAS returns several fields (like departmentNumber or eduPersonAffiliation) that I'd like to access within my view. I set the CAS_APPLY_ATTRIBUTES_TO_USER setting to True in settings.py, but accessing the request.user in my views does not provide me with these fields. Is it normal ?

    To Reproduce Within any view functions:

    def my_view(request):
    print(dir(request.user))

    No differences wether CAS_APPLY_ATTRIBUTES_TO_USER is set to True or False.

    Expected behavior

    That a dict of the attributes returned by my CAS would be accessible

    bug 
    opened by paulgoulain 0
  • django.db.utils.OperationalError: (1071, 'Specified key was too long; max key length is 3072 bytes')

    django.db.utils.OperationalError: (1071, 'Specified key was too long; max key length is 3072 bytes')

    Platform & Version Platform: Mac m2 django-cas-ng: 4.3 Django: 4.1 Python: 3.10 CAS Server Software and version:

    Describe the bug

    django.db.utils.OperationalError: (1071, 'Specified key was too long; max key length is 3072 bytes')

    causes by:
    1 django_cas_ng migrate 2 Applying django_cas_ng.0002_auto_20201023_1400...Traceback (most recent call last): 3 ticket = models.CharField(max_length=1024)

    my plan: ticket = models.TextField(max_length=1024)

    bug 
    opened by xiaozhi-cn 3
Releases(v4.3.0)

  • v4.3.0(Jan 9, 2022)

    • PR #308: Improve redirect url when CAS_ROOT_PROXIED_AS is empty @mbaechtold
    • PR #307: Fix #306 the logout service url when using CAS_ROOT_PROXIED_AS @doomse
    • Add compatibility with Django 4.0. @mbaechtold
    • PR #305: Fix #304: warning on system check from Django 3.2 @corralien
    • PR #303: Remove unused travis [email protected]
    • PR #302: Add django 3.2 and py3.9/3.10 testing @nikolas
    • PR #298: Add CAS_SESSION_FACTORY setting to allow customizing requests Session @intgr
    • PR #296: Fix #281: session.session_key is None for signed_cookies sessions on first request @davidmgvaz
    • PR #295: Fix #294 DataError at /accounts/login/ value too long
    Source code(tar.gz)
    Source code(zip)
    django-cas-ng-4.3.0.tar.gz(17.88 KB)
    django_cas_ng-4.3.0-py2.py3-none-any.whl(26.27 KB)

  • v4.2.1(Jun 11, 2021)

  • v4.2.0(Jun 3, 2021)

    • PR #285: Fix #284: Change default of CAS_USERNAME_ATTRIBUTE to cas:user @b4ldr
    • PR #282: Bugfix: Let checking of the "next" URL parameter be configurable @sebastianmanger
    • PR #278: Add Django 3.1 to tox @nikolas
    • PR #277: Fix tox isort command @nikolas
    • PR #276: Don't use 'del' statement, to fix deepsource error @nikolas
    • PR #275: Fix deepsource error @nikolas
    • PR #274: Truncate session key if it's longer than possible @nikolas
    • PR #273: Remove Signal(providing_args=) argument, deprecated in Django 3.1 @intgr
    • PR #268: returned translations after merging a broken branch @jolob5l
    • PR #267: Add annotations for utils.py @jolob5l
    • PR #266: typing support @jolob5l
    • PR #265: Add russian and ukranian translations @jolob5l
    • PR #263: Fix typo in ProxyGrantingTicket.session_key max_length @nikolas
    • PR #262: Add the CAS_ADMIN_REDIRECT option to disable admin redirect @nikolas
    • PR #261: Increase session_key size to account for signed cookies - closes #260 @nikolas
    • PR #259: Change thrown exception to specific type @spielmannj
    • PR #258: Fix: v1 cas client create error @ibuler
    • PR #257: Fix: urljoin @LeoSirius
    Source code(tar.gz)
    Source code(zip)

  • v4.1.1(Feb 27, 2020)

  • v4.1.0(Feb 25, 2020)

  • v4.0.1(Jan 22, 2020)

  • v4.0.0(Jan 16, 2020)

    • Break change: Drop python 2.x support
    • Break change: Drop django 1.x support
    • PR-206: New behavior for CAS_USERNAME_ATTRIBUTE setting which will now fallback to setting the specified attribute for username when set with a value other than the default (uid) when using a CAS_VERSION that did not previously support this behavior (anything other than CAS_VERSION = 'CAS_2_SAML_1_0).
    • PR-195: Fix bug where session_key is empty after logging in.
    • PR-196: Add support for CAS response callbacks by setting CAS_RESPONSE_CALLBACKS (fix #109)
    • PR-131: Fix get_proxy_ticket method usage
    • PR-134: Allow relative CAS_SERVER_URL starts with '/' without protocol and hostname.
    • Fix #138 Patched README.rst example code.
    • PR-127: Update requirements.txt: django-cas to 1.2.0
    • PR-234: Run flake8 on the entire project
    • PR-233: Update Travis configuration and test matrix
    • PR-232: Remove test branches for Django.VERSION < 2
    • PR-231: Replace deprecated ugettext_lazy with gettext_lazy
    • PR-230: Document project as Python 3.5+ only
    • PR-229: Remove unnecessary workaround for unsupported Pythons
    • PR-222: Upgrade to support Django 3.0
    Source code(tar.gz)
    Source code(zip)
    django-cas-ng-4.0.0.tar.gz(27.49 KB)

