Merge pull request #93 from francoisfreitag/django_upgrade

 Add compatibility with Django master

Author: knaperek

djangosaml2/tests/__init__.py

@@ -22,14 +22,19 @@
 
 from django.conf import settings
 from django.contrib.auth import SESSION_KEY, get_user_model
-from django.contrib.auth.models import User, AnonymousUser
+from django.contrib.auth.models import AnonymousUser
 from django.contrib.sessions.middleware import SessionMiddleware
-from django.core.urlresolvers import reverse
+try:
+    from django.urls import reverse
+except ImportError:
+    from django.core.urlresolvers import reverse
 from django.template import Template, Context
 from django.test import TestCase
 from django.test.client import RequestFactory
-from django.utils.text import force_text
-from django.utils.six import text_type
+try:
+    from django.utils.encoding import force_text
+except ImportError:
+    from django.utils.text import force_text
 from django.utils.six.moves.urllib.parse import urlparse, parse_qs
 
 from saml2.config import SPConfig

djangosaml2/utils.py

@@ -12,8 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+import django
 from django.conf import settings
 from django.core.exceptions import ImproperlyConfigured
+from django.utils.http import is_safe_url
 from django.utils.module_loading import import_string
 from saml2.s_utils import UnknownSystemEntity
 
@@ -78,3 +80,11 @@ def fail_acs_response(request, *args, **kwargs):
     failure_function = import_string(get_custom_setting('SAML_ACS_FAILURE_RESPONSE_FUNCTION',
                                                         'djangosaml2.acs_failures.template_failure'))
     return failure_function(request, *args, **kwargs)
+
+
+def is_safe_url_compat(url, allowed_hosts=None, require_https=False):
+    if django.VERSION >= (1, 11):
+        return is_safe_url(url, allowed_hosts=allowed_hosts, require_https=require_https)
+    assert len(allowed_hosts) == 1
+    host = allowed_hosts.pop()
+    return is_safe_url(url, host=host)

djangosaml2/views.py

@@ -24,16 +24,19 @@
 from django.conf import settings
 from django.contrib import auth
 from django.contrib.auth.decorators import login_required
-from django.contrib.auth.views import logout as django_logout
+try:
+    from django.contrib.auth.views import LogoutView
+    django_logout = LogoutView.as_view()
+except ImportError:
+    from django.contrib.auth.views import logout as django_logout
 from django.core.exceptions import PermissionDenied, SuspiciousOperation
 from django.http import Http404, HttpResponse
 from django.http import HttpResponseRedirect  # 30x
-from django.http import  HttpResponseBadRequest, HttpResponseForbidden  # 40x
+from django.http import HttpResponseBadRequest  # 40x
 from django.http import HttpResponseServerError  # 50x
 from django.views.decorators.http import require_POST
 from django.shortcuts import render
 from django.template import TemplateDoesNotExist
-from django.utils.http import is_safe_url
 from django.utils.six import text_type, binary_type
 from django.views.decorators.csrf import csrf_exempt
 
@@ -51,7 +54,10 @@
 from djangosaml2.conf import get_config
 from djangosaml2.overrides import Saml2Client
 from djangosaml2.signals import post_authenticated
-from djangosaml2.utils import fail_acs_response, get_custom_setting, available_idps, get_location, get_idp_sso_supported_bindings
+from djangosaml2.utils import (
+    available_idps, fail_acs_response, get_custom_setting,
+    get_idp_sso_supported_bindings, get_location, is_safe_url_compat,
+)
 
 
 logger = logging.getLogger('djangosaml2')
@@ -106,7 +112,7 @@ def login(request,
         came_from = settings.LOGIN_REDIRECT_URL
 
     # Ensure the user-originating redirection url is safe.
-    if not is_safe_url(url=came_from, host=request.get_host()):
+    if not is_safe_url_compat(url=came_from, allowed_hosts={request.get_host()}):
         came_from = settings.LOGIN_REDIRECT_URL
 
     # if the user is already authenticated that maybe because of two reasons:
@@ -315,7 +321,7 @@ def assertion_consumer_service(request,
     if not relay_state:
         logger.warning('The RelayState parameter exists but is empty')
         relay_state = default_relay_state
-    if not is_safe_url(url=relay_state, host=request.get_host()):
+    if not is_safe_url_compat(url=relay_state, allowed_hosts={request.get_host()}):
         relay_state = settings.LOGIN_REDIRECT_URL
     logger.debug('Redirecting to the RelayState: %s', relay_state)
     return HttpResponseRedirect(relay_state)
@@ -451,7 +457,7 @@ def finish_logout(request, response, next_page=None):
     if response and response.status_ok():
         if next_page is None and hasattr(settings, 'LOGOUT_REDIRECT_URL'):
             next_page = settings.LOGOUT_REDIRECT_URL
-        logger.debug('Performing django_logout with a next_page of %s',
+        logger.debug('Performing django logout with a next_page of %s',
                      next_page)
         return django_logout(request, next_page=next_page)
     else:

tests/settings.py

@@ -12,6 +12,8 @@
 
 import os
 
+import django
+
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
@@ -34,7 +36,7 @@
     'testprofiles',
 )
 
-MIDDLEWARE_CLASSES = (
+MIDDLEWARE = (
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
@@ -44,6 +46,9 @@
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 )
 
+if django.VERSION < (1, 10):
+    MIDDLEWARE_CLASSES = MIDDLEWARE
+
 ROOT_URLCONF = 'testprofiles.urls'
 
 TEMPLATES = [

tox.ini

@@ -1,5 +1,5 @@
 [tox]
-envlist = py{27,35}-django{18,19,110,111,master}
+envlist = py27-django{18,19,110,111}, py36-django{18,19,110,111,master}
 
 [testenv]
 commands =