  • v3.6.0(Nov 23, 2018)

    • Removed support for Django < 1.11.
    • PR-188: Introduce isort for automatic import ordering
    • PR-187: Remove unused workarounds for EOL Django < 1.10
    • PR-186: Simplify dependency handling in tox.ini
    • PR-184: Remove unnecessary distutils fallback from setup.py
    • PR-183: Use skip_install=true for lint or static tox targets
    • PR-182: Distribute package as a universal wheel
    • PR-181: Remove unused submodule python-cas
    • PR-180: Trim trailing white space throughout the project
    • PR-179: Class-based Login, Logout and Callback views, plus successful_login overridable method
    • PR-177: Fix #172 attributes that do not change being removed
    • PR-176: Fix #106: Adding CAS_VE RIFY_SSL_CERTIFICATE setting
    • PR-173: Include 'django_cas_ng.middleware.CASMiddleware' middleware in example settings of README
    • PR-171: Fix #170 in README: Fix broken links, add syntax highlighting and slight changes to the bad_attributes_reject example
    • Fix #164: Remove dead links in README
    Source code(tar.gz)
    Source code(zip)
    django-cas-ng-3.6.0.tar.gz(25.17 KB)
    django_cas_ng-3.6.0-py2.py3-none-any.whl(32.58 KB)

  • v3.5.10(Oct 9, 2018)

    • PR-149: Add CAS_PROXIED_AS config: Allow functioanlity behind a proxy server like mod_auth_cas for apache.
    • PR-150: Django 2.0 compatibility (user.is_authenticated).
    • PR-154: Catalan and Spanish translation
    • PR-156: Add support for CAS attributes renaming
    • PR-165: Fix CAS_ROOT_PROXIED_AS double slash
    Source code(tar.gz)
    Source code(zip)
    django-cas-ng-3.5.10.tar.gz(24.54 KB)

  • v3.5.9(Jan 2, 2018)

    • Add the optional setting CAS_CREATE_USER_WITH_ID. (PR #129)
    • Fix get_proxy_ticket method usage. (PR #131)
    • Add django 2.0 compability. (PR #143 #146)
    • Added bad_attributes_reject to check SAML key/value attributes. (PR #145)
    Source code(tar.gz)
    Source code(zip)

  • v3.5.8(Jun 30, 2017)

    • Upgrade django-cas to 1.2.0
    • Fix: Coerce boolean strings in attributes to actual boolean values
    • Update middleware for consistency with new-style django middleware
    • Add CAS_APPLY_ATTRIBUTES_TO_USER new settings option to apply attributes to User model.
    • Add support for applying attributes returned from ticket to User model
    Source code(tar.gz)
    Source code(zip)
    django-cas-ng-3.5.8.tar.gz(16.52 KB)

  • v3.5.7(Apr 2, 2017)

  • v3.5.6(Nov 6, 2016)

  • v3.5.5(Sep 28, 2016)

    • Login after the session is created, fix the need for double login (such as #83, might fix it but seems slightly different)
    • Fix #96 Login after the session is created, fix the need for double login
    • Fix #95 by delete django requirement from setup.py
    • Fix #91 - raise PermissionDenied rather than return HttpResponseForbidden
    • Add check_additional_permissions to the backend. This allows one to subclass the backend and add arbitrary user permissions checks when authenticating.
    Source code(tar.gz)
    Source code(zip)
    django-cas-ng-3.5.5.tar.gz(14.73 KB)

  • v3.5.4(Apr 27, 2016)

    • Support for string view arguments to url() is deprecated and will be removed in Django 1.10.
    • Add migrations.
    • Add initial migrations file.
    • Add CAS_FORCE_CHANGE_USERNAME_CASE option to convert username case to lower or upper. This prevent duplicate account creation in some case.
    • Bugfix for loop redirect when CAS_ADMIN_PREFIX is set as root.
    Source code(tar.gz)
    Source code(zip)
    django-cas-ng-3.5.4.tar.gz(14.52 KB)

  • v3.5.3(Nov 20, 2015)

  • v3.5.2(Nov 19, 2015)

  • v3.5.1(Nov 11, 2015)

  • v3.5.0(Nov 8, 2015)

    • Add support for Proxy Granting Ticket.
    • Add Single Logout support.
    • Add Python3 support.
    • Add Django 1.8 support.
    • Add support for custom user model.
    • Add CAS_USERNAME_ATTRIBUTE which allows picking an alternative variable to store the username in the cas attributes.
    • Add CAS_DISPLAY_LOGIN_MESSAGE setting to control whether show welcome message, default is true.
    • Fix redirecting with the "?next" parameter.
    Source code(tar.gz)
    Source code(zip)
    django-cas-ng-3.5.0.tar.gz(13.11 KB)

  • v3.4.2(Jan 11, 2015)

  • v3.4.1(Nov 27, 2014)

  • v3.4.0(Nov 12, 2014)

  • v3.3.0(Nov 5, 2014)

  • v3.2.0(Oct 25, 2014)

  • v3.1.0(May 27, 2014)

  • v3.0.0(May 23, 2014)

Owner
django-cas-ng
Django CAS (Central Authentication Service) 1.0/2.0/3.0 client library to support SSO (Single Sign On) and Single Sign Out! 2014-2020
django-cas-ng
GitHub Repository https://djangocas.dev/
A Python tool to generate and refresh Amazon access tokens.

amazon_auth A Python tool to generate and refresh Amazon access tokens. Description This tool generates and outputs Amazon access and refresh tokens f

15 Nov 21, 2022
Authentication for Django Rest Framework

Dj-Rest-Auth Drop-in API endpoints for handling authentication securely in Django Rest Framework. Works especially well with SPAs (e.g React, Vue, Ang

Michael 1.1k Jan 03, 2023
Authware API wrapper for Python 3.5+

AuthwarePy Asynchronous wrapper for Authware in Python 3.5+ View our documentation 📲 Installation Run this to install the library via pip: pip instal

Authware 3 Feb 09, 2022
Use this to create (admin) personal access token in gitlab database. Mainly used for automation.

gitlab-personal-access-token Ensure PAT is present in gitlab database. This tool is mainly used when you need to automate gitlab installation and conf

CINAQ Internet Technologies 1 Jan 30, 2022
A simple Boilerplate to Setup Authentication using Django-allauth 🚀

A simple Boilerplate to Setup Authentication using Django-allauth, with a custom template for login and registration using django-crispy-forms.

Yasser Tahiri 13 May 13, 2022
Object Moderation Layer

django-oml Welcome to the documentation for django-oml! OML means Object Moderation Layer, the idea is to have a mixin model that allows you to modera

Angel Velásquez 12 Aug 22, 2019
Basic auth for Django.

Basic auth for Django.

bichanna 2 Mar 25, 2022
A JSON Web Token authentication plugin for the Django REST Framework.

Simple JWT Abstract Simple JWT is a JSON Web Token authentication plugin for the Django REST Framework. For full documentation, visit django-rest-fram

Jazzband 3.2k Dec 28, 2022
A host-guest based app in which host can CREATE the room. and guest can join room with room code and vote for song to skip. User is authenticated using Spotify API

A host-guest based app in which host can CREATE the room. and guest can join room with room code and vote for song to skip. User is authenticated using Spotify API

Aman Raj 5 May 10, 2022
This Python based program checks your CC Stripe Auth 1$ Based Checker

CC-Checker This Python based program checks your CC Stripe Auth 1$ Based Checker About Author Coded by xBlackx Reach Me On Telegram @xBlackx_Coder jOI

xBlackxCoder 11 Nov 20, 2022
FastAPI Simple authentication & Login API using GraphQL and JWT

JeffQL A Simple FastAPI authentication & Login API using GraphQL and JWT. I choose this Name JeffQL cause i have a Low level Friend with a Nickname Je

Yasser Tahiri 26 Nov 24, 2022
Automatizando a criação de DAGs usando Jinja e YAML

Automatizando a criação de DAGs no Airflow usando Jinja e YAML Arquitetura do Repo: Pastas por contexto de negócio (ex: Marketing, Analytics, HR, etc)

Arthur Henrique Dell' Antonia 5 Oct 19, 2021
Skit-auth - Authorization for skit.ai's platform

skit-auth This is a simple authentication library for Skit's platform. Provides

Skit 3 Jan 08, 2022
Djagno grpc authentication service with jwt auth

Django gRPC authentication service STEP 1: Install packages pip install -r requirements.txt STEP 2: Make migrations and migrate python manage.py makem

Saeed Hassani Borzadaran 3 May 16, 2022
AddressBookApp - Address Book App in Django

AddressBookApp Application Name Address Book App in Django, 2022 Technologies La

Joshua K 1 Aug 18, 2022
JWT authentication for Pyramid

JWT authentication for Pyramid This package implements an authentication policy for Pyramid that using JSON Web Tokens. This standard (RFC 7519) is of

Wichert Akkerman 73 Dec 03, 2021
This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes

SyscallExtractorAnalyzer This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes Goals Teach

Truvis Thornton 18 Jul 09, 2022
FastAPI-Login tries to provide similar functionality as Flask-Login does.

FastAPI-Login FastAPI-Login tries to provide similar functionality as Flask-Login does. Installation $ pip install fastapi-login Usage To begin we hav

417 Jan 07, 2023
Extending the Django authentication system with a phone verification step.

Extending the Django authentication system with a phone verification step.

Miguel Grinberg 50 Dec 04, 2022
Flask user session management.

Flask-Login Flask-Login provides user session management for Flask. It handles the common tasks of logging in, logging out, and remembering your users

Max Countryman 3.2k Dec 28, 2022